Messages
Reply
Edit
Delete
"<soapenv:Header>" & _
"<wsse:Security xmlns:wsse=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"">" & _
"<wsse:UsernameToken wsu:Id=""UsernameToken-3"" " & _
"xmlns:wsu=""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"">" & _
"<wsse:Username>my_username</wsse:Username>" & _
"<wsse:Password Type = ""http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"" >my_password</wsse:Password>" & _
"<wsu:Created>" & dt & "</wsu:Created>" & _
"</wsse:UsernameToken>" & _
"</wsse:Security>" & _
"</soapenv:Header>" & _ ...
Only when we encoded the username and password into a custom HTTP header for our WebRequest object did we actually authenticate.
Does anyone know why the security tags in the SOAP header would not force authentication, and why the HTTP header did? Why do the SOAP header tags exist if not to be used.
Thanks in advance for any help you provide.
KOG
Keefe Goldfisher
