Security - WS-Security

Overview

Used to create, update, delete and browse Web Services Security definitions as per OASIS Standard 200401 Username Token Profile V1.0 specification.

The definitions can be used by plain HTTP/SOAP channels and outgoing connections.

../../_images/wss.png

Create and Edit

../../_images/wss-update.png
Header Notes
Name Connection name
Username WS-Security user name
Reject empty nonce creation timestamps Consult spec
Reject stale username tokens Consult spec
Expiry (seconds) After how many seconds after its creation a request should be rejected (consult spec)
Nonce freshness (seconds) After how many seconds after its creations unique nonces should be rejected (consult spec)

A newly created security definition has a password set a random UUID4 and needs to be changed in order to be usable.

Change password

../../_images/wss-change-password.png

Updates a definition’s password - the password is stored in the ODB along with other details of a security definition.

Delete

../../_images/wss-delete.png

Deletes a security definition and all the connections that make use of it.

Note

It needs to be emphasized that any plain HTTP or SOAP channels and outgoing connections that were using the definition will also be deleted automatically.