Skip to Content

WS-Security Username Token issue with soap receiver

Hi All,

I have Proxy to SOAP scenario. Receiver web service is expecting below message in the soap header for authentication purpose.


<soapenv:Header>

      <wsse:Security>

<wsse:UsernameToken>

<wsse:Username>username</wsse:Username>

<wsse:Password Type="PasswordText">Password< wsse:Password>

</wsse:UsernameToken>

      </wsse:Security>

   </soapenv:Header>

User will trigger the message from ECC using some transaction. I need to pass this triggering person’s username and password to soap header dynamically. There are more than 2000 users in the system.

How can I retrieve this username and password and bind it to <wsse:Security> node?

Is it possible to achieve?

Please note: User’s details will not come in the message payload. I cannot user look up here.

Regards,

Muni

Add comment
10|10000 characters needed characters exceeded

  • Get RSS Feed

4 Answers

  • Best Answer
    Apr 16, 2014 at 02:20 PM

    Hi Muniyappan,

    You can think in the possibility of using a value mapping mass replication or a jdbc lookup. Personally, I'd rather to use a jdbc lookup to a DB where you have the passwords encrypted with for example asymmetric password. Later, you can decrypt it in a java mapping. The wsse tags can be generated in a java mapping or XSL with the option Do Not Use SOAP envelope in the receiver SOAP adapter.


    Regards.

    Add comment
    10|10000 characters needed characters exceeded

    • Former Member

      Hi Inaki,

      But with this approach, still we cannot figure it out as which user id to lookup who has actually triggered the data from ECC..rite??

      @ Muniyappan,

      Since it is proxy structure, it is better to include the user id details in the payload structure.

      Thanks!!

  • avatar image
    Former Member
    Apr 16, 2014 at 10:15 AM

    Hi

    The only option is to include the same in the payload message in ECC.

    I don't think we have any other option to get the user credentials.

    Add comment
    10|10000 characters needed characters exceeded

  • Apr 21, 2014 at 08:47 AM

    Asked web service team to use one service account for authentication. Used this blog How to Configure AXIS Framework for Authentication Using the "wsse" Security Standard in SAP PI to configure axis framework. Now we are able to send message to web service😊.

    Regards,

    Muni.

    Add comment
    10|10000 characters needed characters exceeded

  • Apr 17, 2014 at 06:13 AM

    Thanks Indrajit,inaki and Prasanthi for your inputs. it was really helpful.

    We are checking to include user id in the sender payload.

    Also checking with Web Service team to use one service user for authentication no matter who triggers the message. if they agree then i need to use java/xslt mapping or axis framework to populate those tags.

    Regards,

    Muni.

    Add comment
    10|10000 characters needed characters exceeded