SOAP Binding Service Attributes

The SOAP Binding Service attributes are global attributes. The values of these attributes are carried across the Access Manager configuration and inherited by every organization.

For information about the types of attributes used in Access Manager, see the Sun Java System Access Manager 7.1 Technical Overview.

Attributes for the SOAP Binding Service are defined in the amSOAPBinding.xml service file. The SOAP Binding Service attributes are as follows:

• Request Handler List

• Web Service Authenticator

• Supported Authentication Mechanisms

Request Handler List

The Request Handler List stores information about the classes implemented from the com.sun.identity.liberty.ws.soapbinding.RequestHandler interface. The SOAP Binding Service provides the interface to process requests and return responses. The interface must be implemented on the server side for each Liberty-based web service that uses the SOAP Binding Service.

To add a new implementation, click New and define values for the following parameters.

Key Parameter

The Key parameter is the last part of the URI path to a SOAP endpoint. The SOAP endpoint in Access Manager is the SOAPReceiver servlet. The URI to the SOAPReceiver uses the format protocol://host:port/deloy-uri/Liberty/key. If you define disco as the Key, the URI path to the SOAPReceiver for the corresponding Discovery Service would be protocol://host:port/amserver/Liberty/disco.

Different service clients must use different keys when connecting to the SOAPReceiver.

Class Parameter

The Class parameter specifies the name of the class implemented from com.sun.identity.liberty.ws.soapbinding.RequestHandler for the particular web service. For example, class=com.example.identity.liberty.ws.disco.DiscoveryService.

SOAP Action Parameter

The optional SOAP Action can be used to indicate the intent of the SOAP HTTP request. The SOAP processor on the receiving system can use this information to determine the ultimate destination for the service. The value is a URI. No defined value indicates no intent.

SOAP places no restrictions on the format or specificity of the URI or that it is resolvable.

Web Service Authenticator

This attribute takes as a value the implementation class for the Web Service Authenticator interface. This class authenticates a request and generates a credential for a WSC.

This interface is not public. The value of the attribute is configured during installation.

Supported Authentication Mechanisms

This attribute specifies the authentication mechanisms supported by the SOAP Receiver. Authentication mechanisms offer user authentication as well as data integrity and encryption. By default, all available authentication mechanisms are selected. If a mechanism is not selected and a WSC sends a request using it, the request is rejected. Following is a list of the supported authentication mechanisms:

• urn:liberty:security:2003-08:ClientTLS:SAML

• urn:liberty:security:2003-08:ClientTLS:X509

• urn:liberty:security:2003-08:ClientTLS:null

• urn:liberty:security:2003-08:TLS:SAML

• urn:liberty:security:2003-08:TLS:X509

• urn:liberty:security:2003-08:TLS:null

• urn:liberty:security:2003-08:null:SAML

• urn:liberty:security:2003-08:null:X509

• urn:liberty:security:2003-08:null:null

• urn:liberty:security:2004-04:ClientTLS:Bearer

• urn:liberty:security:2004-04:TLS:Bearer

• urn:liberty:security:2004-04:null:Bearer

• urn:liberty:security:2005-02:ClientTLS:Bearer

• urn:liberty:security:2005-02:ClientTLS:SAML

• urn:liberty:security:2005-02:ClientTLS:X509

• urn:liberty:security:2005-02:TLS:Bearer

• urn:liberty:security:2005-02:TLS:SAML

• urn:liberty:security:2005-02:TLS:X509

• urn:liberty:security:2005-02:null:Bearer

• urn:liberty:security:2005-02:null:SAML

• urn:liberty:security:2005-02:null:X509

For more complete information about authentication mechanisms and their level of security, see the Liberty ID-WSF Security Mechanisms specification.