The most important to know about WCF integration (3 of 5)
When WS-SecureConversation is needed
Define a ws-SecureconVersation wsdl file for a separate service as explained earlier.
Select the template and “policy-id” that supports ws-sc, both this service and backend business service.
No need to specify the WS-SC version policy parameter by default.
The WS-SC service’s request/response schema validation should be disabled.
The backend service then will use the SCT issued by DP, when WS-SC is not enabled, the client X509/Kerberos token is used instead.
DataPower WCF integration
© 2010 IBM Corporation
A configuration to be highlighted is as follows:
The output response is signed and encrypted. Once the message is encrypted, it will fail the schema validation if schema validation is enabled.
Hence for STS > RequestSecurityToken
Uncheck "Schema validate request messages" and "Schema validate response
messages" And for the application,
Uncheck "Schema validate response messages"
Page 15 of 19