This chapter covers
As you saw in the previous chapter, the SOAP specification allows headers to be used for extending SOAP. WS-Security defines standard security headers for SOAP. In the first demonstration of WS-Security, we sent a username in a standard header. We also discussed the code behind that demonstration.
Sending the username along with the request is one way to claim identity. Most services require a user to establish his identity before his requests are served. This is because: