Hi,
We are using ECC with SAP_ABA 6.40 and are consuming Webservices from a external party. This always worked except now this external party is using the UsernameToken security profile in the SOAP header for authentication. Basicly this means the following addon to the SOAP header message in our outbound message:
<soapenv:Header>
<soapenv:Security>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>####</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">####</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
We are using a Logical Port to define the end-point URL from the external party and add a WS Security profile to the available soap methods in LPCONFIG.
In this WS Security Profile we added the requested username and password in the hope this will be automaticle be added in the header of the SOAP envelope.
Unfortunally the request of our WS Response is as follow: "SoapFaultCode:4 Anonymous access is denied for the method". This means that the security header is not correct or not available.
Does anyone have a idea of our version of SAP supports the UsernameToken profile? And how can we configure our webservice to add the right header to the request?
Thanks in advance!
Best regards,
Joost Weghorst