Table of Contents

Search

  1. Preface
  2. Part 1: Using Process Developer
  3. Part 2: Creating and Modifying Processes
  4. Part 3: Functions, Events, Errors, and Correlation
  5. Part 4: Testing and Deployment
  6. Part 5: Process Central and Process Server (On-Premises)

Process Developer

Process Developer

Signature

Signature

Select this policy assertion as described in Adding Policy Assertions.
A signature policy describes the parts of a SOAP message to sign with an XML Signature, using an X.509 Certificate token to allow for verification and trust of the signed information.
  • Inbound
    signature is for messages received for My Role services and for replies from invoked Partner Role services. It indicates that the My Role partner role accepts signed message content and will verify the signature.
  • Outbound
    signature is for replies from My Role services and messages sent to invoked Partner Role services.
Set the following parameters:
SignatureParts alias
Optional keystore alias used to retrieve the key to sign. The default is the alias specified in the crypto properties file.
Content Name
Message part or element to be signed
Content Namespace:
Target namespace of the message part or element
Example
<abp:SignatureParts alias="keystore_alias"> <abp:Element namespace="http://docs.oasis-open.org/wss /2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" name="UsernameToken"/> </abp:SignatureParts>
As a message consumer, Process Server service endpoints accept and consume messages that conform to options deemed allowable under WS-I guidelines. As a message producer, Process Server supports only the recommended algorithms, references and identifiers.
The following algorithms are used for signing SOAP message parts.
  • X.509 Token
    Direct Binary Reference (send and receive): Preferred method, used where possible.
    Issuer Serial (send and receive): Preferred external reference method, if direct not possible.
    X509 Identifier (receive only)
    Subject Key Identifier (receive only)
    Embedded Token References (receive only)
  • Signature Digest Algorithm:
    http://www.w3.org/2000/09/xmldsig#sha1 (send and receive)
  • Signature Algorithm:
    http://www.w3.org/2000/09/xmldsig#rsa-sha1 (send and receive)
  • Cannonical XML Transform Algorithm:
    http://www.w3.org/2001/10/xml-exc-c14n# (send and receive)

0 COMMENTS

We’d like to hear from you!