Share this page
Advanced Settings dialog box
This dialog box lets you configure advanced settings for security scenario in the areas of Encoding, Advanced Standards, Security, or HTTP and Proxy. You access these setting using the Security Scenario Editor dialog box.
Not all settings are relevant for all scenarios—some of them might be disabled or hidden depending on the scenario type.
Encoding
The Encoding tab lets you indicate the type of encoding to use for the messages: Text, MTOM, or Binary. The default is Text encoding.
For each of these encoding methods, you can choose a version of WS-Addressing:
-
None
-
WSA 1.0
-
WSA 04/08
Tip: To instruct a SOAP request to leave out WS-Addressing, add a web_service_set_option function with the ExcludeWseHeaders flag set to true before the web_service_call function. For details, see the Function Reference.
Advanced Standards
This tab lets you configure advanced WS- standards, such as Reliable Messaging and the Via address option.
-
If your service implements the WS-ReliableMessaging specification, enable the Reliable Messaging option and set the following options:
-
Reliable messaging ordered. indicates whether the reliable session should be ordered
-
Reliable messaging version. WSReliableMessagingFebruary2005 or WSReliableMessaging11
-
-
Via address option. In certain instances, you may need to send a message to an intermediate service that submits it to the actual server. This may also apply when you send the message to a debugging proxy. This corresponds to the WCF clientVia behavior.
In such cases it may be useful to separate the physical address to which the message is actually sent, from the logical address for which the message is intended. The logical address may be the physical address of the final server or any name. It appears in the SOAP message as follows:
<wsa:Action>http://myLogicalAddress<wsa:Action>
The logical address is retrieved from the user interface. By default, it is the address specified in the WSDL. You can override this address from the Manage Services dialog box.
Security
The Advanced security settings correspond to the WS-Security specifications.
For security scenarios that are based upon WCF WSHttpBinding, you can indicate the following settings:
-
Enable secure session. Establish a security context using the WS-SecureConversation standard.
-
Negotiate service credentials. Allow WCF proprietary negotiations to negotiate the service's security.
For WSHttpBinding, Custom Binding, or WSFederationHttpBinding WCF type scenarios, you can set the default algorithm suite and protection level:
|
Attribute |
Meaning |
Possible Values |
|---|---|---|
|
Default Algorithm Suite
|
The algorithm to use for symmetric/
asymmetric encryption. These are the values from the SecurityAlgorithmSuite configuration in WCF:
|
|
|
Protection Level
|
Should the SOAP Body be encrypted/signed
|
None, Sign, and EncryptAndSign (default)
|
For Custom Binding or WSFederationHttpBinding WCF type scenarios, you can customize the security settings in greater detail. The following table describes the options and their values:
|
Attribute |
Meaning |
Possible Values |
|---|---|---|
|
Message Protection Order
|
The order for signing and encrypting
|
|
|
Message Security Version
|
The WS-Security security version
|
A list of the current versions
|
|
Security Header Layout
|
The layout for the message header
|
|
|
Key Entropy Mode
|
The entropy mode for the security key.
|
|
You can enable or disable the following options:
-
Require derived keys. Indicates whether or not to require derived keys.
-
Require security context cancellation. Disabling this option implies that stateful security tokens will be used in the WS-SecureConversation session (if enabled).
-
Include timestamp. Includes a timestamp in the header.
-
Allow serialized token on reply. Enables the reply to send a serialized token.
-
Require signature confirmation. Instructs the server to send a signature confirmation in the response.
For X.509 certificates, you can specify values for the following items:
|
Attribute |
Meaning |
Possible Values |
|---|---|---|
|
X509 Inclusion Mode
|
When to include the X509 certificate
|
|
|
X509 Reference Style
|
How to reference the certificate
|
|
|
X509 require derived keys
|
Should X509 certificates require derived keys
|
|
|
X509 key identifier clause type
|
The type of clause used to identify the X509 key.
|
|
HTTP and Proxy
This tab lets you set the HTTP and proxy information for your test.
The following table describes the HTTP(S) Transport options.
|
Option |
Meaning |
Possible Values |
|---|---|---|
|
Transfer mode
|
The transfer method for requests/responses
|
Buffered, Streamed, StreamedRequest, StreamedResponse
|
|
Max response size (KB)
|
The maximum size of the response before being concatenated
|
Default 65 KB
|
|
Allow cookies
|
Enable cookies
|
Enabled/Disabled
|
|
Keep-Alive Enabled
|
Enable keep-alive connections
|
Enabled/Disabled
|
|
Authentication scheme
|
HTTP authentication method
|
None, Digest, Negotiate, NTLM, IntegratedWindows
Authentication, Basic, Anonymous |
|
Realm
|
The realm of the authentication scheme
|
Any URL
|
|
Require client certificate
|
For SSL transport, require a certificate
|
Enabled/Disabled
|
Proxy information: If the Web Service's transport uses a proxy server, you can specify its details in the Security tab. The following table describes the proxy options:
|
Option |
Meaning |
Possible Values |
|---|---|---|
|
Use default web proxy
|
Use machine's default proxy settings
|
Enabled/Disabled
|
|
Bypass proxy on local
|
Ignore proxy when the service is on the local machine
|
Enabled/Disabled
|
|
Proxy address
|
the proxy server
|
Any URL
|
|
Proxy authentication scheme
|
HTTP authentication method on Proxy
|
None, Digest, Negotiate, NTLM, IntegratedWindows
Authentication, Basic, Anonymous |
