Hi, Maybe answer on this question already was posted but i could not find how to solve this problem.
Requirement: If request has wss header use it to authenticate user otherwise if http request has basic auth. headers use it to authenticate, if neaither wss nor basic http supplied use "anonymous" principal. Setup: axis2 service deployed into weblogic container. Since basic http is optional security-constraint on web app level cannot be used. Option of wss brings up rampart, but if no wss header present in request - it will not authenticate request. One possible way i see is to add a custom handler to InFlow that would take basic http authentication data and add wss header to message on the fly. Is this the right way to go? Is there any other ways? Can rahas help here, if yes then how? Thank You VY
