Lawrence Johnbosco wrote:
Hello,
I've a security requirement to encrypt only a part of the SOAP body and not
the Whole body. All the samples seems to refer only the encryption of Whole
Body like this:
<entry key="encryptionParts" value="{Element}{
http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body
"/>
When I tried with my own version of encryptionParts definition, it doesn't
work.
Did any of you provide references to define only a specific portion of the
SOAP Body. Also, the specific portion may or may not present but at most one
element will be encrypted.
Thanks,
Lawrence
Yes, you can encrypt or sign your own specific body/header elements,
like below,
For a schema below:
<wsdl:types>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:tns="http://ws.xyz.com/";
attributeFormDefault="unqualified"
elementFormDefault="qualified"
targetNamespace="http://ws.xyz.com/";>
<xsd:element name="purchase">
<xsd:complexType>
<xsd:sequence>
<xsd:element minOccurs="0" name="arg0"
type="xsd:string"/>
<xsd:element minOccurs="0" name="arg1"
type="xsd:string"/>
<xsd:element name="arg2" type="xsd:int"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
....
</xsd:schema>
</wsdl:types>
You can specify property as,
<entry key="encryptionParts" value="{Element}{http://ws.xyz.com/}/arg1"/>
or using ws-security policy as,
<cns:arg1 xmlns:cns="http://ws.xyz.com/"/>
With Regards,
Mayank
