WS-Security (Web Services Security) is a standard communications protocol for applying security to web services. The WS-Security specification provides mechanisms to help developers of web services secure SOAP message exchanges, for example, by encoding and attaching binary security tokens in the headers of messages. The WS-Security UsernameToken Profile specification describes how to encode UsernameTokens with the WS-Security specification. Through UsernameTokens, a web service consumer can supply a means of identifying the requestor by “username”, and optionally using a password to authenticate that identity to the web service producer.
In the Request pane of the HTTP Analyzer test window, when you select
Include next to
WS-Security: Header, the
UsernameToken fields under the
Security | UsernameToken section are enabled: