You can dynamically set the username and password for the client to use following these examples: http://stackoverflow.com/questions/5906154/apache-cxf-credentials-not-being-sent-from-wss4joutinterceptor
This blog article may provide a more helpful UT example: http://www.jroller.com/gmazza/entry/cxf_usernametoken_profile Glen On 02/17/2013 05:04 AM, lv wrote: > I have created a web services from java first . I need to add web services > security - username token. > I find UsernameTokenRequest.xml in > \apache-cxf-2.7.0-src\systests\ws-security\src\test\resources\org\apache\cxf\systest\ws\security\test-data > This xml file contains: > <wss:UsernameToken> > <wss:Username>alice</wss:Username> > <wss:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>FPqPsaAp7hWASdknPsbfZxIoDVI=</wss:Password> > <wss:Nonce > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>OJBNzEGDmTiD/lbeA+UDeg==</wss:Nonce> > <wsu:Created > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-12-10T21:12:59.100Z</wsu:Created> > </wss:UsernameToken> > > Does it mean only alice with correct password can login? > > If there are thousands of users need to provide username and password, how to > write the xml file? > > Thanks. >
