Security
The following attributes define web service client security attributes:
Security Mechanism
Defines the type of security credential that is used to secure the web service client request. You can choose one of the following security credential types:
-
Anonymous — The anonymous security mechanism contains no security credentials.
-
KerberosToken — Uses Kerberos security tokens.
-
LibertyDiscoverySecurity — Uses Liberty-based security tokens.
-
SAML-HolderOfKey — Uses the SAML 1.1 assertion type Holder-Of-Key.
-
SAML-SenderVouches — Uses the SAML 1.1 assertion type Sender Vouches.
-
SAML2–HolderOfKey — Uses the SAML 2.0 assertion token type Holder-Of-Key.
-
SAML2–SenderVouches — Uses the SAML 2.0 assertion token type Sender Vouches.
-
STSSecurity — Uses the security token generated from the Security Token service for a given web service provider.
-
UserNameToken — Uses User Name Token with digest password.
-
UserNameToken-Plain — Uses a user name token with a clear text password for securing web service requests.
-
X509Token — Uses the X509 certificate.
STS Configuration
This attribute is enabled when the web service client uses Security Token service (STS) as the Security Mechanism. This configuration describes a list of STS agent profiles that are used to communicate with and secure the web service requests to the STS service.
Discovery Configuration
This attribute is enabled when the web service client is enabled for Discovery Service security. This configuration describes a list of Discovery Agent profiles that are used to secure requests made to the Discovery service.
User Authentication Required
When enabled, this attribute defines that the services client's protected page requires a user to be authenticated in order to gain access.
Preserve Security Headers in Message
When enabled, this attribute defines that the SOAP security headers are preserved by the web service client for further processing.
Use Pass Through Security Token
When enabled, this attribute indicates that the web service client will pass through the received Security token from the Subject. It will not try to create the token locally or from STS communication.
Liberty Service Type URN
The URN (Universal Resource Name) describes a Liberty service type that the web service client will use for service lookups.
Credential for User Token
The attribute represents the username/password shared secrets that are used by the web service client to generate a Username security token.
- © 2010, Oracle Corporation and/or its affiliates