The <UsernameToken> element propagates a user name and optionally propagates the password information. Use this token type to carry basic authentication information.
Both a user name and a password are used to authenticate the message. A <UsernameToken> element that contains the user name is used in identity assertion. Identity assertion establishes the identity of the user, based on the trust relationship.
<UsernameToken Id="...">
<Username>...</Username>
<Password Type="...">...</Password>
</UsernameToken>
WebSphere Application Server supports the default PasswordText type. However, it does not support password digest because most user registry security policies do not expose the password to the application software.
<S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
<S:Header>
...
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>Joe</wsse:Username>
<wsse:Password>ILoveJava</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</S:Header>
</S:Envelope>