WSSecurity to use Nonce and Created values regardless of WSSecurityManager requireNonceAndCreated property

Issue #40 resolved
created an issue

As per

The ProcessUTAuthenticatedMessage class (lines 104-149) should attempt to use the Nonce and Created UsernameToken values regardless of the requireNonceAndCreated property (set via WSSecurityManager).

This will allow both PasswordText (where Nonce and Created are not required) and PasswordDigest to be used.

The requireNonceAndCreated property should only be used to return an error if Nonce and Created are not passed with the request.

Comments (2)

  1. Log in to comment