The X.509 certificate token profile is a security token defined by the OASIS Web Services Security (WS Security) Technical Committee as the standard Web Services Security UsernameToken Profile 1.0 for using X.509 certificates for Web services at SOAP message level. The X.509 certificate token profile therefore corresponds to the X.509 client certificate at transport level. We use the token type #X509v3.
You use the X.509 certificate token profile to generate an XML signature to authenticate the Web service provider or consumer. The Web service provider supports the following signature types, whereby it enters its preference in WSDL:
Key ID
Reference to a binary security token
Reference to issuer and serial number of an X.509 certificate
Reference to an X.509 thumbprint attribute of a certificate
The Web service consumer uses the signature type specified in WSDL.
If you have configured encryption in the SOA Manager or in the PI Directory, the X.509 certificate token profile supports this.
For Web service consumers to be able to use their X.509 certificate token profile to authenticate themselves, you need to assign the token profiles to the users of the Web service providers or consumers, in a similar way to an X.509 certifiicate.
More information: Configuring the System for Using X.509 Client Certificates.
(AS Java) NWSECURITY_SSO_WSSEC_13 712