Start of Content Area

Background documentation WS-Security UsernameToken

The UsernameToken is a security token that is defined in the WS Security standard. It is a mechanisms with which the user ID and password can be transported within a SOAP message.

If you are using UsernameTokens, a SOAP:Envelope/SOAP:Header/wsse:Security/wsse:Username element is added to the message, which contains a timestamp, a username and a password.

AS Java also supports password hash values. In this case, an SHA-1 hash value of the base64-encrypted password is calculated and added to the password element.

 

End of Content Area