IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.


#TechXchangePresenter
 View Only
Expand all | Collapse all

Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse

  • 1.  Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse

    Posted Mon May 20, 2013 08:57 AM

    Hi,
    I am trying to pass username/password from SOAP UI (in soap reuqest header) to web service hosted on webMethods IS. As I understood, it requires policy for this. I tried creating ws-policy file but without luck. please help me if someone has sample policy file username and password authentication through http.

    Regards
    Ranjay


    #Integration-Server-and-ESB
    #webMethods


  • 2.  RE: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse

    Posted Mon May 20, 2013 04:04 PM

    I believe you don’t need any policy for soap UI testing…Did you try to use Basic authentication for WS testing?

    Is the WSD’s/connectors are created in the Developer/Designer thru already from source WSDL’s?

    HTH,
    RMG


    #webMethods
    #Integration-Server-and-ESB


  • 3.  RE: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse

    Posted Tue May 21, 2013 06:16 AM

    Hi Ranjay,
    No policy file is required for username and password. Username and password are passed as message header in plain text and when request hits the server it check the ACL set for the provider and try to authenticate against the information provided.
    Check the ACL of the web service and find which user group is required to access this service and then use the user of that group and try to access it.

    Regards,
    Vikas


    #webMethods
    #Integration-Server-and-ESB


  • 4.  RE: Must Understand check failed for header http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse

    Posted Tue May 21, 2013 03:03 PM

    Is the WSD will be accessed by the Internal or external entity?

    If it is Internal access then set Execute ACL to Anonymous (at own risk) or Assign ACL group for the user that you are trying as suggested by Vikas.

    HTH,
    RMG


    #Integration-Server-and-ESB
    #webMethods