Yes that could work. You could use the WSS4JInInterceptor to handle processing the Signature. You would need to extend the DefaultCryptoCoverageChecker though to assert the policies, or else the policy validation stage will fail.
Colm. On Thu, Oct 30, 2014 at 8:05 AM, SRog <[email protected]> wrote: > Hi Colm, > thanks for your response. > I read somting about WSS4JInInterceptor together with > DefaultCryptoCoverageChecker to check a signature. > > Could this be a solution, too? > > SRog > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Username-PWD-on-STS-tp5750076p5750433.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
