0 Replies Latest reply: Jun 28, 2012 5:23 PM by AndresG RSS

    OSM Web Service credentials information

    AndresG
      Hi There !

      OSM Web Services require that security related information be provided in the message header. The user name and password for the Web Service authorized user must be included in each request using the elements <wsse:UserName> and <wsse:PasswordText>

      For Example:

      <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-
      open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken wsu:Id="UsernameToken-4799946" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <wsse:Username>administrator</wsse:Username>
      <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">administrator</wsse:Password>
      </wsse:UsernameToken>
      </wsse:Security>
      </soapenv:Header>

      But when other applications need to invoke a OSM Web Service Operation. They need that the credential information must be secure and cannot be hard coded in their code.

      The questions is: But aditionally exists any mechanism to receive this credential information in secure form in OSM, and with this avoids that the information trip in explicit form.

      Thank's in advance.

      AndresG

      Edited by: AndresG on 28-jun-2012 15:23