Yes you are correct. There is no association between a UsernameToken and a Signature. UsernamToken is just a replacement for HTTP Basic Auth for use in Http transports.
It sounds like jaas cert auth is what you want, but we don't have support for that yet. It is, however, on the roadmap. http://jira.jboss.com/jira/browse/JBWS-652 Unfortunately, it is a lower priority than JAX-WS right now. However, this can change if you are interested in contributing to open source, and have the time to work on submitting a patch. If you decide give it a shot, feel free to post in the developement forum and we can discuss the design. -Jason View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966088#3966088 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3966088 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
