wss-security header processing.

I created a webservice/soap mapping for ws-stack that requires a username token in the ws-security header.
I created a PasswordCallbackHandler to validate the incoming credentials.
It works in terms of validation, but then ws-stack passes those credentials to the backend rpc server. I do not want that to happen. The rpc/broker credentials are supplied in the .xmm/.aar file, but they are being overwritten by the incoming ws-credentials. Is there any way to prevent that from happening?

Please try the following:

In the AAR Editor in Designer go to the tab EntireX Settings.
And then:

  • Set „User Name Token“ to disable.
  • Save and deploy again

Thank you Rolf. That worked!