[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]
Subject: Public Comment
Comment from: goffinf@hotmail.com
Re:UsernameToken Profile
It is not clear whether in the case where more than one set of credentials are required to be encoded within a SINGLE <wsse:Security> header block if :-
a. this is permissable/reasonable
One assumes so given that the schema (secext.xsd) specifies a very open content model, and that toolkits such as .Net WSE support this
b. How they could be differentiated (assume wsu:Id ?)
Example :
<wsse:Security xmlns:wsse="http://.../secext";
xmlns:wsu="http://.../utility";>
<wsse:UsernameToken wsu:Id="AuthUser">
<wsse:Username>User1</wsse:Username>
<wsse:Password Type="wsse:PasswordDigest">
kek...
</wsse:Password>
<wsse:Nonce EncodingType="wsse:Base64Binary">
gaf...
</wsse:Nonce>
<wsu:Created>2003-12-06T22:53:20Z</wsu:Created>
</wsse:UsernameToken>
<wsse:UsernameToken wsu:Id="AuditUser">
<wsse:Username>User2</wsse:Username>
</wsse:UsernameToken>
</wsse:Security>
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [List Home]