Message Filter Reference

Name	Extract WSS Header
Description	Extracts a WS-Security <Header> block from a message, and stores it in the authentication.ws.wsblockinfo message attribute.
Category	Attributes
Required Attributes
Consumed Attributes
Generated Attributes	authentication.ws.wsblockinfo
Tutorial	Extract WSS Header

Name	Extract WSS Timestamp
Description	Extracts a WS-Utility Timestamp from a message. The timestamp is stored in a specified message attribute to be processed later in a circuit. Defaults to the wss.timestamp message attribute.
Category	Attributes
Required Attributes
Consumed Attributes
Generated Attributes	wss.timestamp
Tutorial	Extract WSU Timestamp

Name	Extract WSS Username Token
Description	Extracts a WS-Security UsernameToken from a message if it exists. The extracted UsernameToken is stored in the wss.usernameToken message attribute.
Category	Attributes
Required Attributes
Consumed Attributes
Generated Attributes	wss.usernameToken
Tutorial	Extract WSS Username Token

Name	Insert SAML Attribute Assertion
Description	Inserts a SAML attribute assertion into the downstream message.
Category	Attributes
Required Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id content.body
Consumed Attributes
Generated Attributes
Tutorial	Insert SAML Attribute Assertion

Name	Retrieve Attribute from Directory Server
Description	Retrieves user attributes from an LDAP directory.
Category	Attributes
Required Attributes	authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id
Tutorial	Retrieve Attribute from Directory Server

Name	Retrieve Attribute from HTTP Header
Description	Retrieves the value of an HTTP header and sets it to a user-specified message attribute.
Category	Attributes
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Retrieve Attribute from HTTP Header

Name	Retrieve Attributes from Database
Description	Retrieves user attributes from a specified database.
Category	Attributes
Required Attributes	authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes	attribute.lookup.list authentication.subject.id authentication.subject.format
Tutorial	Retrieve Attributes from Database

Name	Retrieve Attribute from Message
Description	Retrieves the value of an XML attribute or element from the message and sets it to a user-specified message attribute.
Category	Attributes
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Retrieve Attribute from Message

Name	Retrieve Attribute from SAML Attribute Assertion
Description	Retrieves user attributes from a SAML attribute assertion and stores them in the attribute.lookup.list message attribute.
Category	Attributes
Required Attributes	content.body
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id saml.assertion saml.assertion.position saml.wsblockinfo
Tutorial	Retrieve Attribute from SAML Attribute Assertion

Name	Retrieve Attribute from SAML PDP
Description	When a user has been successfully authenticated, the Enterprise Gateway can send a SAMLP (SAML Protocol) request to the SAML PDP to obtain user attributes. The PDP packages the relevant attributes into a SAML attribute assertion and returns the assertion to Enterprise Gateway in a SAMLP response. Enterprise Gateway validates the response and can optionally insert the attribute assertion into the downstream message.
Category	Attributes
Required Attributes	authentication.subject.id authentication.subject.format authentication.method
Consumed Attributes
Generated Attributes	attribute.lookup.list samlpdp.response.assertion samlpdp.response.doc samlpdp.response.namespace.saml samlpdp.response.namespace.samlp samlpdp.subject.format samlpdp.subject.id
Tutorial	Retrieve Attributes from SAML PDP

Name	Retrieve Attributes from Tivoli
Description	You can use this filter when you need to retrieve user attributes independently from authorizing the user against Tivoli Access Manager.
Category	Attributes
Required Attributes	authentication.subject.id
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id
Tutorial	Retrieve Attributes from Tivoli

Name	Retrieve from User Store
Description	Retrieves user attributes from the User Store and stores them in the attribute.lookup.list message attribute.
Category	Attributes
Required Attributes	authentication.subject.id
Consumed Attributes
Generated Attributes	attribute.lookup.list authentication.subject.id authentication.subject.format
Tutorial	Retrieve Attributes from User Store

Name	SAML PDP XML-Signature Response Verification
Description	Typically, a SAML PDP will sign SAMLP responses returned to Enterprise Gateway. In such cases, Enterprise Gateway can validate the signature on the response using this filter.
Category	Attributes
Required Attributes	samlpdp.response.doc
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	SAML PDP Attributes

Name	Attribute Authentication
Description	Authenticates user credentials specified in Enterprise Gateway message attributes against a configured user store.
Category	Authentication
Required Attributes	authentication.subject.id authentication.subject.password
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id authentication.subject.orig.format authentication.subject.orig.id authentication.subject.password
Tutorial	Attribute Authentication

Name	HTML Form-based Authentication
Description	Authenticates Enterprise Gateway client user credentials specified in an HTML form against a configured user store.
Category	Authentication
Required Attributes
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id authentication.subject.orig.format authentication.subject.orig.id authentication.subject.password
Tutorial	HTML Form-based Authentication

Name	HTTP Basic Authentication
Description	Authenticates a client against a configured user store using HTTP basic authentication.
Category	Authentication
Required Attributes	http.headers http.request.verb
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id authentication.subject.orig.format authentication.subject.orig.id authentication.subject.password
Tutorial	HTTP Basic Authentication

Name	HTTP Digest Authentication
Description	Authenticates a client against a configured user store using HTTP digest authentication.
Category	Authentication
Required Attributes	http.headers http.request.verb
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id authentication.subject.orig.format authentication.subject.orig.id authentication.subject.password
Tutorial	HTTP Digest Authentication

Name	IP Address
Description	Allows or denies access to an IP address or range of IP addresses.
Category	Authentication
Required Attributes	http.request.clientaddr
Consumed Attributes
Generated Attributes
Tutorial	IP Address

Name	SSL Authentication
Description	Authenticates a user's SSL certificate.
Category	Authentication
Required Attributes	content.body
Consumed Attributes
Generated Attributes	authentication.cert authentication.issuer.format authentication.issuer.id authentication.method authentication.subject.format authentication.subject.id certificate certificates
Tutorial	SSL Authentication

Name	CA SOA Security Manager Authentication
Description	Authenticates a user against CA SOA Security Manager.
Category	Authentication
Required Attributes	content.body http.request.clientaddr http.request.uri http.request.verb
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id soasecuritymanager.agent soasecuritymanager.decision soasecuritymanager.realmdef soasecuritymanager.resource.context
Tutorial	CA SOA Security Manager Authentication

Name	HTTP Header Authentication
Description	Extracts a user credential from an HTTP header and uses it to authenticate the user. Typically, a username, X.509 certificate, or Distinguished Name is extracted from the HTTP header.
Category	Authentication
Required Attributes	http.headers
Consumed Attributes
Generated Attributes	authentication.cert authentication.issuer.format authentication.issuer.id authentication.issuer.orig.format authentication.issuer.orig.id authentication.method authentication.subject.format authentication.subject.id authentication.subject.orig.format authentication.subject.orig.id certificate certificates
Tutorial	HTTP Header Authentication

Name	Insert SAML Authentication Assertion
Description	Inserts a SAML authentication assertion into the downstream message on behalf of an authenticated user.
Category	Authentication
Required Attributes	authentication.method authentication.subject.format authentication.subject.id content.body
Consumed Attributes
Generated Attributes
Tutorial	Insert SAML Authentication Assertion

Name	Insert WS-Security Username Token
Description	Inserts a WS-Security Token into the downstream message on behalf of an authenticated client.
Category	Authentication
Required Attributes	authentication.subject.id content.body
Consumed Attributes
Generated Attributes	ws.username.token.name
Tutorial	Insert WS-Security Username Token

Name	Insert Timestamp
Description	Inserts a WS-Utility (WSU) Timestamp into a WS-Security Header to specify the lifetime of the message to which it is added.
Category	Authentication
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Insert Timestamp

Name	Kerberos Client Authentication
Description	Obtains a service ticket for a Kerberos Service, and uses it to authenticate to the service.
Category	Authentication
Required Attributes	http.destination.host
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id kerberos.client.context.established kerberos.context kerberos.mechanism.oid kerberos.profile.ap.req.bst.id kerberos.profile.ap.req.sha1 kerberos.service.subject.id kerberos.session.key
Tutorial	Kerberos Client Authentication

Name	Kerberos Service Authentication
Description	Consumes a Kerberos token to authenticate a Kerberos Client.
Category	Authentication
Required Attributes	http.destination.host
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id kerberos.mechanism.oid kerberos.profile.ap.req.sha1 kerberos.service.authenticator.principal kerberos.service.authenticator.realm kerberos.service.authenticator.time kerberos.service.context.established kerberos.service.subject.id kerberos.service.ticket.principal kerberos.service.ticket.realm kerberos.session.key
Tutorial	Kerberos Service Authentication

Name	SAML Authentication
Description	Validates a SAML authentication assertion to make sure it has not expired.
Category	Authentication
Required Attributes	content.body
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.id authentication.subject.format saml.assertion saml.assertion.position saml.wsblockinfo
Tutorial	SAML Authentication

Name	SAML Authentication XML-Signature Verification
Description	Validates the signature on a SAML authentication assertion.
Category	Authentication
Required Attributes	content.body
Consumed Attributes
Generated Attributes	authentication.cert authentication.issuer.format authentication.issuer.id certificate certificates
Tutorial	SAML Authentication XML-Signature Verification

Name	Authentication: SAML PDP Response XML-Signature Verification
Description	Typically a SAML PDP will sign SAMLP responses and/or the issued SAML assertion itself. This filter can be used to validate the signature on the SAMLP response.
Category	Authentication
Required Attributes	samlpdp.response.doc
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	Authentication: SAML PDP Response XML-Signature Verification

Name	XML-Signature Authentication
Description	Enterprise Gateway can authenticate a client by validating the XML-Signature on an incoming request. A successful signature validation proves that the client had access to the private key that was used to sign the request.
Category	Authentication
Required Attributes	content.body
Consumed Attributes
Generated Attributes	authentication.cert authentication.issuer.format authentication.issuer.id authentication.method authentication.subject.format authentication.subject.id certificate certificates
Tutorial	XML-Signature Authentication

Name	Attribute Authorization
Description	This filter checks the values of user attributes that are stored in the attribute.lookup.list message attribute.
Category	Authorization
Required Attributes	attribute.lookup.list
Consumed Attributes
Generated Attributes
Tutorial	Attribute Authorization

Name	CA SOA Security Manager Authorization
Description	Authorizes an authenticated user against CA SOA Security Manager.
Category	Authorization
Required Attributes	http.request.clientaddr soasecuritymanager.agent soasecuritymanager.decision soasecuritymanager.realmdef soasecuritymanager.resource.context
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id
Tutorial	CA SOA Security Manager Authorization

Name	Certificate Attributes Authorization
Description	Authorizes a user by examining the attributes in that user's X.509 certificate.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes
Tutorial	Certificate Attributes Authorization

Name	Check Group Membership
Description	Checks whether the specified Enterprise Gateway User is a member of the specified Enterprise Gateway Group.
Category	Authorization
Required Attributes	authentication.subject.id
Consumed Attributes
Generated Attributes
Tutorial	Check Group Membership

Name	GetAccess Authorization
Description	Authorizes an authenticated user against Entrust's GetAccess.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format content.body
Consumed Attributes
Generated Attributes
Tutorial	GetAccess Authorization

Name	Insert SAML Authorization Assertion
Description	When the user has been successfully authorized, Enterprise Gateway can insert a SAML authorization assertion into the downstream message.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format content.body
Consumed Attributes
Generated Attributes
Tutorial	Insert SAML Authorization Assertion

Name	Access Manager
Description	Authorizes an authenticated user against RSA's ClearTrust Authorization Server.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes
Tutorial	ClearTrust Authorization

Name	SAML Authorization
Description	Authorizes a user by validating the SAML authorization assertion in an incoming request.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format content.body
Consumed Attributes
Generated Attributes	saml.assertion saml.assertion.position saml.wsblockinfo
Tutorial	SAML Authorization

Name	SAML Authorization XML-Signature Verification
Description	Validates the XML-Signature on a SAML authorization assertion.
Category	Authorization
Required Attributes	content.body
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	SAML Authorization XML-Signature Verification

Name	SAML PDP Authorization
Description	Generates a SAMLP authorization request to a SAML PDP on behalf of an authenticated user. The SAML PDP generates a SAML authorization assertion and returns it to Enterprise Gateway in a SAMLP response. Enterprise Gateway validates the response and can optionally insert the assertion into the downstream message.
Category	Authorization
Required Attributes	authentication.method authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes	samlpdp.response.assertion samlpdp.response.doc samlpdp.response.namespace.saml samlpdp.response.namespace.samlp samlpdp.subject.id samlpdp.subject.format
Tutorial	SAML PDP Authorization

Name	SAML PDP Response XML-Signature Verification
Description	Typically a SAML PDP will sign SAMLP responses and/or the issued SAML assertion itself. This filter can be used to validate the signature on the SAMLP response.
Category	Authorization
Required Attributes	samlpdp.response.doc
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	SAML PDP Response XML-Signature Verification

Name	Tivoli Authorization
Description	Authorizes an authenticated user against IBM's Tivoli Access Manager.
Category	Authorization
Required Attributes	authentication.subject.id authentication.subject.format
Consumed Attributes
Generated Attributes
Tutorial	Tivoli Authorization

Name	XACML PEP
Description	Configures an eXtensible Access Control Markup Language (XACML) Policy Enforcement Point (PEP)
Category	Authorization
Required Attributes
Consumed Attributes
Generated Attributes	xacml.decision xacml.result.xml xacml.statuscode
Tutorial	XACML PEP

Name	SiteMinder Authorization
Description	Authorizes a user against CA's SiteMinder. The user must have been authenticated to SiteMinder before they can be authorized.
Category	CA SiteMinder
Required Attributes	siteminder.agent siteminder.decision
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id
Tutorial	SiteMinder Authorization

Name	SiteMinder Certificate Authentication
Description	Authenticates a user's certificate against SiteMinder.
Category	CA SiteMinder
Required Attributes	certificate certificates
Consumed Attributes
Generated Attributes	authentication.method authentication.format authentication.subject.id siteminder.agent siteminder.decision
Tutorial	SiteMinder Certificate Authentication

Name	SiteMinder Logout
Description	Terminates a user's SiteMinder session by invalidating the user's single sign-on token.
Category	CA SiteMinder
Required Attributes	siteminder.agent siteminder.decision
Consumed Attributes
Generated Attributes
Tutorial	SiteMinder Logout

Name	SiteMinder Session Validation
Description	Extracts a user's single sign-on token from the message and validates it against SiteMinder.
Category	CA SiteMinder
Required Attributes	content.body
Consumed Attributes
Generated Attributes	authentication.method authentication.subject.format authentication.subject.id siteminder.agent siteminder.decision
Tutorial	SiteMinder Session Validation

Name	Cache Attribute
Description	Specifies which part of the message is cached. Typically, response messages are cached, so this filter is usually configured after the routing filters in a circuit.
Category	Cache
Required Attributes	message.key content.body
Consumed Attributes
Generated Attributes
Tutorial	Cache Attribute

Name	Create Key
Description	Specifies which part of a message determines if the message is unique (for example, message body, HTTP header, client IP address, and so on).
Category	Cache
Required Attributes	content.body
Consumed Attributes
Generated Attributes	message.key
Tutorial	Create Key

Name	Is Cached?
Description	Looks up a named cache to see if a specified message attribute is already cached. A message attribute is used as the key to search for in the cache (defaults to message.key). If the lookup succeeds, the retrieved value overrides a specified message attribute (defaults to content.body).
Category	Cache
Required Attributes	message.key
Consumed Attributes
Generated Attributes	content.body
Tutorial	Is Cached?

Name	Remove Cached Attribute
Description	Deletes a message attribute value that has been stored in a cache.
Category	Cache
Required Attributes	message.key
Consumed Attributes
Generated Attributes
Tutorial	Remove Cached Attribute

Name	Certificate Chain
Description	Ensures that a trusted CA (Certificate Authority) issued the certificate. Trusted CA certificates are stored in the Oracle Trusted Certificate Store.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	Certificate Chain

Name	Certificate Revocation List (dynamic)
Description	Validates a certificate against a CRL and automatically retrieves the CRL periodically.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	Certificate Revocation List (Dynamic)

Name	CRL (in LDAP)
Description	Looks up a user's certificate in an LDAP-based CRL to see if that user has been revoked.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	Certificate Revocation List (LDAP)

Name	CRL Responder
Description	Configures the Enterprise Gateway to act as CRL responder by returning CRL files to clients.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	CRL Responder

Name	CRL (static)
Description	Looks up a user's certificate in a file-based CRL to see if that user has been revoked.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	Static CRL Certificate Validation

Name	Create Thumbprint
Description	Used to create a human-readable thumbprint (or fingerprint) from the X.509 certificate that is stored in the certificate message attribute. The generated thumbprint is stored in the certificate.thumbprint attribute.
Category	Certificate
Required Attributes	certificate
Consumed Attributes
Generated Attributes	certificate.thumbprint
Tutorial	Create Thumbprint

Name	Extract Certificate Attributes
Description	Extracts the X.509 attributes from a certificate stored in a specified Oracle message attribute. Typically, this filter is used in conjunction with a Find Certificate filter.
Category	Certificate
Required Attributes	certificate
Consumed Attributes
Generated Attributes	attribute.lookup.list attribute.subject.format attribute.subject.id cert.basic.constraints cert.extended.key.usage cert.hash.md5 cert.hash.sha1 cert.issuer.alternative.name cert.issuer.id cert.issuer.id.c cert.issuer.id.cn cert.issuer.id.emailaddress cert.issuer.id.l cert.issuer.id.o cert.issuer.id.ou cert.issuer.id.st cert.key.usage.cRLSign cert.key.usage.dataEncipherment cert.key.usage.digitalSignature cert.key.usage.encipherOnly cert.key.usage.keyAgreement cert.key.usage.keyCertSign cert.key.usage.keyEncipherment cert.key.usage.nonRepudiation cert.not.after cert.not.before cert.serial.number cert.signature.algorithm cert.subject.alternative.name cert.subject.id cert.subject.id.c cert.subject.id.cn cert.subject.id.emailaddress cert.subject.id.o cert.subject.id.ou cert.subject.id.st cert.version
Tutorial	Extract Certificate Attributes

Name	Find Certificate
Description	Locates a certificate from a message attribute, HTTP header, message attachment, or extracts a certificate from the User Store. The extracted certificate is stored in a user-specified message attribute. This new attribute will then appear as a Generated Attribute in the policy. The certificate is stored in the certificate attribute by default.
Category	Certificate
Required Attributes
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	Find Certificate

Name	OCSP Certificate Validation
Description	Checks the status of a user's certificate against a group of OCSP responders.
Category	Certificate
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	OCSP

Name	XKMS Certificate Validation
Description	Validates a user's certificate against a group of XKMS responders.
Category	Certificates
Required Attributes	certificates
Consumed Attributes
Generated Attributes
Tutorial	XKMS

Name	Content Type Filtering
Description	Filters MIME and DIME messages based on the types of their attachments.
Category	Content Filtering
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Content Type Filter

Name	Content Validation
Description	Runs a boolean XPath expression on the incoming request.
Category	Content Filtering
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Content Validation

Name	Throttling
Description	Limits the number of messages a client can send in a specified interval through the policy in which this filter is configured. In other words, it provides filtering of messages on a per client, per service basis.
Category	Content Filtering
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Throttling

Name	McAfee Anti-Virus
Description	Scans incoming HTTP requests and their attachments for viruses and exploits. Supports cleaning of messages from infections, provides scan presets for detection levels, and reports overall message status after scanning.
Category	Content Filtering
Required Attributes	content.body
Consumed Attributes
Generated Attributes	mcafee.status
Tutorial	McAfee Virus Scanner

Name	Schema Validation
Description	Validates the contents of the message body against a selected XML Schema. This ensures that the message adheres to the correct message format, and can also ensure that the message contains appropriate data.
Category	Content Filtering
Required Attributes	content.body webservice.context
Consumed Attributes
Generated Attributes	xsd.errors
Tutorial	Schema Validation

Name	Validate HTTP Headers
Description	Filters MIME and DIME messages based on the types of their attachments.
Category	Content Filtering
Required Attributes	http.headers
Consumed Attributes
Generated Attributes
Tutorial	Validate HTTP Headers

Name	Validate Message Attribute
Description	Compares the value of a message attribute to a configured regular expression. It can also check for the presence of Threatening Content regular expressions such as SQL injection and buffer overflow attacks.
Category	Content Filtering
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Validate Message Attributes

Name	XML Complexity
Description	Checks the depth and complexity of XML messages.
Category	Content Filtering
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	XML Complexity

Name	Add HTTP Header
Description	Adds a user-specified HTTP header to the downstream message.
Category	Conversion
Required Attributes	http.headers
Consumed Attributes
Generated Attributes
Tutorial	Add HTTP Header

Name	Set Message
Description	Sets the content of the message payload.
Category	Conversion
Required Attributes	content.body
Consumed Attributes
Generated Attributes	content.body
Tutorial	Set Message

Name	Load file
Description	Loads the contents of the specified file, and sets them as message content to be processed.
Category	Conversion
Required Attributes
Consumed Attributes
Generated Attributes	content.body
Tutorial	Load File

Name	Remove HTTP Header
Description	Removes a user-specified HTTP header from the downstream message.
Category	Conversion
Required Attributes	http.headers
Consumed Attributes
Generated Attributes
Tutorial	Remove HTTP Header

Name	XSLT Transformation
Description	This filter uses an XSLT stylesheet to convert the body of the incoming request to an alternative XML grammar or format.
Category	Conversion
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	XSLT Transformation

Name	XML-Decryption
Description	Decrypts an XML-Encrypted message according to the settings configured in the XML-Decryption Settings filter. These settings are stored in the decryption.properties message attribute, which is a required attribute for this filter.
Category	Encryption
Required Attributes	content.body decryption.properties
Consumed Attributes
Generated Attributes
Tutorial	XML-Decryption

Name	XML-Decryption Settings
Description	This filter is used to specify the XML-Encrypted blocks to decrypt in the message. All of the encrypted blocks can be decrypted or a single encrypted block can be selected using an XPath expression. The actual decryption is performed by the XML-Decryption filter.
Category	Encryption
Required Attributes
Consumed Attributes
Generated Attributes	decryption.properties
Tutorial	XML-Decryption Settings

Name	XML-Encryption
Description	Encrypts (part of) an XML message as specified in the XML Encryption Settings filter. The message will be encrypted such that only its intended recipients can decrypt it.
Category	Encryption
Required Attributes	content.body encryption.properties
Consumed Attributes
Generated Attributes
Tutorial	XML-Encryption

Name	XML-Encryption Settings
Description	This filter is used to specify the part(s) of the message to encrypt, and for whom the message is to be encrypted. Only the intended recipients will be able to decrypt the message.
Category	Encryption
Required Attributes
Consumed Attributes
Generated Attributes	encryption.properties
Tutorial	XML-Encryption Settings

Name	SOAP Fault
Description	If a SOAP Fault handler is configured for a policy, it handles any exceptions that occur in the policy. As such it dictates the format of the SOAP Fault that is returned to the client.
Category	Fault Handlers
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	SOAP Fault

Name	XML Signature Generation
Description	Signs the selected part of the incoming request.
Category	Integrity
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Sign Message

Name	XML-Signature Verification
Description	Verifies the integrity of the incoming message by validating its XML-Signature. This ensures that the message was not tampered with after it was signed.
Category	Integrity
Required Attributes	content.body
Consumed Attributes
Generated Attributes	certificate certificates
Tutorial	Integrity XML-Signature Verification

Name	Set Service Name
Description	Configures service-level monitoring details. For example, you can specify the service name displayed in real-time monitoring tools, and whether to store service usage metrics.
Category	Monitoring
Required Attributes
Consumed Attributes
Generated Attributes	service.name
Tutorial	Set Service Name

Name	Alert
Description	Sends an alert to a configured alerting destination.
Category	Monitoring
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Alert

Name	Log Access
Description	Logs message details in Common Log Format to an Access Log. The log file is written to the /logs directory of your Enterprise Gateway installation.
Category	Monitoring
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Log Access

Name	Log Message Payload
Description	Logs the message payload, including HTTP headers and MIME/DIME attachments, at a particular point in the policy.
Category	Monitoring
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Log Message Payload

Name	Operation Name
Description	Compares the first element of the SOAP body (i.e. the SOAP operation) and its namespace to the values configured here.
Category	Resolvers
Required Attributes	content.body
Consumed Attributes
Generated Attributes	soap.request.method soap.request.method.namespace
Tutorial	Operation Name

Name	Relative Path
Description	Matches the relative path (i.e. uri) on which the request was received to the value configured here.
Category	Resolvers
Required Attributes	http.request.uri
Consumed Attributes
Generated Attributes
Tutorial	Relative Path

Name	SOAPAction
Description	Matches the SOAPAction HTTP header on the incoming request to the value configured in this filter.
Category	Resolvers
Required Attributes	http.headers
Consumed Attributes
Generated Attributes	soap.request.action
Tutorial	SOAP Action

Name	Connection
Description	This filter is responsible for connecting to the target Web Service or system. Enterprise Gateway can mutually authenticate to the endpoint using SSL certificates or HTTP basic/digest authentication.
Category	Routing
Required Attributes	content.body http.destination.host http.destination.port http.destination.protocol http.headers http.request.uri http.request.verb
Consumed Attributes
Generated Attributes	http.headers http.request.connection.error http.response.info http.response.status http.response.version
Tutorial	Connection

Name	Dynamic Router
Description	In cases where Enterprise Gateway is acting as a proxy, it can extract the URL from the request line of the HTTP request and route the message to this address.
Category	Routing
Required Attributes	http.request.uri
Consumed Attributes
Generated Attributes	http.destination.host http.destination.port http.destination.protocol
Tutorial	Dynamic Router

Name	Rewrite URL
Description	In cases where Enterprise Gateway is acting as a proxy, it can forward the message on to the address specified in the request line of the HTTP request. This filter can be used to rewrite the URL of the original request to an alternative one, i.e. service virtualization.
Category	Routing
Required Attributes	http.request.uri
Consumed Attributes
Generated Attributes
Tutorial	Rewrite URL

Name	Static Router
Description	The static router is used to configure connection details for a particular endpoint. Enterprise Gateway will route messages to the endpoint configured here.
Category	Routing
Required Attributes
Consumed Attributes
Generated Attributes	http.destination.host http.destination.port http.destination.protocol
Tutorial	Static Router

Name	Insert WS-Addressing
Description	Inserts WS-Addressing information into a SOAP message.
Category	Routing
Required Attributes	http.destination.host http.destination.port http.destination.protocol http.headers http.request.uri soap.request.action
Consumed Attributes
Generated Attributes
Tutorial	SSL Authentication

Name	Read WS-Addressing
Description	Uses WS-Addressing information contained within a SOAP message to route the message.
Category	Routing
Required Attributes	content.body
Consumed Attributes
Generated Attributes	http.destination.host http.destination.port http.destination.protocol http.request.uri
Tutorial	SSL Authentication

Name	Save to file
Description	Writes the current message contents to a file.
Category	Routing
Required Attributes	content.body
Consumed Attributes
Generated Attributes
Tutorial	Save to File

Name	Abort
Description	Forces a policy path to abort and throw an exception. This causes a SOAP Fault to be returned to the client.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Abort Filter

Name	Copy/Modify Attributes
Description	This filter can be used to copy the value of one message attribute to another.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Copy/Modify Attributes

Name	False
Description	Forces the policy path to return false.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	False Filter

Name	Policy Shortcut
Description	This filter can be used to pass control to another policy. It is very useful for creating a policy macro that contains small pieces of logic that you may wish to keep outside of a policy so that it can be re-used. This helps to keep the main logic of a policy uncluttered.
Category	Utility
Required Attributes	The required attributes for this filter are whatever attributed are required by the start node of the policy shortcut.
Consumed Attributes
Generated Attributes	The generated attributes for this filter are the attributes that are returned from the end node of the policy shortcut.
Tutorial	Policy Shortcut

Name	Reflect
Description	Echoes the request body back to the client.
Category	Utility
Required Attributes	content.body http.headers
Consumed Attributes
Generated Attributes	http.response.status
Tutorial	Reflect Message

Name	Reflect Message and Attributes
Description	Echoes the request body and the current message attributes back to the client.
Category	Utility
Required Attributes	content.body http.headers
Consumed Attributes
Generated Attributes
Tutorial	Reflect Message and Attributes

Name	True
Description	Forces a true result from a policy path.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	True Filter

Name	Execute process
Description	Executes an external process from a policy circuit.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Execute External Process

Name	Pause
Description	This filter forces the policy to suspend processing for a specified time interval. When this interval has elapsed, the next filter in the policy path is executed immediately.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Pause Filter

Name	Set Response Status
Description	Explicitly sets the response status of a given message.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Set Response Status

Name	String Replace
Description	Replaces all or part of the value of the specified string in a message attribute.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	String Replace Filter

Name	Trace
Description	Forces the Enterprise Gateway to trace the current message attributes to the configured trace destination. By default, trace files are written to the /trace directory of your Enterprise Gateway installation.
Category	Utility
Required Attributes
Consumed Attributes
Generated Attributes
Tutorial	Trace Message Attributes

Name	Return WSDL
Description	Returns a WSDL file from the Web Services Repository. This filter is configured automatically when a WSDL file is imported into the repository.
Category	Web Service
Required Attributes	http.headers http.request.uri webservice.context
Consumed Attributes
Generated Attributes
Tutorial	Return WSDL

Name	Set Web Service Context
Description	Specifies which service to take resources from in the Web Service Repository. For example, if you set this filter to a getQuote service in the repository, and configure the Return WSDL filter, the WSDL definition for the getQuote service is returned when a WSDL request is received.
Category	Web Service
Required Attributes
Consumed Attributes
Generated Attributes	service.name webservice.context
Tutorial	Set Web Service Context

Name	Web Service Filter
Description	Controls and validates requests to the Web Service and responses from the Web Service. This is automatically generated as the Service Handler when a WSDL file is imported into the Web Services Repository.
Category	Web Service
Required Attributes	content.body http.headers http.request.verb
Consumed Attributes
Generated Attributes	http.destination.host http.destination.port http.destination.protocol http.headers http.request.connection.error http.request.uri http.response.info http.response.status http.response.version service.name webservice.context
Tutorial	Web Service Filter