EncryptedParts

The EncryptedParts section of the policy specifies which part of the message should be encrypted.

<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
  <sp:Body />
  • sp:Body indicates the body message needs to be encrypted
Encrypt the body using the algorithm referenced in assertion AlgorithmSuite:
  • Create an encryption key using TripleDesRsa15 algorithm (it generates a TripleDES symmetric key and then encrypts it with a RSA1.5 public key), like in example2 that uses AES256 in the CryptoKey chapter.
  • Encrypt the body with the created key.

To find the exact syntax of security message read the specifications "Web Services Security: SOAP Message Security 1.0".