Server User Guide > Security Configurations > Security Configurations
  

Security Configurations

The OASIS WS-Security V1.0 (WSSE) standard establishes a framework for assuring the integrity and confidentiality of SOAP messages. Message integrity is assured via digital signature, and confidentiality of message data is achieved via encryption. The standards referenced by WS-Security V1.0 are supported by Process Server.
To use WS-Security features, you must set up the container in which Process Server is deployed with the necessary certificates manager or keystores that are often used for standard SSL processing. Also, you must provide a properties file that contains settings required for Process Server to interact with your platform’s encryption and certificate management. The properties file is named crypto.properties.
The following properties must be set in crypto.properties to match the your platform:
The keystore must be accessible by the server from the file system using the path specified by org.apache.ws.security.crypto.merlin.file in crypto.properties. Also, the crypto.properties file must be available on the server's classpath. The target location of these files varies depending on the target platform.
The following is an example of crypto.properties:
org.apache.ws.security.crypto.merlin.keystore.password=pw
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.file=ae.keystore
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.alias=myadmin
See also Configuring Authentication for SAML-Secured Services.