0 Replies Latest reply: Jul 12, 2013 5:08 AM by 800839 RSS

    WSDL security policy username & password authentication

    800839

      Hi,

      I am creating a WS policies in WSDL for username & password authentication , below is what I am using:-

      <wsdl:service name="echoService">
          <wsdl:port name="echoPort" binding="tns:echoBinding">
              <soap:address location="http://pponnala-tecra-xp.stc.com:18181/
               echoService/echoPort"/>
              <wsp:PolicyReference URI="#HttpBasicAuthBindingBindingPolicy"/>
          </wsdl:port>
      </wsdl:service>

      <wsp:Policy wsu:Id="HttpBasicAuthBindingBindingPolicy">
          <mysp:MustSupportBasicAuthentication on="true">
              <mysp:BasicAuthenticationDetail>
                 <mysp:WssTokenCompare/>
              </mysp:BasicAuthenticationDetail>
          </mysp:MustSupportBasicAuthentication>
          <mysp:UsernameToken mysp:IncludeToken="http://schemas.xmlsoap.org/ws/
           2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
             <wsp:Policy>
                  <sp:WssUsernameToken10>bobby</sp:WssUsernameToken10>
                  <sp:WssPassword>${pass_token}</sp:WssPassword>
             </wsp:Policy>
        </mysp:UsernameToken>
      </wsp:Policy>

      --------------------------------------------------------------------------------
      Here I need to pass the <Wsspassword> in the respective placeholder from the application. How we can pass
      the respective password to the <sp:WssPassword>${pass_token}</sp:WssPassword>? I have hardcoded with some
      valid password. But it is not working. What I am doing wrong here? Is there any way we can validate the authentication
      in a better way in WSDL? Also clarify now we can pass the password in the respective pass_token placeholder?
      Please clarify.

       

      Thanks.