I would like to build a service that accepts authentication through WSS header with plaintext or digest password. I started out accepting plaintext passwords and authenticate against LDAP, what was quite straightforward.
Now I wanted to add digest passwords as alternative, but I don't even understand how to use the Require WS-Security Password Digest Credentials Assertion.
How can I specify the expected username and password? It could by any user. I would like to use the digest password the same way as I use the plaintext password: to authenticate the user against the LDAP service. But when I enter nothing for expected username/password I get the error "No conforming WSS Digest token was found in request".
Am I expecting something wrong from this assertion?
Is it not usable the way I want to?
The assertion "Require WS-Security Password Digest Credentials Assertion" is very narrow in its scope of the user that is connecting. It has to have an understanding of both the username and password so it is a one to one relationship and not designed to be used with more than one user connecting. Mainly we have seen this used when service accounts are calling the Gateway.