For web services, you can verify a signing by using an X.509 certificate token profile.
X.509 certificate token verification of the Integrity of a signed incoming SOAP message is supported in the following configurations:
Capability
Configured with a policy set and binding defining the message Integrity
Signature verification is not supported with an external PDP, such as TFIM or LDAP.