AnsweredAssumed Answered

How to use "Require WS-Security Password Digest Credentials Assertion"?

Question asked by stephan.burkard on Mar 2, 2018
Latest reply on Dec 19, 2018 by Stephen_Hughes



I would like to build a service that accepts authentication through WSS header with plaintext or digest password. I started out accepting plaintext passwords and authenticate against LDAP, what was quite straightforward. 



Now I wanted to add digest passwords as alternative, but I don't even understand how to use the Require WS-Security Password Digest Credentials Assertion


How can I specify the expected username and password? It could by any user. I would like to use the digest password the same way as I use the plaintext password: to authenticate the user against the LDAP service. But when I enter nothing for expected username/password I get the error "No conforming WSS Digest token was found in request".


Am I expecting something wrong from this assertion?

Is it not usable the way I want to?