6. Server User Guide

6. Server User Guide

Security Configurations

Security Configurations

The OASIS WS-Security V1.0 (WSSE) standard establishes a framework for assuring the integrity and confidentiality of SOAP messages. Message integrity is assured via digital signature, and confidentiality of message data is achieved via encryption. The standards referenced by WS-Security V1.0 are supported by Process Server.
To use WS-Security features, you must set up the container in which Process Server is deployed with the necessary certificates manager or keystores that are often used for standard SSL processing. Also, you must provide a properties file that contains settings required for Process Server to interact with your platform’s encryption and certificate management. The properties file is named
crypto.properties
.
The following properties must be set in crypto.properties to match the your platform:
  • org.apache.ws.security.crypto.provider=<provider>
    where
    <provider>
    must be the default unless a custom provider is supplied that implements the apache crypto interface. The default is:
    org.apache.ws.security.components.crypto.Merlin
  • org.apache.ws.security.crypto.merlin.keystore.type=<type>
    The
    <type>
    is based on the format of the keystore, usually
    jks
    or
    pks12
    .
  • org.apache.ws.security.crypto.merlin.keystore.alias=<alias>
    The
    <alias>
    is the name that the private key and certificate are known by.
  • org.apache.ws.security.crypto.merlin.keystore.password=<password>
    where
    <password>
    is an optional property. Include a password if one is required for a keystore.
  • org.apache.ws.security.crypto.merlin.file=<keystore filename>
The keystore must be accessible by the server from the file system using the path specified by
org.apache.ws.security.crypto.merlin.file
in
crypto.properties
. Also, the crypto.properties file must be available on the server's classpath. The target location of these files varies depending on the target platform.
The following is an example of crypto.properties:
org.apache.ws.security.crypto.merlin.keystore.password=pw org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.file=ae.keystore org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.alias=myadmin


Updated March 13, 2020