0 Replies Latest reply on Jul 10, 2013 10:03 AM by 800839

    Weblogic server removing username & password in SOAP HEADER JAXWS

    800839

       

      Hi,

       

      I have the LDAP authentication and authorization configured in weblogic 10.4 (container managed)with user and group details
      in a securiy realm.
      Similarly in my web.xml I have configured the

      <security-constraint>
      <auth-contraint>

      for the respective user and group.

       

      In weblogic.xml I have configured, the respective container security as well.

      Like

      <security-role-assignment/>

       

      Now I am removing the container security with the user defined custom security.

      Hence I have removed all the container security config from the weblogic as well as in the code.

      My application is a webservice app, when I get a SOAP request with username & password in the header

      some how weblogic server is removing the header which contains the username & password (reading the soap request

      through SOAPHandler). Why this behavior is happening? If I dont  remove the container security it is working fine.
      Needless to say my application is deployed in weblogic 10.4

       

      Please clarify.

       

      Thanks.