on 2024 Jun 27 3:58 PM
Dear SAP Community,
Our goal is to consume a third party API via SOAP which requires the addition of a WS-Security UsernameToken. In the past, we achieved this by manually adding the UsernameToken in the SOAP envelope as follows:
<soapenv:Header>
<wsse:Security xmlns:wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd mustUnderstand="0">
<wsse:UsernameToken>
<wsse:Username>some_username</wsse:Username>
<wsse:Password Type=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText>some_password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
With SAP Note 3152423, the namespace used for building the security header (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd) got reserved/prohibited on newer SAP basis releases.
SAP Note 3071397 now explicitly mentions that this namespace needs to be replaced by a namespace that is not on the exclusion list introduced with SAP Note 3152423, without actually mentioning an alternative.
Can anyone please tell us which namespace should be used from here on after replacing the old "standard approach" via oasis namespace?
Thanks and kind regards,
Bernhard
Request clarification before answering.
User | Count |
---|---|
47 | |
6 | |
6 | |
5 | |
5 | |
4 | |
4 | |
3 | |
3 | |
3 |
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.