Hi, I am trying to do Custom Authentication of UsernameToken in WS-Security. I have done the following:
1. Set ws-security.validate.token property in jaxws:endpoint to false 2. Created a custom authentication class, SoapLoginInterceptor by extending AbstractPhaseInterceptor<Message> 3. Configured SoapLoginInterceptor in jaxws:inInterceptors 4. In handleMessage(Message message) method of SoapLoginInterceptor I get the Username and Password which are present in the SOAP message header 5. The password is PasswordDigest so I get the encrypted password in SoapLoginInterceptor How can I use this encrypted password to compare with the actual password that I get from the persistence store. Please help. Thanks in advance. Regards Paul
