by specifying a soapenv:header in the wsdd file of my web service, I have managed to validate user name and password passed by the client using a PWCallback class.
The problem now is that later on in the code, I need the username again, but all I have in the web service implementing classes is the request... which does not contain the header...
is there a way to get this info again or to tell wss4j to include it in the request? any suggestions?
WSS doesn't address this, and there's no standard way to do it, either; you'll need to resort to approaches that are specific to the SOAP stack you're using.
For example, Axis2 has the org.apache.axis2.context.MessageContext that can be used to store and retrieve properties during a request/response phase. You'd get the currently active context object by calling MessageContext.getCurrentMessageContext. I'm sure other SOAP stacks have comparable facilities.