Web Service Scenario (Security Settings for Port <Port_Name> Dialog Box)

Relevant for: API testing only

When you select the standard Web Service, you set multiple different options in the following tabs:

HTTP tab

This tab enables you to set the HTTP transport level settings such as user credentials for sending a message with basic authentication, proxy settings, or message-level settings, encryption.

The user interface elements are described below.

UI Element	Description
User name Password	The credentials for HTTP authentication such as basic authentication, digest, or NTLM. Example: User name: myDomain\myUser Password: myPassword
Client certificate	The client credentials required for client certificate authentication when using two-way SSL scenarios. The Browse button opens the Select Certificate Dialog Box.
Proxy URL	The URL and port of the proxy server through which the message must pass. http://myProxy:8888/. To use the default, select Use default proxy.
Proxy user name Proxy password	The credentials for the proxy server through which the message must pass.
Keep alive	Keeps the connection persistent.
Connection timeout	The time threshold in which to connect through the proxy server or with authentication.
Manage cookies	Enables the writing of cookie information.
Use preemptive authentication	Enables you to send authentication for your Web service call without waiting for the authentication challenge from the Web service/server.

WS-Security tab

The tab enables you to add message level security using tokens, message signatures, and encryption.

The user interface elements are described below. (Unlabeled elements are shown in angle brackets).

UI Element	Description
	Security Tokens. Adds a security token to your Web service. You can select one of the following types of tokens: User Name, X509 Kerberos, Kerberos2 SAML
	Add Message Signature. Adds a signature to the message. This requires a token.
	Add Message Encryption. Adds encryption to the message. This requires a token.
<security element list>	A list of the tokens, message signatures, and encryptions.
<Encryption details pane>	The details of the encryption token. Encrypting token. The token to use for encryption, usually an X.509 type. You can select from a list of all previously created tokens. Encrypting type. Indicates whether to encrypt the whole destination Element or only its Content. Key algorithm. The algorithm to use for the encryption of the session key: RSA15 or RSAOAEP. Session algorithm. The algorithm to use for the encryption of the SOAP message. You can select from a list of common values. What to encrypt XPath (optional). An XPath that indicates the parts of the message to encrypt. If left blank, only the SOAP body is encrypted. Token (optional). The name of the encrypted token. A drop down box provides a list of all added tokens. With most services, this field should be left empty.
<Signature details pane>	The details of the digital signature used to secure the token. Signing token. The token to use for signing, usually an X.509 type. Select from the list of all added tokens. Canonicalization algorithm. A URL for the algorithm to use for canonicalization. A drop down list provides common algorithms. If you are unsure which value to use, keep the default. Transform algorithm. A URL for the Transform algorithm to apply to the message signature. A drop down list provides common algorithms. If you are unsure which value to use, keep the default. Inclusive namespaces list. A list of comma-separated prefixes to be treated as inclusive (optional). What to sign. The SOAP elements to sign: SOAP Body, Timestamp, and WS-Addressing. XPath (optional). An XPath that specifies which parts in the message to sign. If left blank, the elements selected in the Signature options field are signed. For example, *//[local-name(.)='Body']. Token (optional).** The target token you want to sign. Select from the drop down list of all added tokens. With most services, this field should be left empty.
<Token details pane> - for Kerberos tokens	Token details for Kerberos tokens: Token name. A meaningful name for the token. Host. The host name of the server against which you want to authenticate. In most cases, it is the host portion of the service URL. Domain. The Windows domain of the server against which you want to authenticate.
<Token details pane> - for Username tokens	Token details for Username tokens. Token name. A meaningful name for the token (you can use the default value). Include nonce. Includes a nonce in the token. User name, Password Password type: Text, Hash, or None. Timestamp format: Full, Created, or None.
<Token details pane> - for X509 Certificate tokens	Token name. A meaningful name for the token. Certificate. The path of the server certificate file. The Browse button opens the Select Certificate Dialog Box. Reference type. Instructs OpenText Functional Testing how to reference the security token: BinarySecurity Token or Reference. When the certificate is used for encryption, for example, a service certificate, use Reference. When using it for a signature (for example, a certificate with your private key) select BinarySecurity Token.
<Token details pane> -for SAML tokens	<SAML token assertions>. Grid view, an expandable node listing the assertions in the SAML schema. If you expand the list, you can set the attribute values. A drop down list lets you select a specific assertion. Text view, an XML reference to the token. Revert. Discards all changes made in Text view. Load from file. Enables you to browse to a SAML certificate. Certificate. The path of the certificate file. The Browse button opens the Select Certificate Dialog Box. Certificate reference type. Instructs OpenText Functional Testing how to reference the certificate: X509, Data, or RSA.
Exclude Timestamp	Removes the timestamp from the SOAP header before sending the security element to the server.

WS-Addressing tab

The WS-Addressing tab indicates whether WS-Addressing is used by the service, and if so, its version number. You can also specify the IP address of the server to which you want the response to be sent.