[jbossws-issues] [JBoss JIRA] Created: (JBWS-1991) ReceiveUsernameToken doesn't process authentication

ReceiveUsernameToken doesn't process authentication --------------------------------------------------- Key: JBWS-1991 URL: http://jira.jboss.com/jira/browse/JBWS-1991 Project: JBoss Web Services Issue Type: Bug Security Level: Public (Everyone can see) Affects Versions: jbossws-native-2.0.3 Reporter: seboonet Priority: Critical ReceiveUsernameToken (via SecurityAdaptorImpl) delegate setting of username/password directly to SecurityAssociation, without invoking authentication by JaasSecurityManagerService. Example header: <soapenv:Header> <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-... xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-w... <wsse:UsernameToken wsu:Id="token-5-1201603135036-5863106"> <wsse:Username>some_username_that_should_be_authenticated_by_container</wsse:Username> <wsse:Password>some_credentials</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soapenv:Header> -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira