Bookshelf Home | Contents | Index | PDF |
Integration Platform Technologies: Siebel Enterprise Application Integration > Web Services > About Web Services Security Support > About WS-Security UserName Token Profile SupportSiebel Business Applications support the WS-Security UserName Token mechanism, which allows for the sending and receiving of user credentials in a standards-compliant manner. The UserName token is a mechanism for providing credentials to a Web service where the credentials consist of the UserName and Password. The password must be passed in clear text. The UserName token mechanism provides a Web service with the ability to operate without having the username and password in its URL or having to pass a session cookie with the HTTP request. NOTE: Using WS-Security is optional. If it is critical that the password not be provided in clear text, use HTTPS. The following is an example of a UserName token showing the user name and password: <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd> To enable the NOTE: If you are using Web single sign-on (SSO), then use the Siebel trust token value in wsse:Password instead of the password. About Support for the UserName Token MechanismSupport for the UserName Token mechanism includes the following:
NOTE: Passing user credentials in the URL is not supported in Siebel CRM, version 8.2, and version 8.1, Fix Pack 8.1.1.9 and higher. Using the UserName Token for Inbound Web ServicesThe Inbound Web Services view provides an interface for associating operations with authentication types. The names of the operations must be globally unique. The applet shown in Figure 28 can be defined as requiring a UserName Token with username and password provided in clear text. NOTE: If you want to use Siebel Authentication and Session Management SOAP headers, then set the authentication type to None. For more information, see About Siebel Authentication and Session Management SOAP Headers. Using the UserName Token for Outbound Web ServicesEach Web service operation in the Outbound Web Services list applet might be tied to an authentication type by selecting from the Authentication Type picklist from the Outbound Web services list, as shown in Figure 29. |
Integration Platform Technologies: Siebel Enterprise Application Integration | Copyright © 2013, Oracle and/or its affiliates. All rights reserved. Legal Notices. | |