Hi Sabareeswar > I am new to frameworks like WS-policy and WS-Security. > > I am using synapse as a SOAP intermediary and I want to introduce a username > token in the soap message which comes out of synapse. > The token must look like > > > xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > <oas:Security> > <oas:UsernameToken> > <oas:Username>admin</oas:Username> > <oas:Password>admin123</oas:Password> > </oas:UsernameToken> > </oas:Security> > > Could you please tell me how I must proceed with synapse? > Basically Synapse does not go into exactly which WS-Security policy you enforce.. you just provide it with a policy that states what you want. For outgoing messages, what you need is similar to http://synapse.apache.org/Synapse_Samples.html#Sample100
You should have the sample policy used for the above as repository/conf/sample/resources/policy/policy_3.xml in your distribution. Synapse uses Apache Rampart to get this done, so it is Rampart that will read the policy and apply it. You will have better luck if you ask someone on the Apache Rampart mailing list or search through the samples for the above case.. I am sorry I do not have much free time right now to look for this myself, but if you really cannot find anything from Rampart, ping me again next week cheers asankha -- Asankha C. Perera AdroitLogic, http://adroitlogic.org http://esbmagic.blogspot.com
