From version 3.0 onwards, WSO2 WSAS is powered by Carbon.
This post takes you through all the steps required in setting up UsernameToken security policy with WSAS to secure a given service.
First you need to download WSAS 3.0 from here.
Log into WSO2 WSAS administration console with admin/admin
1. Go to Service --> List --> Select "HelloService" service --> Security --> setup security scenario "UsernameToken" on it.
2. Select 'admin' as the user group who has access to the service.
3. To view the applied policy, go to Service --> List --> Select "HelloService" service --> Policy
4. Select 'Edit Policy' against 'Binding HelloServiceSOAP11Binding'. You can modify the applied policy here.
5. Now - let's see how we can try this service having secured with UsernameToken.
6. Go to Service --> List and select 'Try this service' against 'HelloService'. Provide a username/password of a user belongs to the 'admin' role and try the service.