ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzamy_5.4.0.1/50/webserv/wssecovtokuser.htm

<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<META http-equiv="Content-Type" content="text/html; charset=utf-8">
<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">

<title>User name tokens</title>
</head>

<BODY>
<!-- Java sync-link -->
<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>

<h6><a name="wssecovtokuser"></a>User name tokens</h6>

<p>You can use the UsernameToken to propagate a user name and, optionally, password information. Also, you can use this token type to  carry basic authentication information. Both a user name and password are used to authenticate the message. A UsernameToken containing the user name is used in identity assertion, which establishes the identity of the user based on the trust relationship.</p>

<p>The following example shows the the syntax of the UsernameToken element:</p>

<pre>&lt;UsernameToken Id=&quot;...&quot;&gt;
 &lt;Username&gt;...&lt;/Username&gt;
 &lt;Password Type=&quot;...&quot;&gt;...&lt;/Password&gt;
&lt;/UsernameToken&gt;</pre>

<p>The Web services security specification defines the following password types:</p>

<ul>
<li><p><strong>wsse:PasswordText</strong>
<br>(Default) This type is the actual password for the user name. WebSphere Application Server - Express supports this type.</p></li>

<li><p><strong>wsse:PasswordDigest</strong>
<br>This type is the digest of the password for the user name. The value is a base64-encoded SHA1 hash value of the UTF8-encoded password. WebSphere Application Server - Express does not support password digest because most user registry security policies do not expose the password to the application software.</p></li>
</ul>

<p>The following example illustrates the use of the &lt;UsernameToken&gt; element:</p>

<pre>&lt;S:Envelope xmlns:S=&quot;http://www.w3.org/2001/12/soap-envelope&quot;
 xmlns:wsse=&quot;http://schemas.xmlsoap.org/ws/2002/04/secext&quot;&gt;
  &lt;S:Header&gt;
    ...
    &lt;wsse:Security&gt;
      &lt;wsse:UsernameToken&gt;
        &lt;wsse:Username&gt;Joe&lt;/wsse:Username&gt;
        &lt;wsse:Password&gt;ILoveJava&lt;/wsse:Password&gt;
      &lt;/wsse:UsernameToken&gt;
    &lt;/wsse:Security&gt;
    ...
  &lt;/S:Header&gt;
  ...
&lt;/S:Envelope&gt;</pre>

<p>The password is transmitted in unencrypted text. Therefore, it is recommended that you use a secure transmission channel between the sender and receiver. For example, you might consider using Secure Sockets Layer (SSL).</p>

</body>
</html>
Add readme and dist folders 2024-04-02 14:02:31 +00:00			`<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">`
			`<html>`
			`<head>`
			`<META http-equiv="Content-Type" content="text/html; charset=utf-8">`
			`<LINK rel="stylesheet" type="text/css" href="../../../rzahg/ic.css">`

			`<title>User name tokens</title>`
			`</head>`

			`<BODY>`
			`<!-- Java sync-link -->`
			`<SCRIPT LANGUAGE="Javascript" SRC="../../../rzahg/synch.js" TYPE="text/javascript"></SCRIPT>`

			`<h6><a name="wssecovtokuser"></a>User name tokens</h6>`

			`<p>You can use the UsernameToken to propagate a user name and, optionally, password information. Also, you can use this token type to carry basic authentication information. Both a user name and password are used to authenticate the message. A UsernameToken containing the user name is used in identity assertion, which establishes the identity of the user based on the trust relationship.</p>`

			`<p>The following example shows the the syntax of the UsernameToken element:</p>`

			`<pre><UsernameToken Id="...">`
			`<Username>...</Username>`
			`<Password Type="...">...</Password>`
			`</UsernameToken></pre>`

			`<p>The Web services security specification defines the following password types:</p>`

			`<ul>`
			`<li><p><strong>wsse:PasswordText</strong>`
			`<br>(Default) This type is the actual password for the user name. WebSphere Application Server - Express supports this type.</p></li>`

			`<li><p><strong>wsse:PasswordDigest</strong>`
			`<br>This type is the digest of the password for the user name. The value is a base64-encoded SHA1 hash value of the UTF8-encoded password. WebSphere Application Server - Express does not support password digest because most user registry security policies do not expose the password to the application software.</p></li>`
			`</ul>`

			`<p>The following example illustrates the use of the <UsernameToken> element:</p>`

			`<pre><S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope"`
			`xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">`
			`<S:Header>`
			`...`
			`<wsse:Security>`
			`<wsse:UsernameToken>`
			`<wsse:Username>Joe</wsse:Username>`
			`<wsse:Password>ILoveJava</wsse:Password>`
			`</wsse:UsernameToken>`
			`</wsse:Security>`
			`...`
			`</S:Header>`
			`...`
			`</S:Envelope></pre>`

			`<p>The password is transmitted in unencrypted text. Therefore, it is recommended that you use a secure transmission channel between the sender and receiver. For example, you might consider using Secure Sockets Layer (SSL).</p>`

			`</body>`
			`</html>`