Security Tab (Advanced Settings Dialog Box)

Relevant for: API testing only

The Advanced Security settings correspond to WS-Security specifications. You can use the following settings:

UI Element

Description

Enable secure session

Establish a security context using the WS-SecureConversation standard.

Negotiate service credentials

Allow WCF proprietary negotiations to negotiate the service's security.

Default algorithm suite

The algorithm to use for symmetric/asymmetric encryption.

The algorithm drop down list gets its values from the SecurityAlgorithmSuite configuration in WCF.

Protection level

Indicates whether the SOAP Body be encrypted/signed. The possible values are: None, Sign, and Encrypt And Sign (default).

Message protection order

The order for signing and encrypting. Choose from:

  • Sign Before Encrypt

  • Sign Before Encrypt-And Encrypt Signature

  • Encrypt Before Sign

Message security version

The WS-Security security version. You can also indicate whether to Require derived keys for the message.

Require derived keys

Indicates whether to require derived keys.

Security header layout

The layout for the message header:

  • Strict

  • Lax

  • Lax Timestamp First

  • Lax Timestamp Last

Key entropy mode

The entropy mode for the security key. The possible values are: Client Entropy, Security Entropy, and Combined Entropy.

Require security context cancellation

Indicates whether to require the cancellation of the security context. If you turn off this option, stateful security tokens will be used in the WS-SecureConversation session, if they are enabled.

Include timestamp

Includes a timestamp in the header.

Allow serialized signing token on reply

Enables the reply to send a serialized signing token.

Require signature confirmation

Instructs the server to send a signature confirmation in the response.

X509 inclusion mode

When to include the X.509 certificate:

  • Always to Recipient

  • Never

  • Once

  • Always To Initiator

Note: This and the next three options only apply when using an X.509 certificate.

X509 reference style

How to reference the certificate:

  • Internal

  • External

X509 require derived keys

Indicates whether X.509 certificates should require derived keys.

X509 key identifier clause type

The type of clause used to identify the X.509 key.

  • Any

  • Thumbprint

  • Issuer Serial

  • Subject Key Identifier

  • Raw Data Key Identifier