Validating signatures
You can add validate signatures of incoming SOAP messages if you want authentication by using signature validation.
About this task
Procedure
- Open a SOAP message for editing.
- On the Config page, right-click the node and click Properties.
- In the Field Properties dialog, click the WS-Security tab.
- On the WS-Security page, ensure that the Enable field is selected.
- Select Validate Signature from the list. The Validate Signature editor is displayed.
- Configure the validate signature action.
The following table outlines the fields and options used for validating signatures.
Field/Option Description Transformation Name (Required) Enter a name for the security action that will help identify the action in the main list. Keystore (option) You can use an HCL OneTest™ API identity store. Username token Alternatively, you can use a user name token if a user token action is listed above this action (under the toolbar on the WS-Security tab). SAML Assertion token Or, you can use a SAML assertion action if a SAML token action is listed above this action (under the toolbar on the WS-Security tab). Keystore (list) Select a HCL OneTest™ API identity store. Certificate Alias Select a public key alias (defined in the selected keystore). Actor Indicates a specific message receiver, either the ultimate receiver or an intermediary. For each actor/role that is defined (that is, in multiple tokens), a separate security header is added to the SOAP header. Must understand? Select this check box to make the SOAP header mandatory for the specified actor/role. In this case, either the header block must be processed or the entire SOAP message is ignored, and a SOAP fault is generated. If this check box is cleared (the default), the specified actor/role may or may not process the SOAP header. - Click OK.