This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

WS-Security for SOAP Requests

Posted on 01-05-2017 07:41 PM
ramnath_ananth
New Member
Reply posted on --/--/---- --:-- AM

Hi,

Does apigee support WS-Security for SOAP requests ? I have created a pass thru SOAP request and need to authenticate the request using WS-Security standards.

Can anyone help on this ?

Apigee Edge will authenticate the request based on the SOAP Security header 

 <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="111" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wsse:UsernameToken wsu:Id="UsernameToken-459">
            <wsse:Username>username</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
   </soapenv:Header>

Username and password are passed in the header. Is there an out of the box approach to validate the soap security header without extracting the credentials ?

Or an out of the box approach to process the security header ?

Thanks

0 7 2,636
Topic Labels
0 Likes
7 REPLIES 7