Encrypted message part settings

Use this page to define the elements of an encrypted part of a message. Encrypted parts are used to protect message confidentiality and, in this case, the encrypted parts are being defined as part of the policy set process. A message part is a named set of one or more message elements.

To view this administrative console page, complete the following actions:
  1. Click Services > Policy sets > Application policy sets > policy_set_name.
  2. Click on WS-Security policy in the Policies table.
  3. Click either the Main policy link or the Bootstrap policy link.
  4. Click the Request message part protection link under the Request Policies section or the Response message part protection link under the Response Policies section.
  5. In the Confidentiality protection section, you can perform any of the following:
    • Click Add to add a new encrypted part.
    • Select an existing encrypted part and click Edit.
Name of part to be encrypted

Specifies the name of the set of one or more message parts that you have selected to encrypt. The name you choose is treated as a label and must be unique within the Response message part protection or Request message part protection collections for this WS-Security policy.

Elements in part

Specifies a list of the message elements that are included in the encrypted part. The Elements in part field contains a listing of message elements that are included in this encrypted part to provide message integrity.

Click Add, to add an element to the encrypted part of the message. To remove a message element from an encrypted part of a message, first click the selection box next to the element to be removed, then clickRemove. The OK, Apply, Reset or Cancel buttons act on the text entry fields, but cannot add or remove the rows in the table. The value of the Qname namespace, or the Xpath expression, is required and can be edited at any time, while adding a new element, or after the element is added.

You can add or edit the following types of message elements in the encrypted part of a message:
Predefined
Specifies the body of the message part.
Qname (for SOAP header elements only)
Specifies the Qname type for a namespace value for the SOAP header element that you want to encrypt. To sign a SOAP header element, select Qname and provide the namespace and optionally the localname of the SOAP header element in the Value field. If the localname is omitted, all SOAP header elements with the specified namespace are encrypted. To use the Qname selection method, the SOAP header elements must be the immediate children of the SOAP header. Any Qname row in the table that has no corresponding value is removed upon submission when you click OK or Apply.
Restriction:
You cannot select header elements that are sub-elements of other elements in the SOAP header using Qname. In this case, you must use an Xpath expression to select these header elements.
Xpath expression
Specifies if the displayed Xpath expression is used as the method for specifying that a specific element is included in this part. Click the XPath expression radio button and provide an expression in the Value entry field that represents the message part to encrypt. Any Xpath expression row on the table that has no corresponding value is removed upon submission when you click OK or Apply.



標示(線上)的鏈結表示需要存取網際網路。

Related tasks
Related reference


檔名: uwbs_wsspsenpa.html