We have Oracle 10g (10.2.0.3.0) 64 bit. We have a situation where we need to consume web service whose security header looks like as follow,
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
Here we need passowrd digest, Nonce and Timestamp.
How to create password digest from PLSQL? or if any other alternatives available please response soon.
Have not had to use digest authentication in PL/SQL, nor seen sample code for it.
The authentication is described on http://en.wikipedia.org/wiki/Digest_access_authentication - do not see why it should not be doable using PL/SQL.
Thanks for reply.
I am bit confused. Can we create password digests in PLSQL or My requirement was not clear to you.
Basically, I need to create a client in PLSQL to consume web service whose sample security header looks as I have given in previous thread.
I'm not that familiar with this, but isn't the idea of digest authentication that you make a failed request to the resource, which responds telling you to use digest authentication, supplying you with the value of 'nonce' and the authentication realm?
So you will need to make an initial unauthenticated call, consume the reply, extracting the relevant data, then you can construct your authentication header, following the rules in the link Billy supplied. You can generate the MD5 hashes using the DBMS_CRYPTO package.
I do not see why it will not be possible to do digest authentication with a web server using PL/SQL.
As for the digest password - the web server supplies a token (a nonce) which you need to use for creating the hashed authentication token (the digest password). The URL I posted explains this authentication process.
As for the technical how-to in PL/SQL - as I mentioned, never had to do this (only dealt with Basic and NTLM authentication thus far). But as other auth methods (such as Microsoft's NTLM) can be implemented, I do not see why digest authentication could not.
Suggest you spend some time googling for technical articles/sample code on the subject - and try to find specific PL/SQL related sample code too.