Sun Java System Application Server Enterprise Edition 8.1 2005Q2 Administration Guide

About Username Tokens

The Application Server uses Username tokens in SOAP messages to establish the authentication identity of the message sender. The recipient of a message containing a Username token (within embedded password) validates that the message sender is authorized to act as the user (identified in the token) by confirming that the sender knows the secret (the password) of the user.

When using a Username token, a valid user database must be configured on the Application Server. For more information on this topic, read To edit a realm.