Let me explain what is happening. I am using Weblogic 8.1 with sp 5 running on Windows XP.
I have setup a usernametoken for all webservices. From all I can gleam from the documentation I think I have the server and webservices configured properly by including a security element in the web-services.xml file. I know the webservices is working. The only thing I am adding is the security part.
When I run the WebLogic generated
test client built from our webservice, I am able to invoke the webservice with no problem. I do not see a portion in the
SOAP Header where we're passing the username or password. This behavior should be caught at the server and access is denied.
Can someone please shine some light of this topic?
Thank you in advance for any comments or suggestions.
Russ