Dear All - 

Looking for someone with experience of using policy set and policy binding when consuming outbound web service in BAW.

We had a working outbound web service but recently there was a change on the web service provider side and they're expecting for an attribute "misunderstand" to be set to 0 and BAW when ootb web service integration is used sets it to 1. We're using basic authentication and username token as you can see below for example - 

And what we see in the soap env that is sent from BAW is - 

<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">

And it fails because web service provide expects "0" for mustunderstand.

I cannot see how / if I can change it for the username token security we're using at the moment, that would be ideal scenario that we add this property:

"com.ibm.wsspi.wssecurity.config.request.setMustUnderstand"

But looks like I can only add it to policy set / policy binding and I don't think that any of the policies that are pre-defined in WAS/BAW set up are actually used when you select "basic authentication" in the web service security. Right? 

So, it really sounds like our only option would be to switch to using policy set and policy binding in which case my next question is - how do we pass the username/password in this when using these policies?

Thanks!

Sergei

>>  I don't think that any of the policies that are pre-defined in WAS/BAW ... 

I am also not sure - but probably soap envelope is created programmatically in this case. 

>> how do we pass the username/password in this when using these policies ... 

In short - in the client policy binding.

You can use as a pattern out of the box application policy set called "BPM UNT Policy Set". Create own policy by coping this example. 
Then you have to create client policy set binding for this policy (e.g. also by coping example "BPM UNT Client")  
and create token generator for expected token (e.g. UsernameToken 1.0) with JAAS login wss.generate.unt
Save.
Add built-in callback handler:
com.ibm.websphere.wssecurity.callbackhandler.UNTGenerateCallbackHandler
Now you can provide user and password there as callback handler config. 

MustUnderstand can be set as custom property:
WS-Security > Custom properties > Outbound Custom Properties:
com.ibm.wsspi.wssecurity.config.request.setMustUnderstand 
as you already know. 

Dear All - 

Looking for someone with experience of using policy set and policy binding when consuming outbound web service in BAW.

We had a working outbound web service but recently there was a change on the web service provider side and they're expecting for an attribute "misunderstand" to be set to 0 and BAW when ootb web service integration is used sets it to 1. We're using basic authentication and username token as you can see below for example - 

And what we see in the soap env that is sent from BAW is - 

<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">

And it fails because web service provide expects "0" for mustunderstand.

I cannot see how / if I can change it for the username token security we're using at the moment, that would be ideal scenario that we add this property:

"com.ibm.wsspi.wssecurity.config.request.setMustUnderstand"

But looks like I can only add it to policy set / policy binding and I don't think that any of the policies that are pre-defined in WAS/BAW set up are actually used when you select "basic authentication" in the web service security. Right? 

So, it really sounds like our only option would be to switch to using policy set and policy binding in which case my next question is - how do we pass the username/password in this when using these policies?

Thanks!

Sergei

Dear All - 

Looking for someone with experience of using policy set and policy binding when consuming outbound web service in BAW.

We had a working outbound web service but recently there was a change on the web service provider side and they're expecting for an attribute "misunderstand" to be set to 0 and BAW when ootb web service integration is used sets it to 1. We're using basic authentication and username token as you can see below for example - 

And what we see in the soap env that is sent from BAW is - 

<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">

And it fails because web service provide expects "0" for mustunderstand.

I cannot see how / if I can change it for the username token security we're using at the moment, that would be ideal scenario that we add this property:

"com.ibm.wsspi.wssecurity.config.request.setMustUnderstand"

But looks like I can only add it to policy set / policy binding and I don't think that any of the policies that are pre-defined in WAS/BAW set up are actually used when you select "basic authentication" in the web service security. Right? 

So, it really sounds like our only option would be to switch to using policy set and policy binding in which case my next question is - how do we pass the username/password in this when using these policies?

Thanks!

Sergei