That's right. It works fine as long as you have a access to the password. If you manage the users in a ldap system, it is more difficult. This will be addressed by the JAASUsernameTokenValidator - without programming.
________________________________________ Von: pj23 [[email protected]] Gesendet: Freitag, 23. September 2011 17:09 Bis: [email protected] Betreff: Re: UsernameTokenHandler required? or Help with WSS4J CallbackHandler typo in String. -- View this message in context: http://cxf.547215.n5.nabble.com/UsernameTokenHandler-required-or-Help-with-WSS4J-CallbackHandler-tp4831197p4833938.html Sent from the cxf-user mailing list archive at Nabble.com.
