%SOAP.Security.UsernameToken

Class %SOAP.Security.UsernameToken Extends %SOAP.Security.Element [ System = 4 ]

UsernameToken for SOAP Security header.

Parameters

XMLFORMAT

Parameter XMLFORMAT = "literal";

NAMESPACE

Parameter NAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

Properties

Username

Property Username As %String(CONTENT = "escape", MAXLEN = "");

Password

Property Password As %SOAP.Security.Password;

Nonce

Property Nonce As %Binary(MAXLEN = "");

Created

Property Created As %xsd.dateTime(REFELEMENTQUALIFIED = 1, REFNAMESPACE = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd", XMLREF = 1);

Methods

Create

ClassMethod Create(username As %String, password As %String, type As %String) As %SOAP.Security.UsernameToken

Create a UsernameToken element containing the specified username. The password is specified by the type argument as follows:

$$$SOAPWSPasswordText is a plain text password. This is the default.
$$$SOAPWSPasswordDigest is a password digest based on the specified password. The password digest, Nonce and Created timestamp are derived as specified by WS-Security 1.1.
$$$SOAPWSPasswordDigest is available only for SOAP clients interacting with third-party servers that support it. PasswordDigest authentication requires the server to store the plain-text password, which is not acceptable in a modern security environment. The PasswordDigest algorithm is a legacy feature. To protect the password in a , you should use SSL/TLS, encrypt the , or both.
$$$SOAPWSPasswordNone means no password element is included.

ValidateElement

Method ValidateElement(document As %XML.Document, service As %SOAP.WebBase) As %String [ Internal ]

Validate the security header element. If invalid return an error code.

Parameters​

XMLFORMAT​

NAMESPACE​

Properties​

Username​

Password​

Nonce​

Created​

Methods​

Create​

ValidateElement​