Answers inline.
> 1. What do I need to set in Validator.validate in Credential result object > to indicate that validation was successful or not? > Validation is deemed to be successful if there is a valid Credential object returned, and no exception is thrown. > 2. How do I access Credential data from my Cxf Service Endpoint > Implementation? > The SecurityContextToken is validated here: https://github.com/apache/ws-wss4j/blob/a85fd33f2d41f92edabb1d629946a87f524d7fd7/ws-security-dom/src/main/java/org/apache/wss4j/dom/processor/SecurityContextTokenProcessor.java It stores the DOM Element corresponding to the SecurityContextToken, the token Id, and a secret key associated with the token in a WSSecurityEngineResult, which can be accessed by CXF down the line. Colm. > > Thanks in advance > Igor > > > > -- > Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html >