Missing wsse:Security in SOAP Header

Hi,
In a Sync RFC->SOAP scenario I'm facing a problem.
Each time that I invoke the Web service, it returns a fault with the message <i>Missing <wsse:Security> in SOAP Header</i>.
I have double check ten times that the receiver comm.channel has the user and password, but It's still failing.
I don't know if it can be helpful, but the Webservice is provided by an Oracle server.
Thanks in advance for your answers,
David R.

Did you try to invoke the webservice another way?like NWDS for example?
You can write adapter module to see what you are sending to your WebService, here is the process function in Java:
public ModuleData process(ModuleContext moduleContext,
ModuleData inputModuleData)
throws ModuleException {
        try {
                        BufferedWriter out = new BufferedWriter(new FileWriter("c:
logs
web.log",true));
                        Message msg = (Message) inputModuleData.getPrincipalData();
                        out.write(msg.getDocument().getText()+ "\n");
                        out.close();
                } catch (IOException e) {
return inputModuleData;

Similar Messages

Adding WS Security in SOAP header for calling soap services from PI

When i am calling a wss enabled webservice from soapui with the header parameters
Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -
     <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:Username>xxxxx</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>
            <wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
            <wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
         </wsse:UsernameToken>
      </wsse:Security>
However , in PI when the following configurations are made -
Web Services Security option selected in soap receiver adapter
In Receiver Agrrement -
Security Standard - http://docs.oasis ....
Security Procedure (Request) - None
Security Procedure (response) - None
the user tokens don't seem to generated and it is giving an authentication error . Is there any process of generating this in the outgoing soap header from PI.
SOAP Axis framework is not installed at present and working on PI 7.1 SP6.
Looking forward for your replies

same issue for me too.
Try using WS adapter on receiver side .
If you are able to attach SOAP header with WSSE fields using SOAP adapter at reciever channel let me know how you did it.

How to set wsse:security SOAP header in soa 11g?

Hi,
we are facing an issue with invoking a secured webservice.
we tried 3 things
1.) set the username/password in em under reference properties
2.) Created a schema, set the username/password and included it in partner link header tab.
3.) added a client token policy in em and then set http authentication field.
all these not working.
the error we are facing is :
Non Recoverable System Fault :
javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header
complete payload is below:
<bpelFault>
<faultType>0</faultType>
<remoteFault>
<part name="summary">
<summary>Missing <wsse:Security> in SOAP Header</summary>
</part>
<part name="detail">
<detail>javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header</detail>
</part>
<part name="code">
<code>wsse:InvalidSecurity</code>
</part>
</remoteFault>
</bpelFault>
Please let us know how to proceed with this?
Thanks in advance
Regards

You need to attach the below policy in security section (Select your partnerlink in the references section of composite.xml and the click on "Configure WS policies")
oracle/wss_username_token_client_policy
if it is Secured Webservice, then attach this policy
oracle/wss_username_token_over_ssl_client_policy
After attaching policy, click edit and configure the key(out of box, u see one key csf-key) . This key should be setup with the required username and password that matches with the Webservice expected username and pwd.
Thanks,
Satish
http://soadiscovery.blogspot.com

How to add security credentials to SOAP header for EBS Web Service call..

All,
I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
Here are the steps I completed:
- I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
- I granted the access to this service in EBS R12 to user SYSADMIN
- I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
- When I try to execute the action: I get the error:
Action could not be invoked.
ServiceExecutionFailure :
Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. Anyone on this forum know how to set up the SOAP to call with the correct credentials? I have been looking at the documentation but it is not clearly explained.

Dear Heiko,
did you solve this problem?
We are facing the same problem. Every parameter that requries "cmd" does not work. I guess we don´t use this paramter the right way.
Best, Chris

WSRP wsse element missing in SOAP Header

Hi
I have a wlp 9.2.3 producer and consumer, i did set up the SAML security between these 2 domains and it was working fine. Now suddenly wsse:security section is missing in the soap headers which are being passed from consumer to producer. What could be the reason for the missing wsse ... how to add them back
soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
*<Header xmlns="http://schemas.xmlsoap.org/soap/envelope/"/>*
<soapenv:Body>
<urn:initCookie xmlns:urn="urn:oasis:names:tc:wsrp:v1:types">
<urn:registrationContext>
<urn:registrationHandle>24002</urn:registrationHandle>
</urn:registrationContext>
</urn:initCookie>
</soapenv:Body>
</soapenv:Envelope
Thanks
Jesh

The most likely cause is the user is not logged in.
Other issues include misconfiguration of the WSDL policy or the SAML Credential Mapper in consumer's security realm.
Hope this helps,
Nate

Unable to process SOAP Header child element 'wsse:Security' with 'mustUnder

Hello everyone.
In have created project in Jdeveloper. In this one i have one external reference for Siebel Service.
At composite, for external reference service(Siebel Service) i have added a security policy i.e. *"oracle_wss_username_token_client_policy"*.
[Right click on SiebelService->configure WS policies->under security tab i have selected above policy]
So apart from this i have added property for the policy
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">SADMIN</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">SADMIN</property>
But its returning following error,
Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
This really pushed back me in development.
Really i am in need of help. Help me out of this issue.
Thanks in advance,
Shridhar

Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)The problem is at Siebel side. It is not able to understand the security mechanism being used at SOA side. There are two options -
1. Use the custom policy and assertion at SOA side (please refer to metalink note - 1419373.1)
2. Write your own custom message handler class and use it at Siebel side to negotiate security gap
Regards,
Anuj

SOAP element wsse:Security with mustUnderstand="1"(SBL-EAI-08000)

Attempting to access Siebel (CRM On Demand) web service using Weblogic web service data control in JDeveloper, set web service security policy to "oracle/wss_username_token_client_policy", receiving the following error:
The Web Service call failed. The service returned a SOAP fault with the message: [SOAP-ENV:MustUnderstand] Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
How can I set mustUnderstand="0" in the SOAP request? (I cannot change the web service to accept mustUnderstand="1")
Thanks!
Edited by: user507901 on Dec 12, 2009 2:09 PM

I am experiencing the exact same problem. From my research, it appears that the problem has to do with the namespace and WS-Security version compatibility.
Here's some related information:
wsse security property in partnerLinkBinding not work in 10.1.3.4 MLR3
Re: Exception with security-enabled web service proxy
Similar problems when connecting from Microsoft to Siebel:
http://social.msdn.microsoft.com/Forums/en/wcf/thread/cc48f572-7082-40d1-9b6b-dcdc7223bc85
(google cache of information that is very relevant)
http://74.125.47.132/search?q=cache:v9gAA2zDcqgJ:soa-howto.blogspot.com/2008/04/invoking-ws-security-compliant-web.html+siebel+ws-security+oasis+2004&cd=9&hl=en&ct=clnk&gl=us&client=firefox-a
http://74.125.47.132/search?q=cache:nIe07-zdum0J:soasol.blogspot.com/2009/06/missing-in-soap-header-when-calling.html+wsseOASIS2004Compliant&cd=3&hl=en&ct=clnk&gl=us&client=firefox-a
Documentation from SOA Suite 10g. Search for "wsseOASIS2004Compliant":
http://download-west.oracle.com/docs/cd/B31017_01/integrate.1013/b28982.pdf
I've tried a number of different ways to set the "wsseOASIS2004Compliant" property to "false" for my partner link, but it simply has no effect in 11g.
Edited by: user12107520 on Dec 15, 2009 10:36 AM

Calling A Secured webservice using Username and password in the Soap header

I want to call a secured webservice.
The Username and password should be sent with the payload in the SOAP Header
as
<wsse:Security S:mustunderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="SecurityToken-XXXXXXXXXXXXXXXXXXXXXXXXX" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>uname</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
Can you please send me the steps?
I tried with giving the username and password under Service Account.
I tried to create a wspolicy under business service. But nothing works...
Please help me at the earliest.
Also please give me steps in sequence.

Now i made sure that the endpoint is available!
Now am getting this error:
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>BEA-380002: localhost1</faultstring>
<detail>
<con:fault xmlns:con="http://www.bea.com/wli/sb/context">
<con:errorCode>BEA-380002</con:errorCode>
<con:reason>localhost1</con:reason>
<con:location>
<con:node>RouteNode1</con:node>
<con:path>request-pipeline</con:path>
</con:location>
</con:fault>
</detail>
</soapenv:Fault>
Also in the invocation trace i can observe the following things:
Under Invocation Trace:-
========================
     Receiving request =====> Initial Message context
     ===============================================
     under added header:-
     ==================
     <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
     </soap:Header>
     under RouteNode1
================
     Route to "TargetMyService_BS"
$header (request):-
<soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
</soap:Header>
Under Message Context changes:-
*===============================*
I can find this element also:-
con:security>
*<con:doOutboundWss>false</con:doOutboundWss>*
*</con:security>*
eventhough we enabled ws security, how the above tag can be false?
I think its getting failed to populate the header with the required login credentials.
The other doubt i have is:-
=================
I have chosen the service account type is static...is this right?

How to create WSSE soap header?

I need to connect to a web service and it requires WSSE security namespace in the soap header. Does anyone know to create it using Java in the soap header using WSSE security namespace?
Thanks
I'm using Jdeveloper 11g

Doesn't jdeveloper has a wizard in creating a template code for the subject task.

Webservice security: manipulating the SOAP Header

Hi all,
I need to call a web service for which the following XWSS security policy is specified:
<xwss:SecurityConfiguration dumpMessages="false" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
<xwss:RequireUsernameToken passwordDigestRequired="true" nonceRequired="true"/>
</xwss:SecurityConfiguration>
Looking at the BPEL Admin guide, I tried to add the following to the bpel.xml file:
<property name="wsseOASIS2004Compliant">true</property>
<property name="wsseHeaders">credentials</property>
<property name="wsseUsername">username</property>
<property name="wssePassword">digestedPassword</property>
I tried to encrypt the password using either Base64 or sha1. In any case, the following error is returned:
com.sun.xml.wss.XWSSecurityException: Receiver Requirement for Digested Password has not been met
Apparently, the following header format has to be constructed:
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="XWSSGID-11553010711772067303919">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">digestedPassword</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">aNonce</wsse:Nonce>
<wsu:Created>2006-08-11T12:57:54Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
theBody
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
How can I achieve that using BPEL Designer (using 10.1.2.1.0)?
E.g. are there ways to directly influence the SOAP Header?
Thanks.
Best regards, Sjoerd

More info:
By specifying the header properties in the bpel.xml BPEL generates the following header data in the SOAP message (obtained using obtunnel):
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">clearTextPassword</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
theBody
</soapenv:Body>
</soapenv:Envelope>
As you can see it uses the #PasswordText which indicates the use of a cleartext password.
Thus the question remains: how to get the Nonce, the CreationTime and the PasswordDigest in the SOAP Header of the message (BPEL 10.1.2.1.0)?
Thanks, Sjoerd

WSSE usename token not in the SOAP Header

Background:
Webservice with four methods; OpGet, OpCreate, OpGetList, OpSet. Setup a jcx with this webservice URL, generate a test harness from workshop, and running this test harness and looking at the SOAP messages being send and received to verify that the web services are working. The OpGet is working since it doesn't require user credentials. But the OpCreate is currently not working. Remedy is rejecting it because of access control.
Problem #1:
Need to pass the user credential in the SOAP header. Here's the required information in WSDL regarding Authentication.
<wsdl:operation name="OpCreate">
<soap:operation soapAction="urn:SimpleWebService/OpCreate" style="document"/>
<wsdl:input>
<soap:header message="s:ARAuthenticate" part="parameters" use="literal">
</soap:header>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
Solution that I have implemented so far:
I have setup a WSSE file with the simple username/password in the <wsSecurityOut> element and was expecting to see this in the SOAP Header element in the WSDL message. When I look at the SOAP message in the test harness that I have generated in Workshop, I don't see this credential information. I have set the "ws-security-service property to the wsse file. I know that the harness has seen the wsse file since it gives me warning about having the password in simple text without encryption.
Shouldn't I be seeing this userNameToken information in the SOAP Header when I run the test harness (jws) from workshop? As you can see below (Problem #2) no SOAP header is being generated.
Problem #2:
I see that in the SOAP message that test harness is sending wrong "xsi:type" information. It seems to be sending the "StatusType" for all the parameters except the one "Status" where it needs to?
SOAP-ENV:Envelope xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Body>
<ns:OpCreate xmlns:ns="urn:SimpleWebService">
<ns:Assigned_To xsi:type="ns:StatusType">donnab</ns:Assigned_To>
<ns:Short_Description xsi:type="ns:StatusType">testing from weblogic 8.1 SP3 Workshop</ns:Short_Description>
<ns:Status>New</ns:Status>
<ns:Submitter xsi:type="ns:StatusType">donnab</ns:Submitter>
</ns:OpCreate>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
Here's the WSDL where the OpCreate is defined:
<xsd:element name="OpCreate" type="s:CreateInputMap"/>
<xsd:complexType name="CreateInputMap">
<xsd:sequence>
<xsd:element name="Assigned_To" type="xsd:string"/>
<xsd:element name="Short_Description" type="xsd:string"/>
<xsd:element name="Status" type="s:StatusType"/>
<xsd:element name="Submitter" type="xsd:string"/>
</xsd:sequence>
</xsd:complexType>

I've never been able to see that information because I assume Weblogic server strips it out the minute it receives it and uses it to authenticate the user against a principal in the server.
You can get ahold of this info, though. In your .jws file, in workshop, add this as a context:
/** @common:context */
JwsContext context;
In your web services method, access the context to get the username:
context.getCallerPrincipal().getName();
That will return a String w/ the username passed in the username token.
-Becky

WS-security Need to Get Username and Password and time Stamp in SOAP Header

HI ALL,
i need to get USERNAME and PWD in my Soap header for consuming Webservice using SAP PI ,
and my SOAP Header should look like this
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurityutility-
1.0.xsd"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-
secext-1.0.xsd">
<wsu:Timestamp wsu:Id="Timestamp-296915943">
<wsu:Created>2008-06-05T18:30:59.904Z</wsu:Created>
<wsu:Expires>2009-06-05T18:35:59.904Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-192809888">
<wsse:Username>midtier-service</wsse:Username>
xxxxxxxx: Confidential Green 10
<wsse:Password Type="http://docs.oasisopen.
org/wss/2004/01/oasis-200401-wss-username-token-profile-
1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
should i need to get some certificates from client and deploy it or should we do anything in SAP PI and send to soap header or can hard code it and send to webservice, please help me in this t
hanking you
Sridhar

i need to get USERNAME and PWD in my Soap header for consuming Webservice using SAP PI ,
Can be achieved by XSL Mapping or SOAP Axis Adapter. Search on SDN for further details as this has been discussed many a times on the forum.
should i need to get some certificates from client and deploy it or should we do anything in SAP PI and send to soap header or can hard code it and send to webservice, please help me in this t
First you need to confirm whether certificates are required or not. Might be the web service is using user id / password security (basic authorization).
How to use certificates in PI - Search on SAP Help, this has been explained in great details over there.

Exception "main" javax.xml.ws.soap.SOAPFaultException: Missing SOAP Header

Hi
I need to integrate E-Business Suite with ADF using JAX-WS proxy client. When I tried to invoke a method exposed in webservices, I am getting the below error
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Missing in SOAP Header
how to pass password with SOAP header?
In a thread "https://forums.oracle.com/forums/thread.jspa?threadID=2125723", they mentioned to include "wss_username_token_client_policy" and to set override property to set user/pw from a csf key. I included that policy while generating the proxy client in "Step 7" and after then what should I do?
Is it the only way to invoke secured webservices? if not what are the ways to do it?
Can anyone give me good example or sample codes to invoke secured webservice through "JAX-WS Proxy client"
Thanks

I suppose that this is duplicate of How to pass username/password through WebService proxy client to E-BS.
For full example check: http://www.javadb.com/using-a-message-handler-to-alter-the-soap-header-in-a-web-service-client
Dario

WS-Security: Custom/Proprietary tokens in SOAP Header

Hi All,
We are conusming a web service hosted by an external system. They seem to support WS-Security, but they need custom/propriety token for the field <wsse:BinarySecurityToken/> in the SOAP header,
Is there any possiblity to use standard Web Services Security profile in SOAP receiver adapter and achieve this task.
Thanks for your time.
Best Regards,
Sudharshan N A

Hi,
how are you testing? do you use the test page from enterprise manager? If so, change the input to "XML View" and add the SAML Header. They usually look like this
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing">
<env:Header>
<wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<saml:Assertion MajorVersion="1" MinorVersion="1" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="SAML-MYBrexylXmDyTN9kS08Ygw22" IssueInstant="2011-06-21T12:43:52Z" Issuer="www.oracle.com">
<saml:Conditions NotBefore="2011-06-21T12:43:52Z" NotOnOrAfter="2011-06-21T12:48:52Z"/>
<saml:AuthenticationStatement AuthenticationInstant="2011-06-21T12:43:52Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
<saml:Subject>
<saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">tester1</saml:NameIdentifier>
<saml:SubjectConfirmation>
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
</saml:SubjectConfirmation>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</wsse:Security>
</env:Header>
<env:Body>
</env:Body>
</env:Envelope>
cheers Nicolas

WS-Security SOAP Header does not include expected elements

Our SAP R/3 Enterprise is sending messages to XI which then forwards them to third party applications withing our corporate firewall.
One of these applications (Java) provides a Web Service to which we are attempting to direct a message from XI.
This Web Service requires WS-Security information be included in the SOAP header identifying Username, Password as described by the Oasis standards.
<soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
      soapenv:mustUnderstand="1">
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
        wsu:Id="UsernameToken-21280292">
        <wsse:Username>test</wsse:Username>
        <wsse:Password
          Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
          >Zzqxojj3iKMfki45et4ZWqrAupQ=</wsse:Password>
        <wsse:Nonce>b6QiDyhP3Ds9z24NMI0r6w==</wsse:Nonce>
        <wsu:Created>2007-01-04T16:57:48.625Z</wsu:Created>
      </wsse:UsernameToken>
    </wsse:Security>
</soapenv:Header>
I have gone through a lot of documentation provided by SAP and SDN in an attempt to determine how and what to configure in order to generate the above SOAP header and although I am fairly sure SAP XI can perform this function I am at a loss on what needs to be done.
Their are plenty of documents describing how to do this for a Web Service generated by an SAP (WAS, R/3, XI, etc) but other than references to doing so for a third party application nothing that is concrete. Yet I am fairly certain that it is a simple process.
In one article of SAP Insider I found reference to this email address and am hoping that you will be able to assist.
Our XI is currently running WAS Netweaver 04 (640) patched at SAPKB64017.

Chris--
OASIS WS-Security 1.0 has been supported by the XI SOAP adapter for a long time.
However, what you're trying to do isn't possible in XI yet, because it isn't pure WS-Security.
WS-Security provides definition for the wsse:UsernameToken element, but provides little in the way of content. The standard allows for //wsse:UsernameToken/Username, and for //wsse:UsernameToken/<xsd:any> to support extensibility. WS-Security does not define the existence of wsse:Password, wsse:Nonce, wsse:Created, etc.
OASIS released a separate standard at the same time as WS-Security 1.0 to define a set of extensions for the wsse:UsernameToken element. This standard includes //wsse:UsernameToken/Password and your other elements. So, you need an application that has implemented WS-Security 1.0 as well as the "Web Services Security UsernameToken Profile 1.0" standard.
XI does not appear to support this standard extension, so customers are frequently doing a custom implementation in order to implement the features they need from the UsernameToken Profile standard. I've seen a customer do it in the plain HTTP adapter and use XSLT in the message mapping for receiver cases.
I've yet to see a sender case. Adapter modules in the SOAP adapter might work, but I see this as a technical risk because I don't know if you can re-authenticate from within the adapter module, and I suspect that XI applies the business-service authorization rule (the user authorization to access that particular service) before the adapter modules are called.
--Dan King
Manager, SAP NetWeaver Integration
Capgemini

Missing wsse:Security in SOAP Header

Similar Messages

Maybe you are looking for