On Oct 25, 2013, at 4:19 PM, Sam <[email protected]> wrote: > Hi guys, > > In the latest usernameToken profile > http://docs.oasis-open.org/wss-m/wss/v1.1.1/os/wss-UsernameTokenProfile-v1.1.1-os.html, > it specified > the password digest should be: Password_Digest = Base64 ( SHA-1 ( nonce + > created + password ) ) . > > So my question is where in CXF is this implemented?
This would be down in WSS4J: http://svn.apache.org/repos/asf/webservices/wss4j/branches/1_6_x-fixes/src/main/java/org/apache/ws/security/message/token/UsernameToken.java Dan > I want to generate this digest manually for soap request. > > I checked CXF source code and the closest thing I found is > DigestAuthSupplier.java, which doesn't seem to be doing password digest > according to formula above. > > Thanks, > Sam -- Daniel Kulp [email protected] - http://dankulp.com/blog Talend Community Coder - http://coders.talend.com
