You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Sergey Beryozkin (JIRA)" <ji...@apache.org> on 2010/04/19 14:17:49 UTC
[jira] Updated: (WSS-229) UsernameTokenProcessor should be able to
act as a UsernameToken parser only and not enforce the validation of
passwords
[ https://issues.apache.org/jira/browse/WSS-229?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Sergey Beryozkin updated WSS-229:
---------------------------------
Attachment: wss-229-1.patch
This is an initial draft patch to be reviewed/discussed. The idea is that a user can disable a passwords validation used a validatePasswords property.
> UsernameTokenProcessor should be able to act as a UsernameToken parser only and not enforce the validation of passwords
> -------------------------------------------------------------------------------------------------------------------------
>
> Key: WSS-229
> URL: https://issues.apache.org/jira/browse/WSS-229
> Project: WSS4J
> Issue Type: Improvement
> Components: WSS4J Core
> Reporter: Sergey Beryozkin
> Assignee: Ruchith Udayanga Fernando
> Fix For: 1.6
>
> Attachments: wss-229-1.patch
>
>
> UsernameTokenProcessor enforces the validation of passwords. In some cases it could be advantageous to use it only as a token parser creating a principal, ex, when it is used explicitly from a custom code. In such cases, the custom code can proceed with validating the username token details as needed.
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org