Application Integration
- Application Integration
- All Products
Outbound Authentication Policy
| |
Username
| Name of the user authorized to access the service
|
Password
| Password for the authorized user
|
Preemptive HTTP Credentials
| Preemptive authentication sends basic authentication credentials without being challenged by the remote host. Care must be taken to ensure that this option is only used to communicate over secure channels to prevent unnecessary disclosure of user credentials
|
Send
wsse:UsernameToken in Header
| If checked, credentials are sent as a OASIS WS-Security
UsernameToken element in the SOAP Header. To include a Nonce (a nonce is an arbitrary number used only once in a cryptographic communication) with the
UsernameToken , add a
<abp:HashPassword/> child element to the PDD file in the PDD editor after finishing the wizard. A Nonce is used to increase the authentication security by disallowing a string to be repeated. See the example below.
A
wsse:UsernameToken header can be sent unencrypted and unsigned, provided that it is the only security policy in effect for the invoke. Otherwise, the
UsernameToken header is signed and encrypted, which requires that you have a certificate keystore configured.
|
Use Cleartext Password
| Select this option to store the authorized user's password in clear text in the PDD. The password is visible and readable in the PDD file.
|
Inbound Authentication Policy
| |
Require
UsernameToken
when receiving messages
| Select this to require authentication on messages received by a My Role or Partner Role service
|
<wsa:EndpointReference xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns5="http://www.example.org/Hello/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"> <wsa:Address>http://localhost:8081/active-bpel/services/Hello</wsa:Address> <wsa:Metadata> <wsa:ServiceName PortName="HelloSOAP">ns5:Hello</wsa:ServiceName> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:abp="http://schemas.active-endpoints.com/ws/2005/12/policy"> <abp:Authentication direction="out"> <abp:User>aeadmin</abp:User> <abp:Password>yH6CJei+D+s=</abp:Password> <abp:HashPassword/> </abp:Authentication> </wsp:Policy> </wsa:Metadata> </wsa:EndpointReference>