Hello, I am having the following problem:
- We use XFire on the server side to expose a Webservice that calls EJB methods. - the XFire webservice is deployed as a webapp in the J2EE server (JBoss or Weblogic). - We want to use WS-Security with User Tokens (plain passwords). - We want to authenticate username/password against the J2EE server. I need username and password to authenticate against the J2EE server (by creating an InitialContect with the username as SECURITY_PRINCIPAL and password as SECURITY_CREDENTIAL). I can't do that in the PasswordHandler since - as far as I understand - it has no access to the password that the client sent. But If I don't implement the PasswordHandler (i.e. don't provide an "expected" password) then the WSHandler throws an exception. I thought I could do the authentication in the ValidateUserTokenHandler using the principal that is extracted from the WS-Results Vectors. But since I always get an exception in the WSHandler the ValidateUserTokenHandler is never called. How can I solve this problem? Oliver Doepner --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
