FMS
<<< Previous	AS4 Client Utility	Next >>>

FMS AS4 Light Client Push Security Context

The following example provides a typical security context file that may be used by the send example above when no signing and no encryption is required. The various p-mode security settings are overriden by the security context file including the signature and encryption settings.

\
\<xwss:SecurityConfiguration dumpMessages='false'
\ retainSecurityHeader='true' enableDynamicPolicy='false' xmlns:xwss='http://java.sun.com/xml/ns/xwss/config'>
\<!-- RCSfile: sc.xml,v Revision: 1.1.2.3 Date: 2019-02-13 06:37:50 -->
\  <!-- Also see
\   http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html -->
\  <!-- <xwss:Timestamp/> manual signing of timestamp -->
\  <!-- No sign and no encrypt -->
\</xwss:SecurityConfiguration>
\
\

The following example provides a typical security context file that may be used by the send example above when signing but no encryption is required. The various p-mode security settings are overriden by the security context file including the signature and encryption settings.

\
\<xwss:SecurityConfiguration dumpMessages='false'
\ retainSecurityHeader='true' enableDynamicPolicy='false' xmlns:xwss='http://java.sun.com/xml/ns/xwss/config'>
\<!-- RCSfile: sc.sign.xml,v Revision: 1.1.2.2 Date: 2019-02-13 07:02:45 -->
\  <!-- Also see
\   http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html -->
\  <!-- <xwss:Timestamp/> manual signing of timestamp -->
\  <!-- sign soap messaging, body and payload -->
\  <xwss:Sign includeTimestamp="false"> <!-- set this to false to ensure no sha1 sig is added -->
\    <xwss:X509Token certificateAlias='fmsrns'/> <!-- remove keyReferenceType for bst -->
\    <xwss:CanonicalizationMethod algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
\    <xwss:SignatureMethod algorithm='http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'/>
\    <xwss:SignatureTarget type='uri' value='cid:*' enforce='false'>
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform
\       algorithm='http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform'/>
\    </xwss:SignatureTarget>
\    <xwss:SignatureTarget type='qname'
\     value='{http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/}Messaging' enforce='false'>
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
\        <xwss:AlgorithmParameter name="InclusiveNamespaces" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
\      </xwss:Transform>
\    </xwss:SignatureTarget>
\    <xwss:SignatureTarget type='qname' value='{http://www.w3.org/2003/05/soap-envelope}Body' enforce="false">
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'>
\        <xwss:AlgorithmParameter name="InclusiveNamespaces" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
\      </xwss:Transform>
\    </xwss:SignatureTarget>
\  </xwss:Sign>
\</xwss:SecurityConfiguration>
\
\

The following example provides a typical security context file that may be used by the send example above when encryption but no signing is required. The various p-mode security settings are overriden by the security context file including the signature and encryption settings.

\
\<xwss:SecurityConfiguration dumpMessages='false' retainSecurityHeader='true'
\ enableDynamicPolicy='false' xmlns:xwss='http://java.sun.com/xml/ns/xwss/config'>
\<!-- RCSfile: sc.enc.xml,v Revision: 1.1.2.1 Date: 2019-02-13 06:38:57 -->
\  <!-- Also see
\   http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html -->
\  <!-- <xwss:Timestamp/> manual signing of timestamp -->
\  <!-- encrypt payload -->
\  <xwss:Encrypt>
\    <xwss:X509Token certificateAlias='fmsrns'/> <!-- remove keyReferenceType for bst -->
\    <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
\    <xwss:DataEncryptionMethod algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
\    <xwss:EncryptionTarget type='qname' value='{http://www.w3.org/2003/05/soap-envelope}Body' enforce="false"/>
\    <xwss:EncryptionTarget type='uri' value='cid:*' enforce='true'/>
\  </xwss:Encrypt>
\</xwss:SecurityConfiguration>
\
\

The following example provides a typical security context file that may be used by the send example above when both signing and encryption are required. The various p-mode security settings are overriden by the security context file including the signature and encryption settings.

\
\<xwss:SecurityConfiguration dumpMessages='false' retainSecurityHeader='true'
\ enableDynamicPolicy='false' xmlns:xwss='http://java.sun.com/xml/ns/xwss/config'>
\<!-- RCSfile: sc.signenc.xml,v Revision: 1.1.2.1 Date: 2019-02-13 06:38:46 -->
\  <!-- Also see
\   http://docs.oracle.com/cd/E17802_01/webservices/webservices/docs/1.6/tutorial/doc/XWS-SecurityIntro4.html -->
\  <!-- <xwss:Timestamp/> manual signing of timestamp -->
\  <!-- sign soap messaging, body and payload and encrypt payload -->
\  <xwss:Sign includeTimestamp="false"> <!-- set this to false to ensure no sha1 sig is added -->
\    <xwss:X509Token certificateAlias='fmsrns'/> <!-- remove keyReferenceType for bst -->
\    <xwss:CanonicalizationMethod algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
\    <xwss:SignatureMethod algorithm='http://www.w3.org/2001/04/xmldsig-more#rsa-sha256'/>
\    <xwss:SignatureTarget type='uri' value='cid:*' enforce='false'>
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform
\       algorithm='http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Content-Signature-Transform'/>
\    </xwss:SignatureTarget>
\    <xwss:SignatureTarget type='qname'
\     value='{http://docs.oasis-open.org/ebxml-msg/ebms/v3.0/ns/core/200704/}Messaging' enforce='false'>
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
\        <xwss:AlgorithmParameter name="InclusiveNamespaces" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
\      </xwss:Transform>
\    </xwss:SignatureTarget>
\    <xwss:SignatureTarget type='qname' value='{http://www.w3.org/2003/05/soap-envelope}Body' enforce="false">
\      <xwss:DigestMethod algorithm='http://www.w3.org/2001/04/xmlenc#sha256'/>
\      <xwss:Transform algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'>
\        <xwss:AlgorithmParameter name="InclusiveNamespaces" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
\      </xwss:Transform>
\    </xwss:SignatureTarget>
\  </xwss:Sign>
\  <xwss:Encrypt>
\    <xwss:X509Token certificateAlias='fmsrns'/> <!-- remove keyReferenceType for bst -->
\    <xwss:KeyEncryptionMethod algorithm="http://www.w3.org/2009/xmlenc11#rsa-oaep"/>
\    <xwss:DataEncryptionMethod algorithm="http://www.w3.org/2009/xmlenc11#aes128-gcm"/>
\    <xwss:EncryptionTarget type='qname' value='{http://www.w3.org/2003/05/soap-envelope}Body' enforce="false"/>
\    <xwss:EncryptionTarget type='uri' value='cid:*' enforce='true'/>
\  </xwss:Encrypt>
\</xwss:SecurityConfiguration>
\
\

<<< Previous	Home	Next >>>
FMS AS4 Light Client Pull PMode	Up	Interpreting AS4 Light Client Results