Getting WSSE username and password inside PayloadEndpoint?
I'm implementing a security token service from WS-Trust. Basically I accept one request, a RequestSecurityToken which has included in it a WSSE UsernameToken. Spring-ws is verifying that the username and password exist and match in my user dao nicely. However, I need to return a list of all the requested claims and their values, which implies a second lookup into my user dao (with the same username/password). But I don't know how to get the username and password that were passed along with the soap message!
I could create my own endpoint I suppose, but then I would essentially just be copying + pasting the code from AbstractDomPayloadEndpoint, but implementing MessageEndpoint... that seems like the wrong approach.
Another approach I thought about was creating an interceptor... but let's say my interceptor parses out the UsernameToken... how do I pass that information into my endpoint so it's available during invokeInternal??
Has anyone got any advice? Just fishing for some ideas....