Show TOC

Procedure documentationConfiguring Communication Security and Authentication Methods Locate this document in the navigation structure

 

With these settings you specify the fundamental communication security and with it a compatible authentication method. The authentication method determines how the Web service consumer authenticates themself with the Web service provider.

Note Note

These attributes are only displayed for non-local calls.

End of the note.

Recommendation Recommendation

Note that these settings only make sense in the context of a comprehensive security scenario.

More information on the recommended security settings: Recommended WS Security Scenarios.

End of the recommendation.

Procedure

First select the communication security and then the required authentication method.

Attributes for Communication Security

Attribute

Description

None

Does not specify any special communication security.

HTTPS (Transport channel security)

Specifies that HTTP communication is secured by SSL.

For more information, see: Network and Transport Layer Security

Asymmetrical Message Signature/Encryption

Specifies secure transfer of messages based on XML signatures and encryption.

For more information, see: WS Security XML Signature/Encryption

Symmetrical Message Signature/Encryption

Specifies secure transfer of messages based on XML signatures and encryption.

This uses a symmetrical key for signatures and encryption.

For more information, see: WS Security XML Signature/Encryption

You can set an additional security measure according to the WS SecureConversation standard for HTTPS and Asymmetrical or Symmetrical Message Signature/Encryption.

To do so, select the check boy (only displayed if one of the above values was selected for communication security).

For more information, see: WS SecureConversation

Attributes for Authentication

Attribute

Description

None

Specifies that no authentication method is to be used.

User ID/Password (Transport Channel Authentication)

Specifies authentication with user ID and password in the HTTP header.

For more information, see: HTTP Transport Level Authentication

X.509 SSL Client Certificate (Authentication at Transport Level)

Determines authentication using X.509 client certificates.

For more information, see: HTTP Transport Level Authentication

Single Sign On Using Assertion Ticket (Authentication at Transport Level)

Specifies authentication using assertion ticket in the HTTP header.

For more information, see: HTTP Transport Level Authentication

User ID/Password (Authentication at Message Level)

Specifies authentication using security token in the message header.

Security token is defined in the WS Security standard.

For more information, see: WS Security UsernameToken

X.509 Certificate (Message Authentication)

Specifies authentication using XML signature and encryption with X.509 certificates.

For more information, see: WS Security XML Signature/Encryption

Single Sign On with SAML (Authentication in Message)

Specifies authentication at message level based on the Security Assertion Markup Language (SAML 1.1) standard.

For more information, see: SAML Token Profile

Note that there are dependencies between the communication security set and the authentication method that can be chosen.

You can set the following combinations of communication security and authentication methods.

Note Note

An error message is displayed if you select an invalid combination.

End of the note.
Permitted Combinations of Communication Security and Authentication Methods

Secure Communications

Compatible Authentication Methods

None

  • None

  • User ID/Password (Transport Channel Authentication)

  • Single Sign On Using Assertion Ticket (Authentication at Transport Level)

  • User ID/Password (Authentication at Message Level)

  • X.509 Certificate (Message Authentication)

  • Single Sign On with SAML (Authentication in Message)

HTTPS (Transport channel security)

  • User ID/Password (Transport Channel Authentication)

  • X.509 SSL Client Certificate (Authentication at Transport Level)

  • Single Sign On Using Assertion Ticket (Authentication at Transport Level)

  • User ID/Password (Authentication at Message Level)

  • Single Sign On with SAML (Authentication in Message)

Asymmetrical Message Signature/Encryption

  • User ID/Password (Authentication at Message Level)

  • X.509 Certificate (Message Authentication)

  • Single Sign On with SAML (Authentication in Message)