WS-Security STS Token
If the backend web service, which is of SOAP type via Apinizer, needs to receive Tokens from the Security Token Service, this policy should be used before WS-Security settings.
The picture below shows the WS-Security STS Token settings:
Definition Section
The picture below shows the Definition settings:
The fields used for the Definition settings configuration are shown in the table below.
Field | Description |
|---|---|
Description | A description can be written to facilitate the use and management of the policy. |
Token Service Provider Section
The picture below shows the Token Service Provider settings:
The fields used for the Token Service Provider settings configuration are shown in the table below.
Field | Description |
|---|---|
Token Service Name | The token provider is the service name of the service. |
Token Service Port Name | The port name of the token provider service |
IWSTrust 13 Url | The address of the endpoint of the service. |
Applies To Url | It is the "Applies To Url" information that will be included in the message body. |
Connection Timeout (seconds) | It is the information of how long (in seconds) the request will time out. |
Token Cache Period (seconds) | It is the information for how long (in seconds) the Token information received from the returned request will be cached. If the value is "0(zero)", the Token will not be cached, a separate Token request is made for each request that will go to the backend. |
Must Understand | This field is used to set the mustUnderstand attribute value of the added WS-Security XML elements to true, false or none. |
Usernames and Passwords Section
The picture below shows the Usernames and Passwords settings:
The fields used for the Usernames and Passwords settings configuration are shown in the table below.
Field | Description |
|---|---|
Password Type | Password type can be Text or Digest. When Text is selected, the password field is clearly sent to the Token web service, when digest is selected, it is encrypted. 
Digest password generation algorithm: Base64 ( SHA1 ( nonce + created + clear text password ) ) |
Add Nonce to Username Token | If this field is checked, nonce information is generated and added to the WS-Security UsernameToken element. (If the password type is Digest, it is mandatory.) |
Add Created to Username Token | If this field is checked, the created information is added to the WS-Security UsernameToken element. (If the password type is Digest, it is mandatory.) |
Condition | If the token service is desired to be accessed by different users, more than one user name and password and the condition expressing the relevant situation in which case this pair is desired to work are entered in this field. If there is more than one user name and password pair at runtime, their conditions are executed and the user name and password information that matches the condition is used. If there is more than one username and password that meets the condition, the first one to match is preferred. |
WSA Settings Section
The picture below shows the WSA settings:
The fields used for the WSA settings configuration are shown in the table below.
Field | Description |
|---|---|
Must Understand | This field is used to set the mustUnderstand attribute value of the added WSA elements to true, false or none. |
Version | It is the information of which WSA version to use. |
Add Default Action | When activated, it allows adding the "action" information defined in the settings. |
Action | When the "Add Predefined Action" option is disabled, it allows adding the desired "action" information regardless of the definition. |
Add Default To | When activated, it allows adding the "to" information defined in the settings. |
To/Reply To | When the "Add Default To" option is disabled, it allows adding the desired "to" information regardless of the definition. |
Generate Message ID | It allows the automatically generated UUID information to be added to the message when activated. |
Message ID | When the "Generate Message ID" option is deactivated, the desired constant "UUID" information is added. |
From | It allows the desired "From" information to be added to the message. |
Fault To | It allows the desired "Fault to" information to be added to the message. |
Relates To | It allows the desired "Relates To" information to be added to the message. |
| It allows the desired "RelationShip Type" information to be added to the message. |
Timestamp Settings Section
The picture below shows the Timestamp settings:
The fields used for the Timestamp settings configuration are shown in the table below.
Field | Description |
|---|---|
Created Date Format | Specifies the format in which the time fields will be created. By default, the time format used in SOAP Messages is used. Java notation should be used. |
Expires Date Format | Specifies the format in which the time fields will be created. By default, the time format used in SOAP Messages is used. Java notation should be used. |
Expiration Period (min) | It is used to set the information for how long (in minutes) the Token will be valid. |