Sun Microsystems 820433510 Server User Manual


 
Actions of Request and Response Policy
Congurations
The following table shows message protection policy congurations and the resulting message
security operations performed by the WS-Security SOAP message security providers for that
conguration.
TABLE 10–1 Messageprotection policy to WS-Security SOAPmessage security operation mapping
MessageProtectionPolicy ResultingWS-SecuritySOAPmessageprotectionoperations
auth-source="sender" Themessage contains a wsse:Security headerthat
contains a wsse:UsernameToken (withpassword).
auth-source="content" The content of theSOAP messageBody is signed.The
message contains awsse:Security header that contains
the message Body signature representedas a
ds:Signature.
auth-source="sender"
auth-recipient="before-content"
OR
auth-recipient="after-content"
The content ofthe SOAP messageBody isencrypted and
replaced with theresulting xend:EncryptedData. The
message contains a wsse:Security header that contains
a wsse:UsernameToken (with password) and an
xenc:EncryptedKey. The xenc:EncryptedKey contains
the key usedto encrypt the SOAP message body.The key
is encrypted inthe public key of the recipient.
auth-source="content"
auth-recipient="before-content"
The content ofthe SOAP messageBody isencrypted and
replaced with theresulting xend:EncryptedData. The
xenc:EncryptedData is signed. Themessage contains a
wsse:Security header that containsan
xenc:EncryptedKey and a ds:Signature. The
xenc:EncryptedKey contains the keyused to encrypt the
SOAP message body.The key is encrypted in thepublic
key of therecipient.
auth-source="content"
auth-recipient="after-content"
The content ofthe SOAP messageBody issigned, then
encrypted, and thenreplaced with the resulting
xend:EncryptedData. The message containsa
wsse:Security header that containsan
xenc:EncryptedKey and a ds:Signature. The
xenc:EncryptedKey contains the keyused to encrypt the
SOAP message body.The key is encrypted in thepublic
key of therecipient.
ConguringtheEnterprise ServerforMessage Security
SunGlassFishEnterpriseServer2.1AdministrationGuide • December2008134