Using the WS-Security Login Feature
If your InterSystems IRIS® data platform web client is using a web service that requires authentication, and if do not want to use the newer WS-Security features, you can use the older and simpler WS-Security login feature.
To use the WS-Security login feature:
-
Ensure that you are using SSL between the web client and the web server that hosts the web service. The WS-Security header is sent in clear text, so this technique is not secure unless SSL is used. See Configuring the Client to Use SSL.
-
Invoke the WSSecurityLogin() method of the web client. This method accepts the username and password, generates a WS-Security username token with clear text password, and adds a WS-Security header to the web request.
-
Invoke the web method.
This technique adds the security token only to the next SOAP message.
For information on the newer WS-Security features, see Securing Web Services.