With these settings you specify the fundamental communication security and with it a compatible authentication method. The authentication method determines how the Web service consumer authenticates themself with the Web service provider.
Note
These attributes are only displayed for non-local calls.
Recommendation
Note that these settings only make sense in the context of a comprehensive security scenario.
More information on the recommended security settings: Recommended WS Security Scenarios.
First select the communication security and then the required authentication method.
Attribute |
Description |
---|---|
None |
Does not specify any special communication security. |
HTTPS (Transport channel security) |
Specifies that HTTP communication is secured by SSL. For more information, see: Network and Transport Layer Security |
Asymmetrical Message Signature/Encryption |
Specifies secure transfer of messages based on XML signatures and encryption. For more information, see: WS Security XML Signature/Encryption |
Symmetrical Message Signature/Encryption |
Specifies secure transfer of messages based on XML signatures and encryption. This uses a symmetrical key for signatures and encryption. For more information, see: WS Security XML Signature/Encryption |
You can set an additional security measure according to the WS SecureConversation standard for HTTPS and Asymmetrical or Symmetrical Message Signature/Encryption.
To do so, select the check boy (only displayed if one of the above values was selected for communication security).
For more information, see: WS SecureConversation
Attribute |
Description |
---|---|
None |
Specifies that no authentication method is to be used. |
User ID/Password (Transport Channel Authentication) |
Specifies authentication with user ID and password in the HTTP header. For more information, see: HTTP Transport Level Authentication |
X.509 SSL Client Certificate (Authentication at Transport Level) |
Determines authentication using X.509 client certificates. For more information, see: HTTP Transport Level Authentication |
Single Sign On Using Assertion Ticket (Authentication at Transport Level) |
Specifies authentication using assertion ticket in the HTTP header. For more information, see: HTTP Transport Level Authentication |
User ID/Password (Authentication at Message Level) |
Specifies authentication using security token in the message header. Security token is defined in the WS Security standard. For more information, see: WS Security UsernameToken |
X.509 Certificate (Message Authentication) |
Specifies authentication using XML signature and encryption with X.509 certificates. For more information, see: WS Security XML Signature/Encryption |
Single Sign On with SAML (Authentication in Message) |
Specifies authentication at message level based on the Security Assertion Markup Language (SAML 1.1) standard. For more information, see: SAML Token Profile |
Note that there are dependencies between the communication security set and the authentication method that can be chosen.
You can set the following combinations of communication security and authentication methods.
Note
An error message is displayed if you select an invalid combination.
Secure Communications |
Compatible Authentication Methods |
---|---|
None |
|
HTTPS (Transport channel security) |
|
Asymmetrical Message Signature/Encryption |
|