Does anyone have experience in running axis2+rampart on weblogic 10.3.5?
I want to limit the access to an axis2 web service to allow only calls that use UsernameToken with a Digest Password.
Following rampart sample01 I am able to enable rampart module and call the webservice by providing "bobPW" as the password, in digested form. I call the service from SOAPUI.
The problem is that PWCBHandler needs to use (have access to) clear text passwords. I was expecting that application server will manage the passwords. Do I need to lookup the password from the weblogic realm?!
Is there any way to delegate the authentication of the user to the application server (Weblogic) ?
PS Is there any other forum/mailing list that can help me address this issue?