This topic explains how to configure and apply the XML Signature Verifier tool that verifies XML documents for security purposes.

Sections include:

Understanding XML Signature Verifier

The XML Signature standard recommended by the W3C defines a process that allows any data in XML documents to be digitally signed. OASIS specifies how this can be used with SOAP. With XML Signature, Web service users can verify the identity of others involved in a transaction and can be ensured that the data has not been altered since the document was signed.

Configuring the XML Signature Verifier Tool

The XML Signature Verifier Tool allows you to verify the authenticity of digital signatures sent with Web service transactions. 

Tool Settings

The following options display in the left pane of the Tool Settings tab:

General

When selecting General from the left pane of the Tools Settings tab, the following options are available:

Input Type Tab

The Input Type tab is only available if the XML Signer tool is added as a stand-alone tool and not chained to another tool. The following options are available from the Input Type tab:

Usage Notes

You can use the XML Signature Verifier tool as a standalone tool at the test case level by right-clicking the main test suite node and choosing Add New > Test, then selecting XML Signature Verifier from the dialog that opens.

Important: In order to perform security tests using the XML Signature Verifier, XML Signer, or XML Encryption tools, or if using Key Stores, you will need to download and install the Unlimited Strength Java Cryptography Extension. For details, see JCE Prerequisite.

Related Tutorials

The following tutorial lesson demonstrates how to use this tool: