I have a basic question where I would like to secure my web service using username/digest policy(Wssp1.2-2007-Wss1.0-UsernameToken-Digest-X509-Basic256.xml) and deploy it on WebLogic Server 11g. As per my understanding, we have to mention the policy on the JWS as a policy URI. But my question is - how does Web Logic Server process this username/password digest and authenticate? If the username/password are in database, how does it compare?
Instead of using defaultauthenticator, you need to create RDBMS Authentication Providers inside myrelam of weblogic server.