Hi,
I'm new to the subject WebServices security.
Various tutorials mention that a
SOAP message can carry username/password, using the tags < wsse:Username > , < wsse
assword >.
I was wondering if the standard would allow me to send a group (or role), *instead* of username/password ?
I am going through an SSO system, so I don't need the password anymore (my systems trust each other). But I would like to send the user role, something like:
// dummy tag!
< wsse:role > admin ...
Thanks