Web Services Security

WS-Security (Web Services Security) is a standard communications protocol for applying security to web services. The WS-Security specification provides mechanisms to help developers of web services secure SOAP message exchanges, for example, by encoding and attaching binary security tokens in the headers of messages. The WS-Security UsernameToken Profile specification describes how to encode UsernameTokens with the WS-Security specification. Through UsernameTokens, a web service consumer can supply a means of identifying the requestor by “username”, and optionally using a password to authenticate that identity to the web service producer.

In the Request pane of the HTTP Analyzer test window, when you select Include next to WS-Security: Header, the UsernameToken fields under the Security | UsernameToken section are enabled:

Copyright © 1997, 2009, Oracle. All rights reserved.