cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

WS-Security Username Token issue with soap receiver

Go to solution
Muniyappan
Active Contributor

on ‎04-16-2014 10:49 AM

0 Kudos

Hi All,

I have Proxy to SOAP scenario. Receiver web service is expecting below message in the soap header for authentication purpose.


<soapenv:Header>

      <wsse:Security>

<wsse:UsernameToken>

<wsse:Username>username</wsse:Username>

<wsse:Password Type="PasswordText">Password< wsse:Password>

</wsse:UsernameToken>

      </wsse:Security>

   </soapenv:Header>

User will trigger the message from ECC using some transaction. I need to pass this triggering person’s username and password to soap header dynamically. There are more than 2000 users in the system.

How can I retrieve this username and password and bind it to <wsse:Security> node?

Is it possible to achieve?

Please note: User’s details will not come in the message payload. I cannot user look up here.

Regards,

Muni

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

iaki_vila
Active Contributor
‎04-16-2014 3:20 PM
0 Kudos

Hi Muniyappan,

You can think in the possibility of using a value mapping mass replication or a jdbc lookup. Personally, I'd rather to use a jdbc lookup to a DB where you have the passwords encrypted with for example asymmetric password. Later, you can decrypt it in a java mapping. The wsse tags can be generated in a java mapping or XSL with the option Do Not Use SOAP envelope in the receiver SOAP adapter.


Regards.

Show replies
Show replies
prasanthi_chavala
Active Contributor
‎04-16-2014 8:06 PM
0 Kudos

Hi Inaki,

But with this approach, still we cannot figure it out as which user id to lookup who has actually triggered the data from ECC..rite??

@ Muniyappan,

Since it is proxy structure, it is better to include the user id details in the payload structure.

Thanks!!

Answers (3)

Answers (3)

Muniyappan
Active Contributor
‎04-21-2014 9:47 AM
0 Kudos

Asked web service team to use one service account for authentication. Used this blog to configure axis framework. Now we are able to send message to web service.

Regards,

Muni.

Show replies
Show replies
Muniyappan
Active Contributor
‎04-17-2014 7:13 AM
0 Kudos

Thanks Indrajit,inaki and Prasanthi for your inputs. it was really helpful.

We are checking to include user id in the sender payload.

Also checking with Web Service team to use one service user for authentication no matter who triggers the message. if they agree then i need to use java/xslt mapping or axis framework to populate those tags.

Regards,

Muni.

Show replies
Show replies
Former Member
‎04-16-2014 11:15 AM
0 Kudos

Hi

The only option is to include the same in the payload message in ECC.

I don't think we have any other option to get the user credentials.

Show replies
Show replies
Ask a Question