Hi, I am trying to use a complete security configuration in which the client sends UsernameToken, encrypts the SOAP body and signs the timestamp; the problem is that I don't know how I could distinguish the signature user of the usernametoken user in client_config.wsdd. Is it possible to send Username from Usernametoken different to signature user??? The only way that I achieved this was set the same user for Usernametoken and signature user and then the client has to send the secret key to open its certificate and the server would have to store this secret key of the client in its PWCAllback and this breaks the security concept.
Thanks in advance -- View this message in context: http://www.nabble.com/UsernameToken-and-Signature-tf4223194.html#a12013588 Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
