Forum Discussion

tamnor's avatar
tamnor
Occasional Contributor
8 years ago

Basic WS security date used in created

Hi,

 

I just has a question regarding the Basic WS security standard, specifically the date used to perform the hashing.

 

Looking at some requests that I have submitted from SoapUI Pro using the BASIC WS security setting I can see that the date/Time used in the created element is not current. It is from a couple of months ago.

 

Does this algorithm just take any date as long as it is in the correct format i.e. it doesn't have to be current or within the last hour?

 

e.g.

 

<wsse:Username>username</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">DDgOjpM5ibHBkQHZ571X5CEcs+I=</wsse:Password>
            <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">vUx2pPOw2vCPWBqqrvrC0Q==</wsse:Nonce>
            <wsu:Created>2017-03-14T14:38:24.957Z</wsu:Created>

 

Thanks.

 

 

3 Replies

Sort By
  • nmrao's avatar
    nmrao
    Champion Level 3
    8 years ago
    Are you sure that the date is generated one?

    Hope you are not sending any Headers in the request. Right?

    What is the version of ReadyAPI?