Security (Magic xpa 3.x)
|
Note:
|
Contact your vendor to find out the required security measures.
|
If a client module exists, the Security tab is enabled with the following properties:
|
|
|
|
Security Level
|
Determines whether the security level is Transport, WS-Security, or None.
The None level gives no security. However, you can still provide basic authentication by for example using a header that requires a username and password.
See How Do I Send a SOAP Header with the Request and Get the Result?
The Transport level protects the whole HTTP communication. You use SSL to do this.
See Consuming Web Services Over SSL with Magic xpa
The WS-Security level works on the SOAP level. Communication is not encrypted, but some parts of the request are hidden, encrypted or digitally signed.
|
|
Authentication Type
|
Determines whether the authentication type is Kerberos, SSL, Digest, Basic, or None.
The Authentication Type is only enabled when the Security Level property is set to Transport or WS-Security.
The Kerberos and SSL options are only available if the Security Level is set to Transport. Digest, Basic, and None are available when the Security Level is set to WS-Security.
|
The following properties are enabled when the Security Level property is set to WS-Security:
|
|
|
|
Encryption Algorithm
|
Specifies the algorithm used for encryption.
|
|
Signing Algorithm
|
Specifies the algorithm used for digital signing.
|
|
Include Timestamps
|
This check box is enabled only when the Security Level is set to WS-Security. When this check box is selected, a timestamp is added to the SOAP request.
|
|
Operation
|
The name of the SOAP operation.
|
|
Request
|
Determines how to secure the SOAP request (for a specific operation).
|
|
Response
|
Determines how the SOAP response is secured (for a specific operation).
|
How Do I Securely Access a Web Service?
