IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

Webmethods webservice client security

  • 1.  Webmethods webservice client security

    Posted Wed March 05, 2008 09:12 PM

    My client wsdl doesn’t contain security tokens but they are using digest password security on server side.
    Is webmthod can add secuirty info as part of soap header even though wsdl doesn’t contain any security tokens defined ??

    Thanks
    Rao


    #soa
    #API-Management
    #webMethods


  • 2.  RE: Webmethods webservice client security

    Posted Thu March 06, 2008 03:30 PM

    Common practice is to separate web service security policy from WSDL. Said another way, it is very uncommon to find WS-Security information embedded in WSDL.

    IS versions both before and after 7.1 are able to add WS-Security token information to outbound requests, but it is much easier to do so in IS 7.1 (configure a web services descriptor in “consumer mode”).

    I posted an example of creating a WS-Security UsernameToken in the Soap / WSDL forum a couple of weeks ago.

    Mark


    #webMethods
    #API-Management
    #soa


Related Content