usernametoken

I'm trying to authenticate a SOAP request using WS-UsernameToken spec, but the target device is always denying access. My non-working request looks like this. (The password I'm trying to hash is system .) <?xml version="1.0" encoding="UTF-8"?> <Envelope xmlns="http://www.w3.org/2003/05/soap-envelope"> <Header> <Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <UsernameToken> <Username>root</Username> <Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">EVpXS/7yc/vDo+ZyIg+cc0fWdMA=<

I have the following documentation from the ONVIF's Programmer Guide I'm currently trying to reproduce the Resulting Digest using the same entries given in the guide... Here's my code: private string GenerateHashedPassword(string nonce, string created, string password) { byte[] nonceBytes = Encoding.UTF8.GetBytes(nonce); byte[] createdBytes = Encoding.UTF8.GetBytes(created); byte[] passwordBytes = Encoding.UTF8.GetBytes(password); byte[] combined = new byte[createdBytes.Length + nonce.Length + passwordBytes.Length]; //N-C-P Buffer.BlockCopy(nonceBytes, 0, combined, 0, nonceBytes.Length);

I have a webservice build in PHP that uses UsernameToken as authentification mechanism. I have PHP client side code that can access this web service. Now I need to do this in Java. Maybe you can help me! This service can be accessed using the following php code: $password="super_secure_pass"; $timestamp=gmdate('Y-m-d\TH:i:s\Z'); $nonce=mt_rand(); $passdigest=base64_encode(pack('H*',sha1(pack('H*',$nonce).pack('a*',$timestamp).pack('a*',$password)))); $nonce=base64_encode(pack('H*',$nonce)) These values get parsed into this Soap header. <wsse:Security SOAP-ENV:mustUnderstand="0" xmlns:wsse=

Summary: I am working on a .NET 4.0 WCF client to consume a web service (DataPower, Java service on the other end) using SOAP 1.1 and WS-Security 1.0. The WCF client must implement a client certificate for mutual authentication at the transport layer. The message body needs to be signed using a separate service/signing certificate. The SOAP header also needs to contain a Username Token with Password Digest and include Nonce and Created tags. I am able to consume this web service using WSE 3.0 with BasicHTTPBinding. But I have not been successful so far in implementing the same with WCF using