A future version of CXF (possibly CXF 2.7 or 3.0) will pick up WSS4J 2.0, which will evaluate security policies dynamically, rather than after the security processing has completed.
Colm. On Mon, Apr 16, 2012 at 1:18 PM, sram <[email protected]> wrote: > The only issue in this approach is, it exposes the system from rogue requests > trying to guess passwords and when defended with max re-tries, will lock > users. Not just that, it also has potential to open server sessions and > max-out, when other parts of the contract are not satisfied. Can this be > classified as a bug for future improvement? > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WS-Policy-Execution-order-tp5639774p5643639.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
