Reputation: 65205
SOAP header: why authenticate in the header and not the body?
SOAP header: why authenticate in the header and not the body?
whats the differences between putting the user's credentials (username/password) in the header vs the user's credentials (username/password) in the body?
Upvotes: 8
Views: 2159
Answers (2)
Reputation: 4152
well, authenticating in the SOAP Header can allow a single piece of code to authenticate all requests into the SOAP WS without knowing the actual contents of the SOAP Envelope. This can greatly reduce the amount of code you need to authenticate your services.
If you don't put it in the header, you'll need to do the authentication at the time of processing the Service, which is more expensive than NOT processing the service at all if authentication fails
for example, check out here and here
Upvotes: 3
Reputation: 24723
SOAP follows a format which defines the Body as the message. The Header is open ended to some degree and can be used for varying reasons by varying frameworks, whereas the Body has a sole purpose, transmitting the message.
Upvotes: 2
Related Questions
- Authentication Soap Api Header c#
- .NET SOAP does not send BASIC auth in request header
- Authorization Header in SOAP call
- SOAP headers versus HTTP headers
- Authentication using HTTP Authorization Header in WCF SOAP API
- How can I add a Basic Auth Header to my SOAP?
- Web service soap header authentication
- WebService Headers Authentication
- Is there a difference between putting web service authentication info in the SOAP header and passing it as an argument?
- SOAP Header Authentication not working?