It's my impression that when using the new per-service method of establishing security policies, it is not currently possible to set up a requirement for a UsernameToken in PasswordText encoding that requires Nonce and Created values. However, is there a way to do that myself through my own adapter? Is it possible to retrieve the Nonce and Created values from a UsernameToken from within an adapter that is executed on each incoming request? If so, how?
