Notice: this Wiki will be going read only early in 2024 and edits will no longer be possible. Please see: https://gitlab.eclipse.org/eclipsefdn/helpdesk/-/wikis/Wiki-shutdown-plan for the plan.
Difference between revisions of "Scout/JAXWS-RT/WsseUsernameTokenAuthenticationHandler"
(New page: {{ScoutPage|cat=JAXWS-RT}} WSSE Username Token is an authentication mechanism to include user's credentials in the SOAP message headers and also works across firewalls and proxy servers. ...) |
|||
| Line 1: | Line 1: | ||
{{ScoutPage|cat=JAXWS-RT}} | {{ScoutPage|cat=JAXWS-RT}} | ||
| − | WSSE Username Token is an authentication mechanism to include user's credentials in the SOAP message headers | + | WSSE Username Token is an authentication mechanism to include the user's credentials in the SOAP message headers which also works across firewalls and proxy servers. |
However, the disadvantage of WSSE UsernameToken Authentication is that it transmits unencrypted passwords across the network. Therefore, you only should use this authentication when you know that the connection between the client and the server is secure. The connection should be established either over a dedicated line or by using Secure Sockets Layer. | However, the disadvantage of WSSE UsernameToken Authentication is that it transmits unencrypted passwords across the network. Therefore, you only should use this authentication when you know that the connection between the client and the server is secure. The connection should be established either over a dedicated line or by using Secure Sockets Layer. | ||
Revision as of 18:42, 10 November 2011
The Scout documentation has been moved to https://eclipsescout.github.io/. WSSE Username Token is an authentication mechanism to include the user's credentials in the SOAP message headers which also works across firewalls and proxy servers.
However, the disadvantage of WSSE UsernameToken Authentication is that it transmits unencrypted passwords across the network. Therefore, you only should use this authentication when you know that the connection between the client and the server is secure. The connection should be established either over a dedicated line or by using Secure Sockets Layer.
Webservice Provider
Handler to protect your webservice with WSSE Username Token message level authentication.
Webservice Consumer
Handler to include user's credentials in webservice requests by using WSSE Username Token message level authentication.
User's credentials are configured in config.ini by specifying the properties #username and #password of the respective The Scout documentation has been moved to https://eclipsescout.github.io/..