[jboss-user] [JBoss Web Services] New message: "Re: JbossWS username authentication not working"

User development, A new message was posted in the thread "JbossWS username authentication not working": http://community.jboss.org/message/528880#528880 Author : Bonnie Kenison Profile : http://community.jboss.org/people/bkenison Message: -------------------------------------------------------------- I really just want to secure the web service, ie., require that the soap to the service includes the wsse:security header and that something on the server side verifies that this is the correct username/password.  The webservice will run under a web app that does not need to be secured.    This is the webservice request that gets generated:   <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'> <env:Header> <wsse:Security env:mustUnderstand='1' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws...      <wsse:UsernameToken wsu:Id='token-1-1267205890331-29812760'>      <wsse:Username>kermitabcd</wsse:Username>      <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur...      </wsse:UsernameToken></wsse:Security> </env:Header> <env:Body>      <ns2:ping xmlns:ns2="http://localhost:8080/uttestservice"><arg0>Pramod</arg0></ns2:ping> </env:Body> </env:Envelope>   I just want something that says - username: kermitabcd and password:thefrogefg is not correct.  Right now, the webmethod is being executed regardless of the username/password being sent in.   Bonnie -------------------------------------------------------------- To reply to this message visit the message page: http://community.jboss.org/message/528880#528880