<MessageParts> Element for <Integrity> Element
Specifies the parts of the SOAP message that must be digitally signed.
<policyDocument> Element
<policies> Element
<Policy> Element (WSE for Microsoft .NET) (1)
<Integrity> Element
<MessageParts Dialect="https://schemas.xmlsoap.org/2002/12/wsse#part" >
wsp:Body() wsp:Header("NameOfSOAPHeader") wse:Timestamp()
wse:UsernameToken() wse:Addressing()
</MessageParts>
Attributes and Elements
Attributes
| Attribute | Description |
|---|---|
Dialect |
Required attribute. Specifies the expression dialect to use to express the parts of a SOAP message. Must be https://schemas.xmlsoap.org/2002/12/wsse#part |
Child Elements
None
Parent Elements
| Element | Description |
|---|---|
Specifies the digital signature requirements for a SOAP message. |
Text Value
A text value is required. The text value specifies the parts of a SOAP message that must be digitally signed. The parts are each separated by a space.
The following table lists the valid message parts for the <MessageParts> element.
| Value | Description |
|---|---|
wsp:Body() |
Specifies the digital signature requirements for the <Body> element of the SOAP envelope. |
wsp:Header("NameOfSOAPHeader") |
Specifies the digital signature requirements for the specified SOAP header. Custom SOAP headers can be specified only if they are one level below <soap:Header>. |
wse:Timestamp() |
Specifies the <Timestamp> element within a Security SOAP header. This assumes the |
wse:UsernameToken() |
Specifies all Username tokens in the message. This assumes the |
wse:Addressing() |
Specifies all the addressing headers in the message. This assumes the |
Remarks
WSE supports only the "https://schemas.xmlsoap.org/2002/12/wsse#part" dialect, as specified in the WS-PolicyAssertions specification.
Example
The following code example defines a policy assertion named signed-body-x509 that requires the digital signing of the <Body> element, timestamp header, and all addressing headers by an X509SecurityToken and requires that SOAP messages sent to the http://www.cohowinery.com/Service1.asmx endpoint adhere to the policy assertion.
Note
This code example is designed to demonstrate WSE features and is not intended for production use.
<?xml version="1.0" encoding="utf-8"?>
<policyDocument xmlns="https://schemas.microsoft.com/wse/2003/06/Policy">
<mappings>
<endpoint uri="http://www.cohowinery.com/Service2.asmx">
<defaultOperation>
<request policy="#signed-body-x509" />
<response policy="" />
<fault policy="" />
</defaultOperation>
</endpoint>
</mappings>
<policies xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wse="https://schemas.microsoft.com/wse/2003/06/Policy"
xmlns:wsa="https://schemas.xmlsoap.org/ws/2004/03/addressing"
xmlns:wssp="https://schemas.xmlsoap.org/ws/2002/12/secext"
xmlns:wsp="https://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:wssc="https://schemas.xmlsoap.org/ws/2004/04/sc"
xmlns:rp="https://schemas.xmlsoap.org/rp">
<!--This policy requires that the body be digitally signed by an X509
security token.-->
<wsp:Policy wsu:Id="signed-body-x509">
<wssp:Integrity wsp:Usage="wsp:Required">
<wssp:TokenInfo>
<wssp:SecurityToken>
<wssp:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</wssp:TokenType>
</wssp:SecurityToken>
</wssp:TokenInfo>
<wssp:MessageParts xmlns:rp="https://schemas.xmlsoap.org/rp" Dialect="https://schemas.xmlsoap.org/2002/12/wsse#part">wsp:Body() wse:Timestamp() wse:Addressing()</wssp:MessageParts>
</wssp:Integrity>
</wsp:Policy>
</policies>
</policyDocument>