I'm implementing a simple web service using Apache CXF where I have to authenticate a user based on username and password. This is straightforward and I have the service working using the WSS4F Interceptors.
The next phase of the project is making the service able to choose from a list of auth dbs where it will get the encrypted password that WSS4J will then use to compare against the password sent in the SOAP header. In order to determine which DB to pull the auth data from, I'd like to add a new header to the SOAP message. The Interceptor/Callbackhandler should have access to this header and then use it to figure out which DB to connect to. If anyone has any tips on how to approach this using the CXF API, please let me know! Thanks! -- View this message in context: http://www.nabble.com/Extending-Security-Interceptors-tf4778795.html#a13670686 Sent from the cxf-user mailing list archive at Nabble.com.