This discussion is archived
0 Replies Latest reply: Jun 28, 2012 3:23 PM by AndresG RSS

OSM Web Service credentials information

AndresG Newbie
Currently Being Moderated
Hi There !

OSM Web Services require that security related information be provided in the message header. The user name and password for the Web Service authorized user must be included in each request using the elements <wsse:UserName> and <wsse:PasswordText>

For Example:

<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-4799946" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>administrator</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">administrator</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

But when other applications need to invoke a OSM Web Service Operation. They need that the credential information must be secure and cannot be hard coded in their code.

The questions is: But aditionally exists any mechanism to receive this credential information in secure form in OSM, and with this avoids that the information trip in explicit form.

Thank's in advance.

AndresG

Edited by: AndresG on 28-jun-2012 15:23

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points