The UserName token authentication is able to authenticate against a configured LDAP module. In previous releases, the UserName token authentication could only use the Access Manager file-based authentication realm.
SOAPRequestHandler now returns the SSOToken set in the Subject, in addition to X509 or UserName token that was used for authentication. The SSOToken is in the format usable to the PolicyEvaluator API.
When using X509 token with an invalid certificate, Access Manager always accepts the certificate, despite the fact that the root CA is not in the Keystore. this problem has been fixed.
A web service user can now choose boolean configuration for SOAP request signing.
Access Manager Policy Agent profiles can apply a digital signature to the service request and the service response. In previous releases, digital signature could be used only in case when X509 token is included into SOAP message for authentication.
Access Manager Policy Agent profiles are now able to encrypt SOAP request body and SOAP response body.
Access Manager now supports the encryption of SOAP message with extra spaces and new lines between XML elements of SOAP message. It is common to see SOAP messages with extra spaces and new lines inserted for better readability.