I haven't done this before, but I believe this article will help you:
http://coheigea.blogspot.com/2011/06/custom-token-validation-in-apache-cxf.html.
This will work
in more recent versions of CXF (perhaps 2.4.x onwards).
You'll need to configure a new validator that accesses the DB and
returns pass/fail based on the
supplied UsernameToken information.
HTH,
Glen
On 11/19/2011 07:12 AM, Andres Olarte wrote:
I'm using WSS4JInInterceptor to try to authenticate my client. I have been
able to create a trivial example. However, I have a problem. In my
application, I use the supplied user name and password to try to open a
connection to the database. If the connection attempt is successful, the
user has authenticated, otherwise, the login attempt gets rejected. Using
WSS4JInInterceptor I need to implement a callback that returns the user's
password. In my security scheme, I have no access to this password. How can
I implement something like this?
Should I subclass WSS4JInInterceptor and hack it to provide the password?
Thanks
Andres
--
Glen Mazza
Talend Community Coders
http://coders.talend.com
blog: http://www.jroller.com/gmazza
