CXF Authentication using passwordDigest in WSSecurity does not work

Solution Unverified - Updated -

Issue

I have a cxf webservice which is using WSSecurity UsernameToken which is being validated against default Karaf JAAS realm "karaf". This works fine using PasswordText, but not working using PasswordDigest. Below is the snippet of the Blueprint:

<cxf:cxfEndpoint id="serverEndpoint" address="xxxx"
                serviceClass="xxxx"
        wsdlURL="wsdl/xxxx">
    <cxf:inInterceptors>
        <bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
            <property name="properties">
                <map>
                    <entry key="action" value="UsernameToken" />
                    <entry key="passwordType" value="PasswordDigest" />
                </map>
            </property>
        </bean>
        <ref component-id="authenticationInterceptor"/>
    </cxf:inInterceptors>
</cxf:cxfEndpoint>

<bean id="authenticationInterceptor" class="org.apache.cxf.interceptor.security.JAASLoginInterceptor">
    <property name="contextName" value="karaf"/>
</bean>

Environment

  • JBoss Fuse
    • 6.2.1

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content