RAMPART - How to: UsernameToken Digest Password

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

RAMPART - How to: UsernameToken Digest Password

Liviu Florin Copot
Dears,

Does anyone have experience in running axis2+rampart on weblogic 10.3.5?

I want to limit the access to an axis2 web service to allow only calls that
use UsernameToken with a Digest Password.

Following rampart sample01 I am able to enable rampart module and call the
webservice by providing "bobPW" as the password, in digested form.
I call the service from SOAPUI.

The problem is that PWCBHandler needs to use (have access to) clear text
passwords. I was expecting that application server will manage the
passwords. Do I need to lookup the password from the weblogic realm?!

Is there any way to delegate the authentication of the user to the
application server (Weblogic) ?

Thank you,

Liviu 

PS Is there any other forum/mailing list that can help me address this issue?