CMS Pipeline Component

Properties   Config Settings  

The CMS pipeline component implements the Cryptography Message Syntax standard for encryption and decryption with public key cryptography and X.509 digital certificates.

Remarks

The CMS pipeline component is used for encrypting, decrypting, signing, and verifying messages. The pipeline component supports processing message in PEM, DER (binary) and SMIME formats.

CMS Encoder Pipeline Component

The Encoder takes an unencrypted/unsigned data entity and generates an CMS entity as output.

Encrypting

The Encoder will only encrypt incoming data if the EncryptData property is set to True. Encrypting requires that the RecipientCert property is set to a certificate containing the public key that should be used to encrypt the data. The EncryptingAlgorithm and UseOAEP properties can be specified for further control of encryption.

Signing

The Encoder will only sign the data if the SignData property is set to True. Signing requires that the Certificate property is set to a certificate containing the private key that should be used to sign the data. The SigningAlgorithm and UsePSS properties can be specified for further control of the signature.

CMS Decoder Pipeline Component

The Decoder takes an encrypted/signed CMS entity and will decrypt/verify the message and produce the original message.

Decrypting

The Decoder will only attempt to decrypt incoming data if the DecryptData property is set to True. Decryption requires that the Certificate property is set to a certificate containing the private key that can decrypt the data (the private key that is paired with the public key that was used to encrypt the data). The RequireOAEP property can be set to True to instruct the pipeline component to throw an error if the data was not encrypted with OAEP (Optimal Asymmetric Encryption Padding).

Verifying Signatures

The Decoder will only attempt to verify the signature of the incoming data if the VerifySignature property is set to True. Verification requires that the certificate used to sign the data was attached to the message, or that the SignerCert property is set to the signer's certificate. The RequirePSS property can be set to True to instruct the pipeline component to throw an error if the data was not signed with RSA-PSS (RSA Probabilistic Signature Scheme).

Encoder Property List


The following is the full list of the properties of the encoder Pipeline Component with short descriptions. Click on the links for further details.

CertificateThe Certificate used to Sign or Decrypt messages.
EnableCompressionSpecifies whether to compress the message.
EncryptDataWhether to encrypt the data.
EncryptionAlgorithmThe algorithm to use for encryption.
IncludeCertificatesSpecifies whether to include the signer's certificate with the signed message.
OtherDefines a set of configuration settings to be used by the pipeline component.
OutputFormatSpecifies the output format.
RecipientCertThe certificate used to encrypt the data.
RuntimeLicenseSpecifies the component runtime license key.
SignatureHashAlgorithmThe signature hash algorithm used during signing.
SignDataWhether to sign the MIME data.
TempPathThe path to which temporary files are written at runtime.
TransportLogTells the component where and how to report information about its operations.
UseOAEPWhether to use OAEP when encrypting the MIME data.
UsePSSWhether to use RSA-PSS when signing.

Decoder Property List


The following is the full list of the properties of the decoder Pipeline Component with short descriptions. Click on the links for further details.

CertificateThe Certificate used to Sign or Decrypt messages.
DecryptDataWhether to decrypt the incoming data.
EnableCompressionSpecifies whether to compress the message.
OtherDefines a set of configuration settings to be used by the pipeline component.
RequireOAEPWhether an error should be thrown if OAEP was not used to encrypt the incoming message.
RequirePSSWhether an error should be thrown if RSA-PSS was not used to encrypt the incoming message.
RuntimeLicenseSpecifies the component runtime license key.
SignerCertContains the certificate of the message signer.
TempPathThe path to which temporary files are written at runtime.
TransportLogTells the component where and how to report information about its operations.
VerifySignatureWhether to attempt to verify the signature on the SMIME data.

Config Settings


The following is a list of config settings for the Pipeline Component with short descriptions. Click on the links for further details.

CompressBeforeSignSpecifies whether to compress before signing.
GenerateSignatureTimestampWhether to generate timestamps in signatures.
IncludeHeadersTells the component whether to include the headers when encoding the message.
IncludeInternalHeadersTells the component whether or not to include the internal headers when encoding the message.

Certificate Property (CMS Pipeline component)

The Certificate used to Sign or Decrypt messages.

Data Type

Certificate

Remarks

The adapter uses this certificate to sign message when encoding. This property is also used to decrypt message when decoding.

The certificate specified here must contain a private key.

DecryptData Property (CMS Pipeline component)

Whether to decrypt the incoming data.

Data Type

Boolean

Default Value

false

Remarks

If this property is true, the pipeline will attempt to decrypt the incoming message. If the data is not expected to be encrypted, this property should be set to false.

This property is not available in the Assembler/Encoder.

EnableCompression Property (CMS Pipeline component)

Specifies whether to compress the message.

Data Type

Boolean

Default Value

false

Remarks

This property specifies whether the input data will be compressed during the signing process.

If set to True the data will be compressed. If set to False (default) the data will not be compressed.

When compression is enabled the input will first be signed, and then compressed. To compress the data before signing set CompressBeforeSign.

EncryptData Property (CMS Pipeline component)

Whether to encrypt the data.

Data Type

Boolean

Default Value

false

Remarks

If False (default), the data will be encoded but not encrypted.

This property is not available in the Disassembler/Decoder.

EncryptionAlgorithm Property (CMS Pipeline component)

The algorithm to use for encryption.

Data Type

String

Default Value

"3DES"

Remarks

This property specifies the encryption algorithm to be used when encrypting. Possible values are:

  • "3DES"
  • "DES"
  • "RC2CBC40"
  • "RC2CBC64"
  • "RC2CBC128" or "RC2"
  • "AESCBC128" or "AES"
  • "AESCBC192"
  • "AESCBC256"
The default value is 3DES.

This property is not available in the Disassembler/Decoder.

IncludeCertificates Property (CMS Pipeline component)

Specifies whether to include the signer's certificate with the signed message.

Data Type

Enumeration

Possible Values

None (0)
Signer Certs (1)
Signer Certs And Chain (2)


Default Value

1

Remarks

This setting specifies which certificates (if any) are included in the signed message. By default the public certificate of the certificate used to sign the message is included. This allows the receiving party to verify the signature without any additional knowledge. If this is set to icsNone the recipient must obtain and specify the public certificate to be used for signature verification. Possible values are:

Value Description
0 (icsNone) No signer certificates are included.
1 (icsSignerCerts - default) The certificates specified in Certificate are included.
2 (icsSignerCertsAndChain) The certificates specified in Certificate and the full chain of each certificate are included.

This property is not available in the Disassembler/Decoder.

Other Property (CMS Pipeline component)

Defines a set of configuration settings to be used by the pipeline component.

Data Type

String

Default Value

""

Remarks

The pipeline component accepts one or more configuration settings. These settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the pipeline component, access to these internal properties is provided through the Other property.

The Other property may be set to one or more configuration settings (name/value pairs). Set one setting per line. For example: configname1=value1 configname2=value2

OutputFormat Property (CMS Pipeline component)

Specifies the output format.

Data Type

Enumeration

Possible Values

PEM (0)
DER (1)
SMIME (2)


Default Value

1

Remarks

This property specifies the format of the output message created when signing or encrypting.

The various formats allow for easier transport of the signed or encrypted message, as well as interoperability with other utilities.

Possible values are:

Value Description
PEM (default) A PEM formatted message. For instance: -----BEGIN CMS----- MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwGggCSABGFD b250ZW50LVR5cGU6IHRleHQvcGxhaW47IGNoYXJzZXQ9Imlzby04ODU5LTEiDQpDb250ZW50LVRy ... mlJLPoCw5pf3Cjae56oXs29IZMcDXKersNjFGYSaG0o9k3lAcj9llLFh54Xr1ljx7K0VpVvlrmgu kNHAf7cUvvilW/KrDa+T2n+sOFAAAAAAAAA= -----END CMS-----
DER The message is binary (raw bytes).
SMIME The message is S/MIME encoded. For instance: Mime-Version: 1.0 Content-Type: application/pkcs7-mime; smime-type=signed-data; name="smime.p7m" Content-Transfer-Encoding: base64 Content-Disposition: attachment; filename="smime.p7m" MIAGCSqGSIb3DQEHAqCAMIACAQExDzANBglghkgBZQMEAgEFADCABgkqhkiG9w0BBwGggCSABGFD b250ZW50LVR5cGU6IHRleHQvcGxhaW47IGNoYXJzZXQ9Imlzby04ODU5LTEiDQpDb250ZW50LVRy ... Mpc/PtPNeHA3CCFGRFnHju/yb9CsQWpgf8TTWytjP7O1hFUecW0yiuGSDeeNlQ4ZcX0TOm6haRMT lqYIrHUNMn4tYaREevNBL9CQB8MAAAAAAAA=

This property is not available in the Disassembler/Decoder.

RecipientCert Property (CMS Pipeline component)

The certificate used to encrypt the data.

Data Type

Certificate

Remarks

The adapter uses the recipient's certificate to encrypt the data so that it can be decrypted once it reaches the recipient. This property should be set to the appropriate certificate for encryption.

This property is not available in the Disassembler/Decoder.

RequireOAEP Property (CMS Pipeline component)

Whether an error should be thrown if OAEP was not used to encrypt the incoming message.

Data Type

Boolean

Default Value

false

Remarks

By default, the adapter will silently support decrypting messages regardless of whether they were encrypted with Optimal Asymmetric Encryption Padding (OAEP). If OAEP should be required, and thus an error should be thrown if OAEP is not detected, set this property to true.

This property is not available in the Assembler/Encoder.

RequirePSS Property (CMS Pipeline component)

Whether an error should be thrown if RSA-PSS was not used to encrypt the incoming message.

Data Type

Boolean

Default Value

false

Remarks

By default, the adapter will silently support decrypting and verifying messages regardless of whether they were signed with RSA Probabilistic Signature Scheme (RSA-PSS). If RSA-PSS should be required, and thus an error should be thrown if RSA-PSS is not detected, set this property to true.

This property is not available in the Assembler/Encoder.

RuntimeLicense Property (CMS Pipeline component)

Specifies the component runtime license key.

Data Type

String

Default Value

""

Remarks

You can use the RuntimeLicense property to set the runtime key for the adapter license.

This property may be configured on the adapter's static handler property page in the BizTalk Server administration console.

SignatureHashAlgorithm Property (CMS Pipeline component)

The signature hash algorithm used during signing.

Data Type

String

Default Value

"SHA256"

Remarks

This property specifies the signature hash algorithm used to prepare the message digest of signature.

When signing the input data is first hashed with the algorithm specified by this property to produce a message digest. The computed digest is then digitally signed with the certificates specified in Certificate.

The value specified here may be the name of the algorithm or the corresponding OID. Possible values are:

  • "SHA-256" (default)
  • "SHA-384"
  • "SHA-512"
  • "SHA-224"
  • "SHA1"
  • "MD5"

This property is not available in the Disassembler/Decoder.

SignData Property (CMS Pipeline component)

Whether to sign the MIME data.

Data Type

Boolean

Default Value

true

Remarks

If True (default), the certificate held in the Certificate property will be used to sign the message.

This property is not available in the Disassembler/Decoder.

SignerCert Property (CMS Pipeline component)

Contains the certificate of the message signer.

Data Type

Certificate

Remarks

This certificate is used to verify the signature on the incoming message. Setting this property is only necessary if the message does not have the signer's certificate attached to it.

This property is not available in the Assembler/Encoder.

TempPath Property (CMS Pipeline component)

The path to which temporary files are written at runtime.

Data Type

String

Default Value

""

Remarks

If you are planning on working with binary files or large files, it is recommended that you set a valid path for this property. When set to a valid path this property tells the adapter to use temp files when performing operations. If this is not set, all operations are done in memory and require that all input and output is in ASCII.

This property accepts the "%TEMP%" macro, which will be replaced with the default system temporary directory at runtime.

TransportLog Property (CMS Pipeline component)

Tells the component where and how to report information about its operations.

Data Type

Log

Remarks

This is a Log type property which contains fields describing how and where the adapter will record information about its execution.

This property may be configured on the adapter's static handler property page in the BizTalk Server administration console.

UseOAEP Property (CMS Pipeline component)

Whether to use OAEP when encrypting the MIME data.

Data Type

Boolean

Default Value

false

Remarks

By default, the adapter will use PKCS1 when encrypting the message. To use Optimal Asymmetric Encryption Padding (OAEP) instead, set this property to true.

This property is not available in the Disassembler/Decoder.

UsePSS Property (CMS Pipeline component)

Whether to use RSA-PSS when signing.

Data Type

Boolean

Default Value

false

Remarks

To use RSA Probabilistic Signature Scheme (RSA-PSS) when signing, set this property to true. Note that the certificate used to sign does not itself need to be signed with RSA-PSS; any valid RSA certificate may be used with this setting.

This property is not available in the Disassembler/Decoder.

VerifySignature Property (CMS Pipeline component)

Whether to attempt to verify the signature on the SMIME data.

Data Type

Boolean

Default Value

true

Remarks

If this property is true, the adapter will throw an error if the incoming message is unsigned, or if the signature cannot be verified using the SignerCert.

This property is not available in the Assembler/Encoder.

Certificate Type

The digital certificate being used.

Remarks

This type describes the current digital certificate. The certificate may be a public or private key. The fields are used to identify or select certificates.

Fields

Store
String

The name of the certificate store for the client certificate.

The StoreType field specifies the type of the certificate store specified by Store. If the store is password protected, specify the password in StorePassword.

Store is used in conjunction with the Subject field in order to specify client certificates. If Store has a value, and Subject is set, a search for a certificate is initiated. Please refer to the Subject field for details.

Designations of certificate stores are platform-dependent.

The following are designations of the most common User and Machine certificate stores in Windows:

MYA certificate store holding personal certificates with their associated private keys.
CACertifying authority certificates.
ROOTRoot certificates.
SPCSoftware publisher certificates.

In Java, the certificate store normally is a file containing certificates and optional private keys.

When the certificate store type is PFXFile, this property must be set to the name of the file. When the type is PFXBlob, the property must be set to the binary contents of a PFX file (i.e. PKCS12 certificate store).

If the provider is OpenSSL, the certificate store is a file containing a certificate and a private key. This property must be set to the name of the file.

StoreType
CertStoreTypes

The type of certificate store for this certificate.

The adapter supports both public and private keys in a variety of formats. When the cstAuto value is used the adapter will automatically determine the type. This field can take one of the following values:

0 (cstUser - default)For Windows, this specifies that the certificate store is a certificate store owned by the current user. Note: this store type is not available in Java.
1 (cstMachine)For Windows, this specifies that the certificate store is a machine store. Note: this store type is not available in Java.
2 (cstPFXFile)The certificate store is the name of a PFX (PKCS12) file containing certificates.
3 (cstPFXBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in PFX (PKCS12) format.
4 (cstJKSFile)The certificate store is the name of a Java Key Store (JKS) file containing certificates. Note: this store type is only available in Java.
5 (cstJKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in Java Key Store (JKS) format. Note: this store type is only available in Java.
6 (cstPEMKeyFile)The certificate store is the name of a PEM-encoded file that contains a private key and an optional certificate.
7 (cstPEMKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a private key and an optional certificate.
8 (cstPublicKeyFile)The certificate store is the name of a file that contains a PEM- or DER-encoded public key certificate.
9 (cstPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains a PEM- or DER-encoded public key certificate.
10 (cstSSHPublicKeyBlob)The certificate store is a string (binary or base64-encoded) that contains an SSH-style public key.
11 (cstP7BFile)The certificate store is the name of a PKCS7 file containing certificates.
12 (cstP7BBlob)The certificate store is a string (binary) representing a certificate store in PKCS7 format.
13 (cstSSHPublicKeyFile)The certificate store is the name of a file that contains an SSH-style public key.
14 (cstPPKFile)The certificate store is the name of a file that contains a PPK (PuTTY Private Key).
15 (cstPPKBlob)The certificate store is a string (binary) that contains a PPK (PuTTY Private Key).
16 (cstXMLFile)The certificate store is the name of a file that contains a certificate in XML format.
17 (cstXMLBlob)The certificate store is a string that contains a certificate in XML format.
18 (cstJWKFile)The certificate store is the name of a file that contains a JWK (JSON Web Key).
19 (cstJWKBlob)The certificate store is a string that contains a JWK (JSON Web Key).
21 (cstBCFKSFile)The certificate store is the name of a file that contains a BCFKS (Bouncy Castle FIPS Key Store). Note: this store type is only available in Java and .NET.
22 (cstBCFKSBlob)The certificate store is a string (binary or base64-encoded) representing a certificate store in BCFKS (Bouncy Castle FIPS Key Store) format. Note: this store type is only available in Java and .NET.
23 (cstPKCS11)The certificate is present on a physical security key accessible via a PKCS11 interface.

To use a security key the necessary data must first be collected using the CERTMGR adapter. The ListStoreCertificates method may be called after setting CertStoreType to cstPKCS11, CertStorePassword to the PIN, and CertStore to the full path of the PKCS11 dll. The certificate information returned in the CertList event's CertEncoded parameter may be saved for later use.

When using a certificate, pass the previously saved security key information as the Store and set StorePassword to the PIN.

Code Example: SSH Authentication with Security Key certmgr.CertStoreType = CertStoreTypes.cstPKCS11; certmgr.OnCertList += (s, e) => { secKeyBlob = e.CertEncoded; }; certmgr.CertStore = @"C:\Program Files\OpenSC Project\OpenSC\pkcs11\opensc-pkcs11.dll"; certmgr.CertStorePassword = "123456"; //PIN certmgr.ListStoreCertificates(); sftp.SSHCert = new Certificate(CertStoreTypes.cstPKCS11, secKeyBlob, "123456", "*"); sftp.SSHUser = "test"; sftp.SSHLogon("myhost", 22);

99 (cstAuto)The store type is automatically detected from the input data. This setting may be used with both public and private keys and can detect any of the supported formats automatically.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public Certificate();

Creates a Certificate instance whose properties can be set.

public Certificate(string certificateFile);

Opens CertificateFile and reads out the contents as an X509 public key.

public Certificate(byte[] certificateData);

Parses CertificateData as an X509 public key.

public Certificate(CertStoreTypes certStoreType, string store, string storePassword, string subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the constructor will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate(CertStoreTypes certStoreType, string store, string storePassword, byte[] encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a file containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the constructor will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

public Certificate(CertStoreTypes certStoreType, byte[] storeBlob, string storePassword, string subject);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a string (binary- or base64-encoded) containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the constructor will attempt to find the certificate identified by Subject . This can be either a complete or a substring match of the X509 certificate's subject Distinguished Name (DN).

public Certificate(CertStoreTypes certStoreType, byte[] storeBlob, string storePassword, byte[] encoded);

CertStoreType identifies the type of certificate store to use. See StoreType for descriptions of the different certificate stores. Store is a string (binary- or base64-encoded) containing the certificate store. StorePassword is the password used to protect the store. After the store has been successfully opened, the constructor will load Encoded as an X509 certificate and search the opened store for a corresponding private key.

CloudFilesAccount Type

Cloud storage service provider account credentials.

Remarks

This type is used to hold account credentials for cloud storage service providers which do not use OAuth for authentication.

Fields

HadoopURL
String

The URL of the Hadoop WebHDFS server.

This field specifies the URL of the Hadoop WebHDFS server to make requests against. It must be set when ServiceProvider is set to spHadoopDFS (10).

A full WebHDFS URL looks like http[s]://<HOST>:<PORT>/webhdfs/v1. The adapter will automatically append /webhdfs/v1 when making requests (if necessary).

The adapter automatically detects whether to secure the connection using SSL/TLS based on whether the value begins with http (not secured) or https (secured).

ProjectId
String

A Google Cloud Platform project Id string.

This field specifies the Google Cloud Platform project Id string to use for authentication. It must be set when using OAuth 2.0 authentication (via the OAuthAuthorization property) with one of these storage service providers:

  • spGoogleStorage (9)

Note that the above providers will fall back to using an AccessKey and SecretKey for authentication if either this field or the OAuthAuthorization property is empty.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public CloudFilesAccount();

Firewall Type

The firewall the component will connect through.

Remarks

When connecting through a firewall, this type is used to specify different properties of the firewall such as the firewall Host and the FirewallType.

Fields

Host
String

Name or IP address of firewall (optional). If a Host is given, requested connections will be authenticated through the specified firewall when connecting.

If the Host field is set to a Domain Name, a DNS request is initiated. Upon successful termination of the request, the Host field is set to the corresponding address. If the search is not successful, an error is returned.

Password
String

A password if authentication is to be used when connecting through the firewall. If Host is specified, the User and Password fields are used to connect and authenticate to the given firewall. If the authentication fails, a trappable error is fired.

Port
Integer

The TCP port for the firewall Host. See the description of the Host field for details.

Note that the Port is set automatically when FirewallType is set to a valid value. See the description of the FirewallType field for details.

User
String

A user name if authentication is to be used connecting through a firewall. If the Host is specified, the User and Password fields are used to connect and authenticate to the given Firewall. If the authentication fails, a trappable error is fired.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public Firewall();

Log Type

A log where the component will record information about its operations.

Remarks

This describes how and where the adapter will record information describing its execution.

Fields

Location
String

This field describes the location where the logging information is to be written.

If the EventLog LogType has been chosen, this field must contain the name of the Event Log to which the information should be written. The default value for this field is "Application". If a value other than "Application" is set the computer must be restarted for the change to take effect. Note that the same event log must be used for all send ports and receive locations that use the same adapter.

If the File LogType has been chosen, this field must contain the location of the file to write logging information to on the file system.

The adapter also supports logging to files based on the current date and time. This allows for log files to be organized by days, months, or other intervals as specified. When specifying a log filename include a valid .NET date and time format string within the < and > characters. For instance C:\logs\sftp_<yyyyMMdd>.log or C:\logs\as2_<yyyyMMdd>T<hhmm>.log.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public Log();
public Log(LogTypes logType, string location, LogModes logMode);

OAuthAuthorizationParam Type

This type holds details of the OAuth authorization.

Remarks

This type holds details of the OAuth authorization.

Fields

TimeStamp
String

The timestamp of the OAuth authorization string.

This field holds the timestamp of when the AuthorizationString was retrieved. This is used in conjunction with ExpiresIn to calculate if refreshing the token is required. For more details see ExpiresIn.

This value should not be set manually.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public OAuthAuthorizationParam();

Proxy Type

The proxy the component will connect to.

Remarks

When connecting through a proxy, this type is used to specify different properties of the proxy such as the Server and the AuthScheme.

Fields

AuthScheme
ProxyAuthSchemes

Use the AuthScheme field to tell the adapter which type of authorization to perform when connecting to the proxy. This is only used when the User and Password fields are set.

AuthScheme should be set to authNone (3) when no authentication is expected.

By default, AuthScheme is authBasic (0), and if the User and Password fields are set, the component will attempt basic authentication. If AuthScheme is set to authDigest (1), digest authentication will be attempted instead.

If AuthScheme is set to authProprietary (2), then the authorization token will not be generated by the adapter. Look at the configuration file for the adapter being used to find more information about manually setting this token.

If AuthScheme is set to authNtlm (4), NTLM authentication will be used. This option is only available in the SSL package.

For security reasons, setting this property will clear the values of User and Password.

Password
String

A password if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Port
Integer

The TCP port for the proxy Server (default 80). See the description of the Server field for details.

Server
String

If a proxy Server is given, then the HTTP request is sent to the proxy instead of the server otherwise specified.

If the Server field is set to a Domain Name, a DNS request is initiated and upon successful termination of the request, the Server field is set to the corresponding address. If the search is not successful, an error is returned.

User
String

A user name, if authentication is to be used for the proxy.

If AuthScheme is set to Basic Authentication, the User and Password are Base64 encoded and the proxy authentication token will be generated in the form "Basic [encoded-user-password]".

If AuthScheme is set to Digest Authentication, the User and Password fields are used to respond to the Digest Authentication challenge from the server.

If AuthScheme is set to NTLM Authentication, the User and Password fields are used to authenticate through NTLM negotiation.

Constructors

Constructors are only relevant when configuring adapters in orchestrations.

public Proxy();
public Proxy(string server, int port);
public Proxy(string server, int port, string user, string password);

Config Settings (CMS Pipeline component)

The adapter accepts one or more of the following configuration settings. Configuration settings are similar in functionality to properties, but they are rarely used. In order to avoid "polluting" the property namespace of the adapter, access to these internal properties is provided through the Other property.

CMS Config Settings

CompressBeforeSign:   Specifies whether to compress before signing.

When EnableCompression is set to True this property controls whether compression happens before or after signing. If set to True the input data will be compressed before signing. If set to False (default) the input data will be signed and then compressed.

GenerateSignatureTimestamp:   Whether to generate timestamps in signatures.

If GenerateSignatureTimestamp is True, a timestamp will be generated and added to all signatures created by the adapter.

The default value is True.

IncludeHeaders:   Tells the adapter whether to include the headers when encoding the message.

If True (default), the adapter will include MIME headers when signing or encrypting. If False, only the message will be encoded.

The default value for IncludeHeaders is True.

Note: This setting is only applicable to when OutputFormat is set to SMIME.

IncludeInternalHeaders:   Tells the adapter whether or not to include the internal headers when encoding the message.

If True, the adapter will generate and include MIME part headers when signing or encrypting. When decrypting and verifying the MIME part headers will be stripped.

When set to False, only the message will be processed, MIME part headers will not be generated or stripped.

The default value for IncludeInternalHeaders is False.

Note: This setting is only applicable to when OutputFormat is set to SMIME.

Supported Macros

The adapter also supports the following Macros. These values are not case sensitive and would be supplied to a property in the form %MacroName%.

TempThis is resolved to the full path to the system's temporary directory. MessageIDGlobally unique identifier (GUID) of the message in BizTalk Server. SourceFileNameThe original file name. This includes the extension and excludes the file path, for example, Sample.xml SourceFileNameNoExtThe original file name without the extension or file path, for example, Sample RemoteFileNameThe name of the file as it was uploaded to the remote server. This includes the extension and excludes the file path, for example, Sample.xml. Valid only for AS3, FTP, and SFTP Send Adapters. DestinationPartyName of the destination party. DestinationPartyQualifierQualifier of the destination party. SourcePartyName of the source party. SourcePartyQualifierQualifier of the source party. DateTime:CustomFormatThis special value allows you to specify your own custom time format. For instance DateTime:yyyy would be resolved to the 4 digit year. DateThe date format yyyy-MM-dd. DateTimeThe date format yyyy-MM-ddThhmmss. TimeThe date format hhmmss. DateTime_BTS2000The date format yyyyMMddhhmmssf. DateTime.TZThe date format yyyy-MM-ddThhmmsszzz. Time.TZThe date format hhmmsszzz. Property#<Schema>#<Name>This special value allows you to include a property from the incoming message. For instance "PROPERTY#http://schemas.microsoft.com/BizTalk/2003/system-properties#ReceivePortName" would resolve to the ReceivePortName property of the message.