Hi,
> Is setting "org.apache.cxf.ws.security.usernametoken.interceptor" bus' prop > to a custom UserNameTokenInterceptor class overriding > parseTokenAndCreatePrincipal the best I can do? > (So I can define a BSPEnforcer configured to my according to my needs) > If you want fine-grained control over BSPEnforcer to exclude individual rules, then this is the only option. However you also have the option of setting "ws-security.is-bsp-compliant" to false on the message context, in which case you won't need to subclass UsernameTokenInterceptor, but it will disable all BSP rule enforcement. Colm. > I'm importing classpath:META-INF/cxf/cxf.xml in my Spring config. Is a > custom PostProcessor the best way to configure the Bus? > > Thank you very much! > > Best regards >
