how to sign UsernameToken?

Hi,

the api I try to communicate with requires to sign the UsernameToken. How do I do that?

Whatever I try either the UsernameToken is removed from the request upon signing or nothing is signed at all.

The api expects a soapenv:Envelope .

Here is what I did so far:

I created two outgoing ws-security configurations:

1. Username
   1. type: username
   2. pwd type: PasswordText
   3. do not add nonce or created
2. Signature
   1. type: signature
   2. Binary Security Token
   3. single certificate for signing
   4. several parts added

To create the final request I now do:

1. click "outgoing wss" -> apply username
   1. now the UsernameToken is added to the request as expected
2. click "outgoing wss" -> apply signature
   1. now the UsernameToken is removed
3. send the request

or

1. add the UsernameToken to the request manually
2. click "outgoing wss" -> apply signature
   1. now the UsernameToken is removed
   2. nothing is signed
3. send the request

Problem is that upon applying signature the UsernameToken is removed from the request. If I just add it manually to the request xml and put the UsernameToken to the parts to be sign nothing get's signed at all.

When adding the UsernameToken to the parts to be signed I add it like this:

• Name: UsernameToken
• Namespace: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
• Encode: Content