Actions of Request and Response Policy
The following table shows message protection policy congurations and the resulting message
security operations performed by the WS-Security SOAP message security providers for that
TABLE 10–1 Messageprotection policy to WS-Security SOAPmessage security operation mapping
MessageProtectionPolicy ResultingWS-SecuritySOAPmessageprotectionoperations
auth-source="sender" Themessage contains a wsse:Security headerthat
contains a wsse:UsernameToken (withpassword).
auth-source="content" The content of theSOAP messageBody is signed.The
message contains awsse:Security header that contains
the message Body signature representedas a
The content ofthe SOAP messageBody isencrypted and
replaced with theresulting xend:EncryptedData. The
message contains a wsse:Security header that contains
a wsse:UsernameToken (with password) and an
xenc:EncryptedKey. The xenc:EncryptedKey contains
the key usedto encrypt the SOAP message body.The key
is encrypted inthe public key of the recipient.
The content ofthe SOAP messageBody isencrypted and
replaced with theresulting xend:EncryptedData. The
xenc:EncryptedData is signed. Themessage contains a
wsse:Security header that containsan
xenc:EncryptedKey and a ds:Signature. The
xenc:EncryptedKey contains the keyused to encrypt the
SOAP message body.The key is encrypted in thepublic
key of therecipient.
The content ofthe SOAP messageBody issigned, then
encrypted, and thenreplaced with the resulting
xend:EncryptedData. The message containsa
wsse:Security header that containsan
xenc:EncryptedKey and a ds:Signature. The
xenc:EncryptedKey contains the keyused to encrypt the
SOAP message body.The key is encrypted in thepublic
key of therecipient.
ConguringtheEnterprise ServerforMessage Security
SunGlassFishEnterpriseServer2.1AdministrationGuide • December2008134