Using Discrete Security Operations in a Policy Assertion

This section contains task-oriented topics that explain how to use discrete security operations, such as digitally signing a SOAP message in a policy assertion. That is, topics in this section detail how to implement a security operation for a particular SOAP message - not a scenario, as the Turnkey Security Assertions do. In building a custom policy assertion, these discrete security operations can be combined to secure a scenario.

In This Section

• Signing and Encrypting SOAP Messages
  Describes how to digitally sign or encrypt a SOAP message.

• How to: Add Security Credentials to a SOAP Message
  Shows how to add a security token to a SOAP message for the purposes of client authentication.

• Authorizing Access to a Web Service
  Shows how to authorize access to a Web service based on a security token in the SOAP message.

• Discrete Security Operations Supported By the Built-in Security Tokens
  Shows how to use the built-in security tokens to perform a discrete security operation, such as digitally signing a SOAP message.