An encryption policy describes the parts of a SOAP message to encrypt, in compliance with the processing rules of the XML Encryption specification [XMLENC].
Each specified original element or element content in the message is removed and replaced by the resulting encrypted element.
encryption is for messages received for My Role services and for replies from invoked Partner Role services. It indicates that the My Role partner role accepts encryption and will de-encrypt messages received.
encryption is for replies from My Role services and messages sent to invoked Partner Role services.
Set the following parameters:
Encryption Parts Attributes
Optional keystore alias used to retrieve the key for encryption. The default is the alias specified in the crypto properties file.
Message part or element to be encrypted
Target namespace of the message part or element
As a message consumer, Process Server service endpoints accept and consume messages that conform to options deemed allowable under WS-I guidelines. As a message producer, Process Server supports only the recommended algorithms, references and identifiers.
The following algorithms are used within the data encryption of SOAP messages. Additional algorithms will likely be added and supported in future releases, based on WS-I recommendations and customer demand.
The supported token types are as follows:
Direct Binary Reference (send and receive): Preferred method, used where possible.
Issuer Serial (send and receive): Preferred external reference method if direct not possible.
X509 Identifier (receive only)
Subject Key Identifier (receive only)
Embedded Token References (receive only)
Symmetric Data Encryption Algorithms:
http://www.w3.org/2001/04/xmlenc#tripledes-cbc (send and receive)
http://www.w3.org/2001/04/xmlenc#aes128-cbc (receive only)
http://www.w3.org/2001/04/xmlenc#aes256-cbc (receive only)
Asymmetric Key Transport Algorithms:
http://www.w3.org/2001/04/xmlenc#rsa-1_5 (send and receive)
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p (receive only)
Signature Digest Algorithm:
http://www.w3.org/2000/09/xmldsig#sha1 (send and receive)
http://www.w3.org/2000/09/xmldsig#rsa-sha1 (send and receive)
Cannonical XML Transform Algorithm:
http://www.w3.org/2001/10/xml-exc-c14n# (send and receive)