2 Replies Latest reply on Jul 14, 2014 6:45 AM by Sanjay Bajaj

    OSB : Security : Business Service : Password Digest configuration in BS




      I have a requirement to connect to target WS. We need to pass username and password (password digest). The target URL is same but we have 7 different password and based on some logic we need to use anyone of the password and call the service.


      I can able to connect to the service by adding the security headers and the request from the business service.


      But when invoking the business service from proxy how can i generate the soap headers with password digest, Nonce, Timestamp.


      Below is the header i used in BS and it works fine.


            <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

               <wsu:Timestamp wsu:Id="Timestamp-13" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">




               <wsse:UsernameToken wsu:Id="UsernameToken-12" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">


                  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">passworddigesy</wsse:Password>

                  <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">nonce</wsse:Nonce>





      Since the password is different do we need to use multiple business service or can use only one ?


      Please provide your input.