[ http://jira.codehaus.org/browse/XFIRE-387?page=comments#action_64938 ]
Brian Bonner commented on XFIRE-387: ------------------------------------ Tomasz, thanks for clearing this up. Does WSS4J really throw an exception if the password is different than what is incoming on the request? If this is the case, than why should the plaintext password be any different? To me, this doesn't make sense--why would it "authenticate the user" in one scenario (digest), but not in another (plain text). Thanks. > USERNAME_TOKEN is not validating password from PasswordCallback > --------------------------------------------------------------- > > Key: XFIRE-387 > URL: http://jira.codehaus.org/browse/XFIRE-387 > Project: XFire > Type: Bug > Versions: 1.1-RC1 > Environment: jdk1.5.0_06 > Reporter: Brian Bonner > Assignee: Tomasz Sztelak > Attachments: ws-security-testcase-patch.txt > > > Does the password use the callback value only if Digest is specified? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.codehaus.org/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira
