5 Replies Latest reply: Apr 1, 2014 5:37 PM by vladodias RSS

    Best Practice for Partner Webservice Username/Password?

    user633446

      Hi,

       

      I am dealing with a client web service which expects a username & password as part of SOAP Input request in string format.

      Since this is not HTTP Basic Authentication, i cannot apply WS Policy and use Username/Password properties.

       

      In such scenarios what is the recommended best practice to store username & password outside of composite so that it can be changed online later in a secure way?

      I was reading about CSF key but i don't think that can be implemented here.

       

      Sample SOAP UI request

       

      <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">

         <soapenv:Header/>

         <soapenv:Body>

            <int:getItem>

               <!--Optional:-->

               <arg0 transactionId="?" sch:ItemId="264689">

                 <sch:Username>Username</sch:Username>

                  <sch:Password>Password</sch:Password>

                  <sch:DateFormat>yyyy-mm-dd</sch:DateFormat>

                  <!--Optional:-->

                  <sch:DateTimeFormat>yyyy-mm-dd hh:mm:ss.sss</sch:DateTimeFormat>

                  <!--Zero or more repetitions:-->

                  <sch:InputField>ID</sch:InputField>

                  <sch:InputField>Summary</sch:InputField>

                  <sch:InputField>State</sch:InputField>

               </arg0>

            </int:getItem>

         </soapenv:Body>

      </soapenv:Envelope>

       

      Thanks