Technical Blog Post
Abstract
Steps to add User name Token and Password under the WS Security header of a SOAP Request.
Body
Follow the below steps to create a user name token and password
1. Create a User Name Token, from the Deployment -> Web Services -> Security Tokens, page.
2. Click on Create Security Token. Enter the user token name, description and choose token type as user name.
3. Click Next, enter the User name and password. Enable digest if you want the password to be digested.
4. Click Next and click on Finish. You can now see the security Token with User Name - admin being created.
Follow the below steps to pass the user name token in security headers of the SOAP request.
1. You might have designed a BP with below steps to Consume the webservice from Sterling Integrator
DynamicService -> SOAOutboundSecurity Service -> SOAOutboundMessageProcessingService -> HTTP Begin, Post and End Services -> SOAInboundMessageProcessingService -> SOAInboundSecurityService
2. In order to pass the user name token under the security headers, add the below assign statements in the <Output message> section of the SOAOutboundSecurity Service in addition to other parameters used for signing and encryption.
<assign to="INSERT_USER_NAME_TOKEN">True</assign>
<assign to="USER_NAME_TOKEN_NAME">admin</assign>
For example:
<operation name="SOAOutboundSecurityService">
<participant name="SOAOutboundSecurityService_Instance"/>
<output message="SOAOutboundSecurityServiceInputMessage">
<assign to="CANONICALIZATION_ALGO">http://www.w3.org/2001/10/xml-exc-c14n#</assign>
<assign to="ENCRYPT_KEY_IDENTIFIER_TYPE">1</assign>
<assign to="ENCRYPTION_CERTIFICATE">12345node1</assign>
<assign to="INSERT_TIME_STAMPS">True</assign>
<assign to="KEY_ENCODING_ALGO">http://www.w3.org/2001/04/xmlenc#rsa-1_5</assign>
<assign to="SIGNATURE_ENCRYPTION_ORDER">1</assign>
<assign to="SIGNING_ALGO">http://www.w3.org/2000/09/xmldsig#rsa-sha1</assign>
<assign to="SIGNING_CERTIFICATE">4567node1</assign>
<assign to="SIGNING_KEY_IDENTIFIER_TYPE">1</assign>
<assign to="SYMMETRIC_KEY_ALGO">http://www.w3.org/2001/04/xmlenc#aes128-cbc</assign>
<assign to="INSERT_USER_NAME_TOKEN">True</assign>
<assign to="USER_NAME_TOKEN_NAME">admin</assign>
<assign to="." from="*"></assign>
</output>
<input message="inmsg">
<assign to="." from="*"></assign>
</input>
</operation>
3. Execute the Business Process designed to consume the webservice. After execution you can see that in the SOAOutboundSecurityService, there is a SOAP request with security headers consisting of username token and password as below
<wsse:UsernameToken wsu:Id="UsernameToken-1497848135" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-sece…" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-util…"><wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-sece…">admin</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-…PasswordDigest" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-sece…">5JSHFhfZzlya0Koiucf8UaBGPpM=</wsse:Password>
[{"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Product":{"code":"SS3JSW","label":"IBM Sterling B2B Integrator"},"Component":"","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"","Edition":"","Line of Business":{"code":"LOB59","label":"Sustainability Software"}}]
UID
ibm11121931