Layer7 API Management

I am using API GateWay 9.1 product.

I want to build a policy which applies WS-Security 1.0 to a request with Exclusive XML Canonicalization WithComments or without comments.

I use the assertions:
+ Configure WS-Security Decoration, with
- - WS-Security Version: 1.0

- - Timestamp: Never include

- - Signature: SHA-256

- - Signing Key Reference: SHA-256

- - Key: IssuerSerial

- - Timestamp Signature:: <unchanged>

- - Sign Security Tokens: On

- - Data Encryption: <Unchanged>

- - Key Encryption: <Unchanged>

- - Encryption Key Reference: BinarySecurityToken

+ Apply WS-Security, with

- - Remove and recreate matching security header: On

- - Omit Actor attribute

- - Apply WS-Security

- - Version: 1.0

- - Use Selected certificate for default receipient [selected]

Is there any way to select whether to use Exclusive XML Canonicalization WithComments or 'without comments'?

as identified by 'http://www.w3.org/2001/10/xml-exc-c14n#'

I cannot see any option or assertion to make the choice.

I hope someone can help..

Greetings, Sebastian van Voorn.

Sebastian,

The gateway does not allow a way to create a signature/encryption with the option of Exclusive XML Canonicalization Version 1.0  as the Canonicalization Method only without http://www.w3.org/2001/10/xml-exc-c14n#. We do allow the WithComments method inbound when we confirm a signature/encryption along with others which can be controlled through the Cluster Wide Property - security.xml.dsig.permittedTransformAlgorithms.

Sincerely,

Stephen Hughes

Broadcom Support