Which authentication method are you using? If you are using WS-Security via the WSS4JInInterceptor, then you can set the authenticated user in your password callback class. Generally, the easiest method is to set a thread local variable (the method Spring security uses). If you are using HTTP basic authentication, I am pretty sure you would be able to get the username from the HTTP headers.
Slava Imeshev wrote: > > Hi Derek, > > Thank you. How will webservice implementation know who is calling? And > how will it know that in one case user has not been authenticated? > > Regards, > > Slava Imeshev > > P.S. There is no Spring in picture > > -- View this message in context: http://www.nabble.com/Authentication-and-authorization-tp22111513p22125831.html Sent from the cxf-user mailing list archive at Nabble.com.
