Affects Version/s: None
Fix Version/s: None
A Policy was specified on a web service as such:
If the request contains username token + password in security header, I would expect (hope) rampart to ignore
the password or complain that a password is present (i'm not sure about the meaning of NoPassword in this respect).
Anyway: rampart will go into the password callback and require us to supply the value.
Is this correct?
|Field||Original Value||New Value|
|Comment||[ I could reproduce this issue. This seems to come from Neethi. ]|
|Attachment||RAMPART-385.patch [ 12544407 ]|
|Attachment||RAMPART-385.patch [ 12544411 ]|