Specifies configuration information for handler DFHWSSE1, which provides support for WS-Security.
Name | Description |
---|---|
version | An integer denoting the version of the configuration information. The only valid value is 1. |
The <expect_signed_body/> element indicates that the <body> of the inbound message must be signed. If the body of an inbound message is not correctly signed, CICS rejects the message with a security fault.
The <expect_encrypted_body/> element indicates that the <body> of the inbound message must be encrypted. If the body of an inbound message is not correctly encrypted, CICS rejects the message with a security fault.
If this element is present, CICS will sign the <body> of the outbound message, using the algorithm specified in the <algorithm> element contained in the <sign_body> element.
If this element is present, CICS will encrypt the <body> of the outbound message, using the algorithm specified in the <algorithm> element contained in the <encrypt_body> element.
<dfhwsse_configuration version="1">
<authentication mode="basic">
<certificate_label>AUTHCERT03</certificate_label>
<suppress/>
<algorithm>http://www.w3.org/2000/09/xmldsig#dsa-sha1</algorithm>
</authentication>
<expect_signed_body/>
<expect_encrypted_body/>
<sign_body>
<algorithm>http://www.w3.org/2000/09/xmldsig#rsa-sha1</algorithm>
<certificate_label>SIGCERT01</certificate_label>
</sign_body>
<encrypt_body>
<algorithm>http://www.w3.org/2001/04/xmlenc#tripledes-cbc</algorithm>
<certificate_label>ENCCERT02</certificate_label>
</encrypt_body>
</dfhwsse_configuration>