Skip to main content


         This documentation site is for previous versions. Visit our new documentation site for current releases.      
 

Creating SOAP connectors that use WSS username tokens and timestamps

Updated on April 6, 2022

To call a Web service that requires the WS-security protocol, configure the connector rule to include the necessary credentials in the SOAP request envelope header.

Before you begin: Create a SOAP connector by using the Create SOAP integration wizard. For more information, see Creating a SOAP integration

This task describes how to secure a SOAP connector with UsernameToken Authentication.

Note: Settings defined on the WS-Security form must match the configuration of the service to which you are trying to connect.

  1. In the navigation pane of Dev Studio, click Records.
  2. Expand the Integration-Connectors category, and then click Connect SOAP.
  3. On the Instances of Connect SOAP page, click the name of a rule to open it.
  4. Click the Advanced tab.
  5. In the Web services (ws-*) configuration section, in the Security profile field, click the rule opener.
  6. On the Create-WS Security Profile page, enter a short description and name for the WS security profile.
  7. Click Create and open.
  8. On the Out Flow tab, click Add new configuration.
  9. In the Configuration type field, select Username.
  10. Click Add new configuration.
  11. In the Configuration type field, select Timestamp.
  12. In the Time to live field, enter a value that the system uses to verify the response returned from the server.
  13. Click the In Flow tab.
    The In Flow Configuration Type is used for response messages from the SOAP service. To configure this type properly, you must know what value the server is configured to return. In this task, the server returns a Timestamp.
  14. Click Add new configuration.
  15. In the Configuration type field, select Timestamp.
  16. Click Save to save the WS security data instance.
  17. Click Save to save the connect SOAP rule.
Result: By using a properly configured Connect SOAP rule and SOAP service, the request envelope header contains the following information:
<wsse:Security soapenv:mustUnderstand="1">

  <wsu:Timestamp wsu:Id="Timestamp-12468716">

  	<wsu:Created>2008-06-23T13:17:13.841Z</wsu:Created>

  	<wsu:Expires>2008-06-23T13:22:13.841Z</wsu:Expires>

  </wsu:Timestamp>

  <wsse:UsernameToken wsu:Id="UsernameToken-31571602">

  	<wsse:Username>Hal.Sturgeon</wsse:Username>

  	<wsse:Password Type=
		"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
		password</wsse:Password>
  </wsse:UsernameToken>

</wsse:Security>
  • Previous topic Using WS-Security to enhance SOAP messages
  • Next topic Configuring digital signature and encryption for SOAP connectors

Have a question? Get answers now.

Visit the Support Center to ask questions, engage in discussions, share ideas, and help others.

Did you find this content helpful?

Want to help us improve this content?

We'd prefer it if you saw us at our best.

Pega.com is not optimized for Internet Explorer. For the optimal experience, please use:

Close Deprecation Notice
Contact us