
Chapter 8. Web service specifications 163
3. Username and password digest.
Figure 8-9 Authentication using password digest
This is the most secure form of authentication defined by WS-Security 2004.
Rather than sending the password in plain text, the sender takes the SHA-1
hash of the password before sending it. The SHA-1 algorithm is defined by
the US National Institute for Standards and Technology (NIST).
Digital signature
A message is digitally signed by taking a hash of the message to create a digest,
then encrypting this digest with the sender's private key and attaching the result
to the message. When the recipient receives the message, ...