Managing Portlet Producers 23-5 WSS 1.0 Username Token With Password, WSS 1.0 SAML Token, WSS 1.0 SAML Token With Message Integrity, WSS 1.0 SAML Token With Message Protection, and WSS 1.1 SAML Token With Message Protection. Where SAML is an abbreviation for Security Assertion Markup Language. For detailed parameter information, see Table 23–2 . Note: PeopleSoft WSRP producers support two profiles: Username Token With Password and SAML Token With Message Integrity. Oracle Portal as a consumer supports three profiles: Username Token Without Password, Username Token With Password, SAML Token With Message Integrity. Other Oracle WSRP producers support all six profiles. For other WSRP containers, check with the specific vendor to determine the token formats they support. Table 23–2 WSRP Producer Security Connection Parameters Field Description Token Profile Select the type of token profile to use for authentication with this WSRP producer. Select from: ■ WSS 1.0 SAML Token With Message Integrity wss10_saml_token_with_message_integrity_client_policy—This policy provides message-level integrity protection and SAML-based authentication for outbound SOAP requests in accordance with the WS-Security 1.0 standard. A SAML token, included in the SOAP message, is used in SAML-based authentication with sender vouches confirmation. This policy uses WS-Securitys Basic 128 suite of asymmetric key technologies and SHA-1 hashing algorithm for message integrity. ■ WSS 1.0 SAML Token With Message Protection oraclewss10_saml_token_with_message_protection_client_polic y—This policy provides message-level protection integrity and confidentiality and SAML-based authentication for outbound SOAP requests in accordance with the WS-Security 1.0 standard. The Web service consumer includes a SAML token in the SOAP header and the confirmation type is sender-vouches. This policy uses WS-Securitys Basic 128 suite of asymmetric key technologies. Specifically, RSA key mechanisms for message confidentiality, SHA-1 hashing algorithm for message integrity, and AES-128 bit encryption. ■ WSS 1.0 Username Token Without Password oraclewss10_username_id_propagation_with_msg_protection_c lient_policy—This policy provides username with password token profile based identity propagation with certificate based message protection for outbound SOAP requests in accordance with the WS-Security 1.0 standard. Credentials username only are included in outbound SOAP request messages through a WS-Security UsernameToken header. No password is included. Message protection is provided using WS-Security 1.0s Basic 128 suite of asymmetric key technologies. Specifically, RSA key mechanisms for message confidentiality, SHA-1 hashing algorithm for message integrity, and AES-128 bit encryption. 23-6 Oracle Fusion Middleware Administrators Guide for Oracle WebCenter Token Profile cont. ■ WSS 1.0 Username Token With Password oraclewss10_username_token_with_message_protection_client_ policy—This policy provides username with password token profile based identity propagation with certificate based message protection for outbound SOAP requests in accordance with the WS-Security v1.0 standard. Both plain text and digest mechanisms are supported. This policy uses WS-Securitys Basic 128 suite of asymmetric key technologies. Specifically, RSA key mechanism for message confidentiality, SHA-1 hashing algorithm for message integrity, and AES-128 bit encryption. Use this token profile if the WSRP producer has a different identity store. You will need to define an external application pertaining to the producer and associate the external application with this producer. ■ WSS 1.0 SAML Token oraclewss10_saml_token_client_policy—This policy provides SAML-based authentication for outbound SOAP request messages in accordance with the WS-Security 1.0 standard. The policy propagates user identity and is typically used in intra departmental deployments where message protection and integrity checks are not required. This policy does not require any keystore configuration. ■ WSS 1.1 SAML Token with Message Protection oraclewss11_saml_token_with_message_protection_client_polic y—This policy provides message-level protection integrity and confidentiality and SAML token population for outbound SOAP requests in accordance with the WS-Security 1.1 standard. A SAML token, included in the SOAP message, is used in SAML-based authentication with sender vouches confirmation. This policy uses the symmetric key technology for signing and encryption, and WS-Securitys Basic 128 suite of asymmetric key technologies for endorsing signatures. ■ None —No token. If None is selected, no WS-Security header is attached to the SOAP message. Configuration Select: ■ Default to use a default token profile configuration. ■ Custom to provide a custom Oracle Web Service Manager configuration. Additional security options display including all the keystore properties when you select Custom. Issuer Name Enter the name of the issuer of the SAML Token. For example: www.example.com The issuer name is the attesting entity that vouches for the verification of the subject, and it must be a trusted SAML issuer on the producer end. Valid for: WSS 1.0 SAML Token With Message Integrity, WSS 1.0 SAML Token With Message Protection. WSS 1.0 SAML Token, WSS 1.1 SAML Token with Message Protection Table 23–2 Cont. WSRP Producer Security Connection Parameters Field Description