Karthik Abram wrote: > > Does this even make sense? Are there any alternate routes for achieving > the > basic goal of not throwing exceptions to signal client auth failure? >
Rather than circumvent the usual exception-based functionality of using WS-Security directly, I would look at implementing a web service called validateUser or whatever that returns true/false based on successful or failed authentication. Glen -- View this message in context: http://www.nabble.com/CXF-security-without-throwing-exceptions-tp19227328p19228698.html Sent from the cxf-user mailing list archive at Nabble.com.
