O'Reilly logo

SOA Security by Prasad A Chodavarapu, Ramarao Kanneganti

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 4. Claiming and verifying identity with passwords

This chapter covers

  • Password-based authentication
  • Plain-text passwords
  • Digest authentication

As you saw in the previous chapter, the SOAP specification allows headers to be used for extending SOAP. WS-Security defines standard security headers for SOAP. In the first demonstration of WS-Security, we sent a username in a standard header. We also discussed the code behind that demonstration.

Sending the username along with the request is one way to claim identity. Most services require a user to establish his identity before his requests are served. This is because:

  • Security restrictions require that services be provided only to authorized users. While it is not always necessary to ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required