Hello everybody, how can I access the password that was submitted in the PasswordDigest from a UsernameToken to authenticate a username/password?
I am using UsernameToken authentication to secure my webservice (Axis2 1.1.1 with Rampart 1.1). I configured the client for Outflow-Security and the server for Inflow-Security. After calling the webservice from the client, when the callbackhandler of the service on the server is called, the WSPasswordCallback-Instance only contains the username of the Token, not the password (although present in the SOAP-Header). In contrast to that I can access the password in the service's callbackhandler if I switch the PasswordType to "PasswordText" on the client side (in plain text of course). Is it possible at all to authenticate against the submitted password digest? Why does the WSPasswordCallback not cotain the value of "PasswordDigest", nor the password? I would prefer using PasswordDigest authentication rather than using PasswordText. I would greatly appreciate, if someone could give me a hint or a pointer to more detailed information. The only information I found is this: [1] - http://wso2.org/library/240 [2] - http://wso2.org/library/234 Best Regards, Sven --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
