UsernameToken

  • The client sends the request containing usernameToken in WS-Security header of the SOAP message.
  • UsernameToken authentication policy authenticates the request against LDAP.

Example Policy

AuthenticationByUsernameToken.policy

<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wssp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:tpa="http://xsd.tns.tibco.com/governance/policy/action/2009" >
   <wsp:All>
    <wsp:ExactlyOne>
     <tpa:AuthenticationByJaas>
      <wssp:SupportingTokens>
       <tpa:ExactlyOne>
        <wssp:UsernameToken />
       </tpa:ExactlyOne>
      </wssp:SupportingTokens>
   <tpa:SharedResourceLoginModule ResourceInstance="LdapAsp" />
     </tpa:AuthenticationByJaas>
    </wsp:ExactlyOne>
   </wsp:All>
</wsp:Policy>