The first step in implementing basic authentication is to create
a security token for the request message to be sent by the import. The security
token is sent to the server inside the header of the SOAP message.
Before you create a security token for the request message, you should
configure the server for security as described in the topic "Enabling security
on the server."
To create a security token for the request message:
- In the Business Integration view, select
the module that contains your Web services import, as shown in the following
figure:

- Right-click the selected module and select Open Deployment
Editor. The module deployment editor opens.
- Click the Import WS-Security tab.
- Click the WS Extension tab. The Web Service
Client Security Extensions page opens, as shown in the following figure:

- In the Service References section, select
the Web service reference corresponding to your Web service import. For example,
in the above figure, the Web service reference sca/import/sendWebServiceCallToServer is
selected.
- In the Port Qname bindings section, select
the port qualified name binding that you want to use for the Web service reference
that you selected. The port qualified name binding comes from the port name
of your Web service import. For example, in the above figure, the port qualified
name binding receiveWebServiceCallFromClient_ServerInterfaceHttpPort is
selected.
- Expand the Request Generator Configuration section.
- Expand the Security Token subsection.
- Click Add. The Security Token dialog box
opens.
- In the Name field, type a name for the new
security token. For example, basicAuth.
- In the Token type drop-down
list, select Username. (The Local name field
is automatically populated with a default value.)
- Leave the URI field blank. No URI value
is required for a username token. The Security Token dialog box should now
resemble the following figure:

- Click OK. The new security token basicAuth is
displayed, as shown in the following figure:

- Press Ctrl-S to save your changes.
Now that you have created a security token, you should create a token
generator as described in the topic "Creating a token generator for the request
message".