UsernameToken Element
For outbound messages, the <UsernameToken> element specifies whether or not to include a WS-Security UsernameToken in the message header.
Outbound Messages
Password Type
The “PasswordType” attribute specifies the password form to use. Specify one of the following settings:
Setting | Description |
“Text” | Integration Server includes the password in plain or clear text. |
“digest” | Integration Server creates a password digest where the password contains a hash of the timestamp. |
“digestwithnonce” | Integration Server creates a password digest where the password contains a hash of the timestamp and nonce. |
Note:Integration Server supports “digest” and “digestwithnonce” for consumer web service descriptor only. If you use it with a provider web service descriptor, Integration Server will process the incoming SOAP request, however, the authentication of the username will fail.
Note:
If your password contains a nonce, ensure that each message includes a new nonce value. Integration Server will reject a UsernameToken if it includes a nonce that is already used.
Example
<UsernameToken
PasswordType="Text"/>