Tuesday, September 27, 2011

InfoSphere DataStage and Web Service - Series 3

SOAP Headers 
SOAP(Simple Object Access Protocol) is an XML based communication protocol used by web services. Web Services communication is performed in terms of SOAP Messages. An application(normally a web service client) invokes a web service by sending it a SOAP Request and the web service responds to the application by sending it a SOAP Response. The SOAP Request which is an XML document consists of a root Envelope element. The Envelope elements consists of a mandatory Body element and an optional Header Element. The Body element contains information intended for the web service to process and the Header Element contains application specific information like authentication data,session data etc.
SOAP Header with Secure Username Token Information

Composing Username Token Information in SOAP Header
Apache Rampart is the Axis2 module that implements the WS-Security functionality based on Apache WSS4J. WS-Security provides multiple ways in which one can authenticate a user when they need to access a service. One easy mechanisms is to use a Username Token. In Username Token Authentication the user credentials are placed within the SOAP Header.The purpose of a Username Token is just to convey username and password information as part of the WS-Security headers. The most basic form of Username Token sends both the username and password as plain text.
Web Service Pack v2.0 by itself cannot compose SOAP Header information. The user has to compose the SOAP Header before hand in order to access the Web Service.One such method of composing the SOAP header is by invoking the Web Service from a third party web service client,capture the SOAP Request using TCPMON and fetch the SOAP Header from it. Use the Header thus obtained in the Web Service Client Stage to invoke the Web Service. 
For details please refer a nice description by Santhosh Kumar Kotte.

Disclaimer: The postings on this site are my own and don't necessarily represent IBM's positions, strategies or opinions

No comments:

Post a Comment