Highlighted
benze Absent Member.
Absent Member.
342 views

Problems using Message Security (SignOnlyWithMutualCertificate)

I have encountered several complications with Message Security when trying to use SignOnlyWithMutualCertificate.   But these questions seem to apply to any Message Level Security.  

 

1) How do I specify to HPSV what fields, etc, I wish to sign when using Message Security?  I have requirements to sign several parts of my SOAP message, but I cannot find any options in the service descriptors in HPSV as to fields to sign.

 

For instance, in my requirements, I need to sign the following fields:

 

  • Body 
  • Timestamp
  • serviceContext (field in our own header XSDs) 
  • Action
  • MessageID
  • UsernameToken

 

How/where to I specify to HPSV that these are the fields I wish to sign?  

 

2) As a related question, is there any way to indicate to HPSV that I want it to act as a simple pass-through?  I do not wish for it to alter my request at all, and simply pass my requests and responses through.  Is there any way to accomplish that?

Tags (1)
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.