Using Binary Security Token with WS-Security Policy

Learn how to authenticate a web service request with CA SiteMinder Binary Security Token with a WS-Security Policy.

Using Admin Console CA SiteMinder Use Cases

Integrate CA SiteMinder with Policy Manager (Main Topic)


The WS-Security Binary Token Use Case client authentication is performed with a Binary Token which appears at the SOAP layer as a signed supporting token that is always sent from the client to the service. The user is authenticated using a Binary Token password in the WS-Security header.

This use case is composed of the Authentication Policy, WS-Security Transport Binding Policy, and WS-Security Supporting Tokens Policy.

Step 1: Create Policies

In the Policies folder, use Add Policy to create the following policy configurations.

  1. Create an Authenication Policy with Subject Category = End-User, and Domain (Realms = CA SiteMinder).

  2. Create a WS-Security Transport Binding Policy with HTTPS Token > Certificate Subject Category = End-User.

  3. Create a WS-Security Supporting Tokens Policy and configure as follows:

    Screen Name Configuration Steps
    Specify Supporting Token Options
    1. Click Add Token Choice
    2. Select the Token Choice
    3. Click Add Token
    Add Supporting Token
    1. Token Type = Binary Security
    2. Token Inclusion = Always to Recipient
    3. Subject Category = End-User
    Specify Binary Security Token Options
    1. Binary Security Token Type =

Step 2: Attach Policies

  1. Attach the policies to a virtual service.

Step 3: Send Request

Send a request from the SiteMinder Client or SOAP UI as illustrated below:

Option 1: Send Request with SiteMinder Client

  1. Launch the SiteMinder client and send request with the Binary Security Token.

Option 2: Send Request from SOAP UI

  1. Launch SOAPUI and send a request with the Binary Security Token.

Step 4: Test Configuration

  1. Send requests to the virtual service and view the usage data in the Services > Monitoring section.

back to top