hi, Thanks for the detailed explanation. It looks like password digest cannot be used when the application stores the hashed password in the database.
the solution suggested is that the password has to be plain text over SSL . If i cannot use SSL , is there any other alternative to transmit password in a secure manner. Thanks lives -- View this message in context: http://cxf.547215.n5.nabble.com/WS-Security-UserNameToken-against-encrypted-database-password-tp561377p2803341.html Sent from the cxf-user mailing list archive at Nabble.com.
