<UsePassword> Element
Specifies the requirements for how a password for a UsernameToken is passed in a SOAP message.
<policyDocument> Element
<policies> Element
<Policy> Element (WSE for Microsoft .NET) (1)
<Confidentiality> Element
<KeyInfo> Element (WSE for Microsoft .NET) (1)
<SecurityToken> Element
<Claims> Element
<policyDocument> Element
<policies> Element
<Policy> Element (WSE for Microsoft .NET) (1)
<Integrity> Element
<TokenInfo> Element
<SecurityToken> Element
<Claims> Element
<UsePassword Type="wsse:PasswordDigest"
wsp:Usage="wsp:Required" />
Attributes and Elements
Attributes
Attribute | Description |
---|---|
Type |
Required attribute. Specifies how the password must be passed. |
wsp:Usage |
Required attribute. Must be wsp:Required. |
Child Elements
None
Parent Elements
Element | Description |
---|---|
Specifies requirements that are specific to a security token type. |
Example
The following code example is a policy file specifying that all SOAP messages sent to the http://www.cohowinery.com/SaleWidgets.asmx
endpoint must have the <Body> element and the To, Action, MessageID, and From headers signed by a UsernameToken. Furthermore, the UsernameToken must be for the user name someone
and the password must be sent hashed.
Note
This code example is designed to demonstrate WSE features and is not intended for production use.
<?xml version="1.0" encoding="utf-8"?>
<policyDocument
xmlns="https://schemas.microsoft.com/wse/2003/06/Policy">
xmlns:wse="https://schemas.microsoft.com/wse/2003/06/Policy"
<mappings>
<endpoint uri="http://www.cohowinery.com/SaleWidgets.asmx">
<defaultOperation>
<request policy="#policy-c0a22319-6b89-49ff-9b82-bdbac5f04618" />
<response policy="" />
<fault policy="" />
</defaultOperation>
</endpoint>
</mappings>
<policies xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsp:Policy wsu:Id="policy-c0a22319-6b89-49ff-9b82-bdbac5f04618"
xmlns:wsp="https://schemas.xmlsoap.org/ws/2002/12/policy"
xmlns:wsa="https://schemas.xmlsoap.org/ws/2004/03/addressing" >
<wssp:Integrity wsp:Usage="wsp:Required"
xmlns:wssp="https://schemas.xmlsoap.org/ws/2002/12/secext">
<wssp:TokenInfo>
<SecurityToken xmlns="https://schemas.xmlsoap.org/ws/2002/12/secext">
<wssp:TokenType>http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken</wssp:TokenType>
<wssp:Claims>
<wssp:SubjectName MatchType="wssp:Exact">
someone</wssp:SubjectName>
<wssp:UsePassword Type="wssp:PasswordDigest"
wsp:Usage="wsp:Required" />
</wssp:Claims>
</SecurityToken>
</wssp:TokenInfo>
<wssp:MessageParts Dialect="https://schemas.xmlsoap.org/2002/12/wsse#part">
wsp:Body() wsp:Header(wsa:To) wsp:Header(wsa:Action)
wsp:Header(wsa:MessageID) wsp:Header(wsa:From) wse:Timestamp()
</wssp:MessageParts>
</wssp:Integrity>
</wsp:Policy>
</policies>
</policyDocument>
See Also
Reference
UsernameToken
<Claims> Element