Java EE (Java Enterprise Edition) General Discussion

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Weblogic server removing username & password in SOAP HEADER JAXWS

User_19BPUJul 10 2013

Hi,

I have the LDAP authentication and authorization configured in weblogic 10.4 (container managed)with user and group details
in a securiy realm.
Similarly in my web.xml I have configured the

<security-constraint>
<auth-contraint>

for the respective user and group.

In weblogic.xml I have configured, the respective container security as well.

<security-role-assignment/>

Now I am removing the container security with the user defined custom security.

Hence I have removed all the container security config from the weblogic as well as in the code.

My application is a webservice app, when I get a SOAP request with username & password in the header

some how weblogic server is removing the header which contains the username & password (reading the soap request

through SOAPHandler). Why this behavior is happening? If I dont remove the container security it is working fine.
Needless to say my application is deployed in weblogic 10.4

Please clarify.

Thanks.

Locked Post

New comments cannot be posted to this locked post.

Locked on Aug 7 2013

Added on Jul 10 2013

#java-technologies-for-web-services

0 comments

863 views