Hello,
Our environment is webMethods 7.1.2
I am trying to consume a 3rd party web service that requires WS Security Username (basic auth).
Using the built in comsumer policy it partially generates the correct security header however the server requires a “nonce” and “created” parameter.
Is there any parameters I can add to the policy file so that webMethods generates these parameters?
In webMethods 6.5 I assume you have to build the security headers manually. Do you have to do the same thing hear as well? If so, how would one do that with the “soapClient” connector?
Does anyone have any examples on how to do this in IS 7.1.x?
Here is an example header that works as generated from SOAPUI.
<wsse:Security soapenv:mustUnderstand=“1” xmlns:wsse="[URL=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd”]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd[/size][/URL][SIZE=1]“>
<wsu:Timestamp wsu:Id=“Timestamp-2” xmlns:wsu=”[URL=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd[/size][/URL][SIZE=1]“>
wsu:Created2011-01-24T14:33:46Z</wsu:Created>
wsu:Expires2011-01-24T14:34:16Z</wsu:Expires></wsu:Timestamp>
<wsse:UsernameToken wsu:Id=“UsernameToken-1” xmlns:wsu=”[URL=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd[/size][/URL][SIZE=1]">
wsse:UsernamewebMethods</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">nZatpDBPeTxZyeOCS/bsXA==</wsse:Nonce>
wsu:Created2011-01-24T14:33:46.691Z</wsu:Created></wsse:UsernameToken>
</wsse:Security>
Thanks,
Matt