Hi,
My business scenario requires me to have two policy definitions applied on the
ESB (for Proxy and the Endpoint). Things are working fine for
encryption+signature+timestamp scenarios where the ESB negociates the client
side security and sends the request to the service side re-encrypted and
re-signed through the service side policy.
Now I want to allow the client to send username and password end-to-end where
the ESB would only do a pass-through to the service which the service will do a
verification (not the ESB).
Appreciate if you could let me know how this can be done.
Regards,
Manoj
PS - I am setting the username and password through rampart options as follows.
Options options = new Options();
options.setUserName("testuser");
options.setPassword("testpassword");
