AnsweredAssumed Answered

How to use "Require WS-Security Password Digest Credentials Assertion"?

Question asked by stephan.burkard on Mar 2, 2018

Hi 

 

I would like to build a service that accepts authentication through WSS header with plaintext or digest password. I started out accepting plaintext passwords and authenticate against LDAP, what was quite straightforward. 

 

 

Now I wanted to add digest passwords as alternative, but I don't even understand how to use the Require WS-Security Password Digest Credentials Assertion

 

How can I specify the expected username and password? It could by any user. I would like to use the digest password the same way as I use the plaintext password: to authenticate the user against the LDAP service. But when I enter nothing for expected username/password I get the error "No conforming WSS Digest token was found in request".

 

Am I expecting something wrong from this assertion?

Is it not usable the way I want to? 

 

Thanks

Stephan

Outcomes