5 Replies Latest reply on Apr 1, 2014 10:37 PM by vladodias

    Best Practice for Partner Webservice Username/Password?




      I am dealing with a client web service which expects a username & password as part of SOAP Input request in string format.

      Since this is not HTTP Basic Authentication, i cannot apply WS Policy and use Username/Password properties.


      In such scenarios what is the recommended best practice to store username & password outside of composite so that it can be changed online later in a secure way?

      I was reading about CSF key but i don't think that can be implemented here.


      Sample SOAP UI request


      <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">





               <arg0 transactionId="?" sch:ItemId="264689">





                  <sch:DateTimeFormat>yyyy-mm-dd hh:mm:ss.sss</sch:DateTimeFormat>

                  <!--Zero or more repetitions:-->