Layer7 API Management

  • Private Community
 View Only
Back to discussions
Expand all | Collapse all

Require WS-Security Password Digest Credentials Properties

  • 1.  Require WS-Security Password Digest Credentials Properties

    Posted Sep 11, 2020 09:20 AM

    Good morning, I have a question regarding a problem I am experiencing with the Require WS-Security Password Digest Credentials Properties assertion. Below is the assertion and the WSSE security header. I am confident that I have the correct credentials load yet the assertion fails. My ask is there a way to determine the value of the PasswordDigest being passed in to determine the reason why the assertion fails? Thank you for your time.     

     

     

    <?xml version="1.0" encoding="UTF-8"?>

    <wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">

        <wsp:All wsp:Usage="Required">

            <L7p:WssDigest>

                <L7p:RequireNonce booleanValue="true"/>

                <L7p:RequireTimestamp booleanValue="true"/>

                <L7p:RequiredPassword stringValue="${secpass.sisoa-dpm-extib_smartben_mups_password.plaintext}"/>

                <L7p:RequiredUsername stringValue="${gateway.sisoa-dpm-extib.smartben.mups.userId}"/>

            </L7p:WssDigest>

        </wsp:All>

    </wsp:Policy>

     

     

     

     

     

    mainpart = {String} "<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope" xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>P9SmrtBMUP</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">KtzPlbuSGg+YKm7kVdS7k6dyZb8=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">HofeuTKMz2g/K12gmvBbc4Le6pb8pvrm49GgBd1DgNpnh/bxkWXQWPsL1sD4I7i81s/JqpUHk90GFCrcT984DA==</wsse:Nonce><wsu:Created>2020-09-11T12:42:23.4223Z</wsu:Created></wsse:UsernameToken></Security>

    Edward Lokiec
    Telephone: 860.226.5977
    E-mail Address:  Ed.Lokiec@CIGNA.com

    image009.png@01CF8950.C7C0E410

     

     

    Confidential, unpublished property of Cigna. Do not duplicate or distribute. Use and distribution limited solely to authorized personnel. © Copyright 2020

     

    ------------------------------------------------------------------------------
    CONFIDENTIALITY NOTICE: If you have received this email in error,
    please immediately notify the sender by e-mail at the address shown. 
    This email transmission may contain confidential information.  This
    information is intended only for the use of the individual(s) or entity to
    whom it is intended even if addressed incorrectly.  Please delete it from
    your files if you are not the intended recipient.  Thank you for your
    compliance.  Copyright (c) 2020 Cigna
    ==============================================================================