WS Security

HI All,

In Web methods when i add WS Security Handler webmethods generationg Heade as follows

<SOAP-ENV:Header xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<
wsse:Security xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<
wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" wsu:Id="UsernameToken-288166189">
<
wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">XXESB</wsse:Username>
<
wsse:Password xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">oracle123</wsse:Password>
</
wsse:UsernameToken>
<
wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-194841501">
<
wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2010-11-12T19:02:15.386Z</wsu:Created>
<
wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2010-11-12T19:07:15.386Z</wsu:Expires></wsu:Timestamp></wsse:Security></SOAP-ENV:Header>


but the provider expecting wsu:Timestamp first than the wsse:UsernameToken . the SOAP UI first generationg wsu:Timestamp first and i am getting the result.does any one have same problem or is there any posibility to change the orde of Timestamp and UsernameToken in wsse:Security.


Thanks
Rao

What version of the IS is this on? In 8.0, I believe the IS core 10 fix is resolving this issue. Please check the readme of the fix.

Cheers,
Akshith

HI Akshith,

i am using WM 7.1.3.please let me know any fix required.

Thanks
Rao

I am not sure if there is a fix for this in 7.1.3. Please check the latest core fix for 7.1.3 or with SAG Support.

As long as you aren’t signing the request you can re-order the security tokens however you like.

It’s been too long for me to remember the easiest way to reorder elements via Flow though.