Well, having the client to decide which way to authenticate would be dangerous and a big security hole. The server has to be in charge and needs to decide how to authenticate. If you require different ways of authentication I would propose to setup different SOAP ports (service ports) with different names.
Regards, Werner debest wrote: > but my prerequisite is that i must allow client to authenticate in the way it > wants (es. with usernametoken, with certificate, ecc.). therefore i can't > provide parameter in my WSDD file because in this way i can only set one > authenticate method and so others are precluded. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
