Require WS-Security UsernameToken Profile Credentials Assertion

The Require WS-Security UsernameToken Profile Credentials assertion allows you to require basic WS-Security UsernameToken authentication of user name, plain text password, and the authentication realm in a section of the XML message for the web service or XML application. This assertion is a credential source that saves the user name and password from the WSS UsernameToken for later authentication and authorization via the Authenticate User or Group Assertion.
gateway83
The
Require WS-Security UsernameToken Profile Credentials
assertion allows you to require basic WS-Security UsernameToken authentication of user name, plain text password, and the authentication realm in a section of the XML message for the web service or XML application. This assertion is a credential source that saves the user name and password from the WSS UsernameToken for later authentication and authorization via the Authenticate User or Group Assertion.
This assertion supports version 1.0 of the WS-Security standard. The Gateway creates and uses X.509 v3 certificates.
Since the Require WS-Security UsernameToken Profile Credentials assertion requires a plain text password to be inserted into the service message, also select the Require SSL or TLS Transport assertion when using basic WS Token authentication.
To learn about selecting the target message for this assertion, see Select a Target Message.
To learn more about changing the WSS Recipient for this assertion, see Change the WSS Assertion Recipient.
Using the Assertion
  • Add the assertion to the policy development window as described in Adding an Assertion.
The assertion is added to the policy window; no further configuration is required.