Security scenarios

Relevant for: API testing only

UFT provides several built-in scenarios for configuring security in Web Service calls.

A security scenario represents a typical security implementation for a Web Service. It contains information such as authentication, encoding, proxy, certificates, and so forth.

You can select one of the following types of Web Service security scenarios:

Default Web Service Scenario

A default Web Service scenario can be used for most Web services. It enables you to configure both transport and message-level security. UFT support for message-level security lets you manually configure the security elements such as tokens, message signatures, and encryption. For details, see Web Service scenario.

You use the default Web Service scenario for:

  • Simple Web Services where no advanced standards are required.

  • Web services using HTTP transport level security.

  • Web services using message level security (WS-Security) for SOAP 1.1

WCF-type scenario

WCF scenarios enables you to configure security for HTTP or custom bindings and work with advanced specifications, such as WS-SecureConversation.

You use a WCF scenario for:

  • WCF Services that utilize advanced security and WS-Specifications.

  • Web services using message level security (WS-Security) for SOAP 1.2

Such services can be written in various platforms such as WCF (Windows Communication Foundation), Metro (WSIT), and Axis2. UFT also supports proprietary standards and transports.

See also: