To configure the credential details, complete the following fields:
Username:
Enter the name of the user included in the Username Token.
By default, the authentication.subject.id message
attribute is stored, which contains the name of an authenticated user.
Include Nonce:
Select this option if you wish to include a nonce in the Username Token.
A nonce a random number that is typically used to help prevent replay attacks.
Include Password:
Select this option if you wish to include a password in the Username Token.
Password:
If the Include Password checkbox is selected, the
Enterprise Gateway inserts the user's password into the generated WS-Security
Username Token. It can insert Clear or SHA1 Digest
version of the password, depending on which radio button you select.
Oracle recommends the digest form of the password to avoid potential
eavesdropping.
You can either explicitly enter the password for this user in the
Password field, or use a message attribute by selecting
the Wildcard option, and entering the message attribute in
the field provided. By default, the authentication.subject.password
attribute is used, which contains the password used by the user to authenticate to the
Enterprise Gateway.
|