|
Oracle® Rules Palette Release 9.1.0.0.0 E15811-01 |
OIPA adheres to the WS-Security standards for the authentication of SOAP messages. The standards, as developed by the OASIS Open committee, can be referenced here:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0.pdf
The <wsse:UsernameToken> element is used to contain the authentication information. The username and password are specified inside of the <wsse:Username>, and <wsse:Password> elements, respectively. Use your OIPA user name and password here.
It is suggested that SSL (Secure Socket Layer) is used as a method of encryption for all SOAP messages.
The optional <wsse:Nonce> element allows you to use a nonce as added security. A nonce is a random number, in this case represented in base 64, which is embedded in the security header to aid in preventing old communications from being reused. This number is newly generated for each request on the client side and is returned along with the SOAP response from OIPA. The <wsu:Created> element must contain the timestamp of the creation time of the nonce.
