I just upgraded to the latest axis2/rampart version and encounter a strange behavior when providing a webservice which requires username-passwort authentification.
up to now, I implemented my own passwordcallback-handler which handled WSPasswordCallbacks of type WSPasswordCallback.USERNAME_TOKEN_UNKNOWN. I looked up the provided user in the DB and checked the given password.
in the latest version, the passwordcallback-usage always seems to be WSPasswordCallback.USERNAME_TOKEN where I have to provide the password for the given user - but I'm not able to provide the password, because I don't store the passwords plaintext. do I have to write my own org.apache.ws.security.validate.UsernameTokenValidator? where do I have to register it?
我在这里就Stackoverflow撰写了关于遇到此问题的摘要,以及针对此问题而找到的解决方法, 请在此处阅读 。
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.