CSF Session doesn’t propagate credential from source to destination VAS
<csfse:SessionName>CountingSample</csfse:SessionName>
<csfse:Participants>
<csfse:Participant timeout="30" role="Service" mode="OneWay" type="WebService">
<csfse:ParticipantName>ServiceParticipant1</csfse:ParticipantName>
<csfse:ParticipantID>ServiceParticipant1</csfse:ParticipantID>
<csfse:ParticipantUrl>http://CSF01/CountingService2/Service2.ashx</csfse:ParticipantUrl>
<csfse:ParticipantWsdlUrl>http://CSF01/CountingService2/Service2.ashx</csfse:ParticipantWsdlUrl>
</csfse:Participant>
<csfse:Participant timeout="30" role="Service" mode="OneWay" type="WebService">
<csfse:ParticipantName>ServiceParticipant2</csfse:ParticipantName>
<csfse:ParticipantID>ServiceParticipant2</csfse:ParticipantID>
<csfse:ParticipantUrl>http://CSF01/CountingService1/Service1.ashx</csfse:ParticipantUrl>
<csfse:ParticipantWsdlUrl>http://CSF01/CountingService1/Service1.ashx</csfse:ParticipantWsdlUrl>
</csfse:Participant>
<csfse:Participant timeout="30" role="Service" mode="OneWay" type="WebService">
<csfse:ParticipantName>UIParticipant</csfse:ParticipantName>
<csfse:ParticipantID>UIParticipant</csfse:ParticipantID>
<csfse:ParticipantUrl>soap.tcp://localhost:9111/UiFormService</csfse:ParticipantUrl>
<csfse:ParticipantWsdlUrl>soap.tcp://localhost:9111/UiFormService</csfse:ParticipantWsdlUrl>
</csfse:Participant>
</csfse:Participants>
<csfse:RoutingTable version="1" timestamp="2006-03-27T18:42:13.9603020+02:00">
<csfse:Routes>
<csfse:Route>
<csfse:Criteria>(ACTION EQ 'Add')</csfse:Criteria>
<csfse:Destination>ServiceParticipant1[Add]</csfse:Destination>
<csfse:Intercept/>
</csfse:Route>
<csfse:Route>
<csfse:Criteria>((ACTION EQ 'AddResponse') AND (SOURCE EQ 'ServiceParticipant2'))</csfse:Criteria>
<csfse:Destination>UIParticipant[RouteResponse]</csfse:Destination>
<csfse:Intercept/>
</csfse:Route>
<csfse:Route>
<csfse:Criteria>((ACTION EQ 'AddResponse') AND (SOURCE EQ 'ServiceParticipant1'))</csfse:Criteria>
<csfse:Destination>ServiceParticipant2[Add]</csfse:Destination>
<csfse:Intercept/>
</csfse:Route>
</csfse:Routes>
</csfse:RoutingTable>
</csfse:Session>
The SOAP header is something like (some header removed to simplify the reading):
<soap:Header>
<csfse:SessionID>urn:...</csfse:SessionID>
<wsa:Action>Add</wsa:Action>
...
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-9f6829b8-d2d3-49c5-9c7c-60c026998a57">
<wsu:Created>2006-03-27T16:51:38Z</wsu:Created>
<wsu:Expires>2006-03-27T16:56:38Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="SecurityToken-...">
<wsse:Username>administrator@fabrikam.com</wsse:Username>
<wsse:Password>password</wsse:Password>
<wsse:Nonce>VOlNA2DOTUoFuWOjfW8lvg==</wsse:Nonce>
<wsu:Created>2006-03-27T16:51:38Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body>
...
</soap:Body>
</soap:Envelope>
<soap:Header>
<csfse:SessionID>urn:...</csfse:SessionID>
<wsa:Action>Add</wsa:Action>
...
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-f97709ea-9a36-4a3c-9c27-301e655c404a">
<wsu:Created>2006-03-27T16:51:38Z</wsu:Created>
<wsu:Expires>2006-03-27T16:56:38Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
...
</soap:Body>
</soap:Envelope>
<csfse:ParticipantName>PersonaParticipant</csfse:ParticipantName>
<csfse:ParticipantID>PersonaParticipant</csfse:ParticipantID>
<csfse:ParticipantUrl>...</csfse:ParticipantUrl>
<csfse:ParticipantWsdlUrl>...</csfse:ParticipantWsdlUrl>
<csfse:SecurityToken>
<wsse:UsernameToken wsu:Id="SecurityToken-055ed3fb-b592-49c7-b2b7-6f18a1ff7a86">
<wsse:Username>administrator@fabrikam.com</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">...</wsse:Password>
<wsse:Nonce>wPasvF7+DZ2DTcuWfEKVsg==</wsse:Nonce>
<wsu:Created>2006-03-24T17:07:19Z</wsu:Created>
</wsse:UsernameToken>
</csfse:SecurityToken>
</csfse:Participant>