I would like to build a service that accepts authentication through WSS header with plaintext or digest password. I started out accepting plaintext passwords and authenticate against LDAP, what was quite straightforward.
Now I wanted to add digest passwords as alternative, but I don't even understand how to use the Require WS-Security Password Digest Credentials Assertion.
How can I specify the expected username and password? It could by any user. I would like to use the digest password the same way as I use the plaintext password: to authenticate the user against the LDAP service. But when I enter nothing for expected username/password I get the error "No conforming WSS Digest token was found in request".
Am I expecting something wrong from this assertion?
Is it not usable the way I want to?