This week's book giveaway is in the Reactive Progamming forum. We're giving away four copies of Reactive Streams in Java: Concurrency with RxJava, Reactor, and Akka Streams and have Adam Davis on-line! See this thread for details.
I have developed a simple spring webservice with Castor. I configured the project to introduce WS-Security using the following:-
My userDetailsService class extends abstract class org.springframework.security.core.userdetails.UserDetailsService
and I implement the following:-
Since my application does not use SSO how can I get the password to validate against the user. Once the user has been succ validated
I can then setup the users Roles. Is this a correct approach?
posted 6 years ago
resolved the password issue. Within SpringPlainTextPasswordValidationCallbackHandler it validates the password within UserDetailsVO (i.e. from the database)
with that passed in within the request soap envelope wsse usernameToken.
I'm now starting to look at Certificate Authentication using a KeyStoreCallbackHandler (i.e. associated with truststore) along with my current implemetaion of authenticationManager.