Hi,
Take a look at org.apache.cxf.interceptor.security.JAASLoginInterceptor, you
can write your own interceptor and do what JAASLoginInterceptor do there
especially the code piece like
// try the UsernameToken
SecurityToken token = message.get(SecurityToken.class);
if (token != null && token.getTokenType() ==
TokenType.UsernameToken) {
UsernameToken ut = (UsernameToken)token;
name = ut.getName();
password = ut.getPassword();
}
-------------
Freeman(Yue) Fang
Red Hat, Inc.
FuseSource is now part of Red Hat
On 2014-5-8, at 下午4:48, Monga, Sunita (GE Healthcare) wrote:
> Hello,
>
> We have a requirement to extract username and password from WSS headers and
> pass it downstream for custom authentication. How to retrieve the values
> without using WSSJ authentication.
>
> Thanks
>
> Sunita
