Monitoring Message Security
To view SOAP messages containing security elements in the server.log file, set the parameter dumpMessages=true in the file domain-dir/config/wss-server-config.xml, and then restart the server.
The section of the wss-server-config.xml file that needs to be modified to enable this is as shown below:
<xwss:SecurityConfiguration
xmlns:xwss="http://com.sun.xml.wss.configuration"
useTimestamps="true"
dumpMessages="true">
After you have enabled SOAP messages in the server.log file, you can verify if the username-password token is enabled by checking the domain-dir/logs/server.log file for the tag <wsse:UsernamePassword>. The following selection of code is similar to what you might see in the server.log file, with the UsernameToken tag.
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns0="http://tax.org/wsdl"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" >
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/
01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>j2ee</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/
01/oasis-200401-wss-username-token-profile-1.0#PasswordText">j2ee
</wsse:Password>
</wsse:UsernameToken>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/
01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2004-08-22T09:07:58Z</wsu:Created>
</wsu:Timestamp>
</wsse:Security>
</env:Header>
<env:Body>
<ns0:getStateTax>
<double_1 xsi:type="xsd:double">85000.0</double_1>
<double_2 xsi:type="xsd:double">5000.0</double_2>
</ns0:getStateTax>
</env:Body>
</env:Envelope>
- © 2010, Oracle Corporation and/or its affiliates