When the http://www.ibm.com/websphere/webservices/wssecurity/dialect-was dialect value is selected, the following are valid keyword values:
Required
Integrity
- action
- Specifies the wsa:Action element.
- body
- Specifies the SOAP body element.
- dsigkey
- Specifies the key information element, which is used for digital
signature.
- enckey
- Specifies the ds:KeyInfo element, which is used
for encryption.
- messageid
- Specifies the wsa:MessageID element.
- relatesto
- Specifies the wsa:RelatesTo element.
- securitytoken
- Specifies any security token elements, for example the wsse:BinarySecurityToken element.
- timestamp
- Specifies the wsu:Timestamp element. This element
determines whether the message is valid based upon the time that the
message is sent and then received.
- to
- Specifies the wsa:To element.
- wsaall
- Specifies all of the WS-Addressing elements in the SOAP header.
- wsafaultto
- Specifies the wsa:FaultTo WS-Addressing element
in the SOAP header.
- wsafrom
- Specifies the wsa:From WS-Addressing element
in the SOAP header.
- wsareplyto
- Specifies the wsa:ReplyTo WS-Addressing element
in the SOAP header.
- wscontext
- Specifies the WS-Context header for the SOAP header. For more
information, see Propagating
work area context over Web services.
Required Confidentiality
- bodycontent
- Specifies the SOAP body
- digestvalue
- Specifies the ds:DigestValue element within the ds:Signature element
- signature
- Specifies an entire signature. You can encrypt the signature element, ds:Signature,
by selecting this message part.
Note: If the value of a ds:DigestValue element
in a signature needs to be encrypted, the entire parent ds:Signature element
must be encrypted. You can use the signature keyword to perform the
encryption.
- usernametoken
- Specifies the wsse:UsernameToken element
When the
http://www.w3.org/TR/1999/REC-xpath-1999116 dialect
value is selected, then the keyword value can be any valid XPath expression
that points to a part of the message. For example:
/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']
/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Body']
Note: Do
not use this transform algorithm if you want your configured application
to be compliant with the Basic Security Profile (BSP). Instead use http://www.w3.org/2002/06/xmldsig-filter2 to
ensure compliance.