To set your message protection settings:
- Open the Primavera P6 Administrator.
- In the Configurations drop-down list, select your configuration.
- In the sidebar select Web Services/Security/Message Protection.
- Select Require Timestamp if incoming SOAP messages must contain the WS-Security Timestamp.
- Select Require Digital Signatures for Incoming Messages to require that incoming SOAP messages are signed and conform to Web Service Security 1.1 standards.
Note: To access Web Services, you must configure all Web Services settings to get encryption and digital signatures to work. If you do not want to use encryption or digital signatures, you must set this setting and the Require Encryption setting to false.
- Select Require Encryption for Incoming Messages to require incoming SOAP messages are encrypted and conform to Web Service Security 1.1 standards. When this setting is selected, at least one element in each P6 EPPM Web Services request message must be encrypted.
Note:
- To access Web Services, you must configure all Web Services settings to get encryption and digital signatures to work. If you do not want to use encryption or digital signatures, you must set this setting and the Require Encryption setting to false.
- When the Encrypt Response setting and the Require Encryption for Incoming Messages setting are both set to true, the server encrypts everything inside of the body element of P6 Web Services response messages.
- When the Encrypt Response setting is Encrypt only if request is encrypted and Require Encryption for Incoming Messages setting is set to true, the server encrypts everything inside of the body element of P6 Web Services response messages.
- When the Require Encryption for Incoming Messages setting is set to false, both encrypted and un-encrypted incoming messages are accepted. This setting provides flexible interoperability with multiple Web Services clients simultaneously, without compromising security.
- In the Encrypt Response list, select the encryption response options for outgoing messages. This setting governs when responses will be returned as encrypted.
The default value is Encrypt only if request is encrypted.
- In the Keystore Type list, select the KeyStore type.
The default value is JKS.
- In the File Location field, enter the absolute path to the keystore file. This file must exist on the local filesystem. For example,
c:\keystore\keystore.jks - In the Keystore Password field, enter KeyStore password.
- In the Private Key Alias field, enter alias for the private key in KeyStore.
The default value is alias.
- In the Private Key Password field, enter password for the private key.
- In the Encrypt Response field, select whether to encrypt outgoing messages. You can use this setting only when you enable encryption for incoming messages.
- Note: When the Encrypt Response setting and the Require Encryption for Incoming Messages setting are both set to true, the server encrypts everything inside of the body element of P6 Web Services response messages.
- When the Encrypt Response setting is Encrypt only if request is encrypted and Require Encryption for Incoming Messages setting is set to true, the server encrypts everything inside of the body element of P6 Web Services response messages.
When the Require Encryption for Incoming Messages setting is set to false, both encrypted and un-encrypted incoming messages are accepted. This setting provides flexible interoperability with multiple Web Services clients simultaneously, without compromising security.