Signed part settings

Use this page to define the elements of a signed part. Signed parts are used to protect message integrity and, in this case, the signed parts are being defined as part of the policy set process.

To view this administrative console page, complete the following actions:
  1. Click Services > Policy sets > Application policy sets > policy_set_name.
  2. Click a WS-Security policy in the Policies table.
  3. Click either the Main policy link or the Bootstrap policy link.
  4. Click the Request message part protection link under the Request Policies section or the Response message part protection link under the Response Policies section.
  5. In the Integrity protection section, click one of the following:
    • Click Add to add a new signed part.
    • Select an existing signed part and click Edit.
Name of part to be signed

Specifies the name of this set of one of more message parts that you have selected to sign. The name you choose is treated as a label and must be unique within the Response message part protection or Request message part protection collections for this WS-Security policy.

Elements in part

Specifies a list of the message elements included in the signed part. The Elements in part field contains a listing of message elements that are included in this signed part to provide message integrity. Using the Add Specified Elements button and the information in the Specify Elements to Add section or the Remove Selected Elements button, you can change the elements to be included in this signed part.

Add Specified Elements

Enables you to define a message element and add it to the listing of elements in this signed part.

To add a message element to this signed part, first specify one of the following in the Specify elements to add section and then click the Add Specified Elements button:
  • Protect message body
  • XPath expression
  • QName (for SOAP header elements only)
Remove Selected Elements

Enables the removal of a selected message element from the listing of elements in this signed part. To remove a message element from this signed part, first click the element to remove from the Elements in part list and then click the Remove Selected Elements button.

Protect message body

Specifies if the message body is protected in this part. To protect the message body in this part, click the Protect message body button.

XPath expression

Specifies if the displayed XPath expression is used as the method for specifying that a specific element is included in this part. Click the XPath expression radio button and provide an expression in the entry field that represents the message part to sign.

QName

To sign a SOAP header element, select the QName radio button and provide the namespace and optionally the localname of the SOAP header element to sign. If the localname is omitted, all SOAP header elements with the specified namespace are signed. Note that in order to use the QName selection method, the SOAP header elements must be the immediate children of the SOAP header. You cannot select header elements that are sub-elements of other elements in the SOAP header using QName. In this case, you must use an XPath expression to select these header elements.




Links marked (online) require access to the Internet.

Related tasks
Related reference

uwbs_wsspssipa