Editing WSDL security profiles
To ensure that your service test uses the correct security
protocols to access a SOAP-based service, you must specify a security
profile for the (Web Service Description Language) WSDL file. After
a security profile is set up, it can be reused in multiple web service
calls.
- WSDL security editor overview
With the WSDL security editor you can create the SOAP algorithm
stacks that are associated with a web service operation. Algorithm
stacks contain digital certificate information and the security algorithms
that are applied to messages to perform secure communication with
a web service.
- Creating security profiles for WSDL files
You can create SOAP security profiles for use with web
service calls or message returns that require message encryption,
signature or other advanced security algorithms.
- Using a security policy
The WS-Policy specification enables web services to use
XML to publish their security policies either as part of the Web Services
Description Language (WSDL) file (compliant with the WS-PolicyAttachment
specification) or as a separate XML document. With the WSDL Security
Editor, you can create a security profile that uses a policy that
complies with the WS-Policy specification.
- Implementing a custom security algorithm
You can define your own security algorithms for SOAP security
profiles by implementing custom security Java™ interfaces
that can be used in the WSDL security editor. With custom security
algorithms, you can implement proprietary security algorithms that
transform the XML before sending and after receiving message content.
- Adding WS-Addressing to a security configuration
The WS-Addressing specification provides transport-neutral
mechanisms that enable SOAP-based web services to communicate addressing
information. You can use WSDL security algorithms to add WS-Addressing
to your service tests.