The UsernameToken element propagates a user name and optionally propagates the password information. Use this token type to carry basic authentication information.
Both a user name and a password are used to authenticate the message. A <UsernameToken> element that contains the user name is used in identity assertion. Identity assertion establishes the identity of the user, based on the trust relationship.
<UsernameToken Id="..."> <Username>...</Username> <Password Type="...">...</Password> </UsernameToken>
WebSphere Application Server supports the default PasswordText type. However, it does not support password digest because most user registry security policies do not expose the password to the application software.
<S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope" xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"> <S:Header> ... <wsse:Security> <wsse:UsernameToken> <wsse:Username>Joe</wsse:Username> <wsse:Password>ILoveJava</wsse:Password> </wsse:UsernameToken> </wsse:Security> </S:Header> </S:Envelope>