Handling Authentications

In this lesson, we will learn how to make SOAP web service calls that are secured using plain text username and password.

We'll cover the following

- - Sample SOAP authorization header
  - Sending authorization header in the request

We have already learned that SOAP can have its own implementation of security using WS-Security. The following is a sample SOAP header to pass plain text username and password:

Sample SOAP authorization header

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" wsse:mustUnderstand="1">
  <wsse:UsernameToken>
     <wsse:Username>testuser</wsse:Username>
     <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testpass</wsse:Password>
  </wsse:UsernameToken>
</wsse:Security>

In the sample SOAP header above, we pass plain text username and password. Please take a look at the password type, as passwords can be of 3 different types – PasswordDigest, PasswordText, UsernameToken. To know more, please follow this link.

Sending authorization header in the request

For the demonstration, we are considering a plain PasswordText. We have already seen how to use WebServiceTemplate to send the request and receive the response in the Sending requests using SOAP client lesson.

Here, we will see how to use the same to pass the additional authorization header in the request.

Get hands-on with 1200+ tech skills courses.

About API and WebServices

Introduction to HTTP

Introduction to REST API

REST API Automation using Rest Assured

Introduction to SOAP API

SOAP API Automation

Integration Test

Allure Reporting

Manual Testing: REST and SOAP API

Bonus: API Test Automation Framework

Conclusion

Handling Authentications

Sample SOAP authorization header

Sending authorization header in the request