Message protection involves encrypting the message for message confidentiality and signing the message for message integrity. OWSM predefined policies and any policy you create using one of the message-protection assertion templates provide the options for message confidentiality, message integrity, or both.
The following steps summarize what you must do to configure the clients and services for message protection:
- Attach the appropriate message protection policy to each of the clients and services.
Note: Message protection-only policies do not authenticate or authorize the requester.
- Sign the message if you want message integrity.
- Encrypt the message if you want message confidentiality.
- Add the required public and private keys to the keystores of the clients and services. This step requires you to configure the keystore, as described in « Configuring Keystores for Message Protection ».
To sign and encrypt SOAP messages, you use public and private signature and encryption keys that you store in the OWSM keystore for the WebLogic domain. The keystore configuration is domain wide: all Web services and Web service clients in the domain use this keystore.
Sanae BEKKAR - My Blog - 
Laisser un commentaire