soapstructurews-securityusernametoken

SOAP WS-Security header UsernameToken is element tenant valid?


I've got a UsernameToken:

<wsse:UsernameToken>
  <tenant>myTenant</tenant>
  <wsse:Username>
    USER
  </wsse:Username>
  <wsse:Password Type="blabla"
     >PASSWORD
  </wsse:Password>
</wsse:UsernameToken>

Now I've googled a lot but couldn't find out, if the element <tenant> is a valid element for the wsse:UsernameToken. I've found informations about the UsernameToken but there was no information about the tenant element.

My question is: Is this element valid and if yes, where can I find a specific declaration, how such a UsernameToken has to look like?


Solution

  • The schema http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd allows arbitrary elements under UsernameToken, so that looks like a custom extension. (Technically, wsse:Username should be first, so it probably won't validate, but semantically it's OK)