I just did more testing and it doesn't seem to work as I imagine. The code I had only checks if there is a soap header section regardless the username/password matches or not. Do I need to implement my own check for username/password authentication in my server side Interceptor? Thanks.
Regards, ~Adam -- View this message in context: http://cxf.547215.n5.nabble.com/Interceptors-for-WS-security-tp5722285p5724482.html Sent from the cxf-user mailing list archive at Nabble.com.
