Spring-ws and ACEGI vs deleted\locked users

[harshi]

H,
How to configure WS security\ACEGI in spring webservices to check for
deleted\locked users and send error message like user has been deleted\locked.

This is my current configuration ,AcegiDigestPasswordValidationCallbackHandler doesn't check for deleted \locked users??

Regards
Harshi


<!-- ===================== WS-SECURITY ============================== -->

<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.X wsSecurityInterceptor">
<description>
This interceptor validates incoming messages according to the policy defined in 'securityPolicy.xml'.
The policy defines that all incoming requests must have a UsernameToken with a password digest in it.
The actual authentication is performed by the Acegi callback handler.
</description>
<property name="secureResponse" value="false"/>
<property name="policyConfiguration"
value="/WEB-INF/securityPolicy.xml"/>
<property name="callbackHandler">
<bean class="org.springframework.ws.soap.security.xwss.c allback.acegi.AcegiDigestPasswordValidationCallbac kHandler">
<property name="userDetailsService" ref="securityService"/>
<property name="userCache" ref="userCache"/>
</bean>
</property>
</bean>

[harshi]

Any one has this problem for checking expired\deleted users?

Regards
Harshi

[robertoschwald]

Have exactly the same requirement as you, but the SpringPlainTextPasswordValidationCallbackHandler filters the LockedException.

Have you found a solution?