Return-Path: 
 <users-return-43651-apmail-cxf-users-archive=cxf.apache.org@cxf.apache.org>
X-Original-To: apmail-cxf-users-archive@www.apache.org
Delivered-To: apmail-cxf-users-archive@www.apache.org
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by minotaur.apache.org (Postfix) with SMTP id 00859101E8
	for <apmail-cxf-users-archive@www.apache.org>;
 Mon, 24 Feb 2014 14:05:47 +0000 (UTC)
Received: (qmail 71508 invoked by uid 500); 24 Feb 2014 14:05:45 -0000
Delivered-To: apmail-cxf-users-archive@cxf.apache.org
Received: (qmail 71267 invoked by uid 500); 24 Feb 2014 14:05:44 -0000
Mailing-List: contact users-help@cxf.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:users-help@cxf.apache.org>
List-Unsubscribe: <mailto:users-unsubscribe@cxf.apache.org>
List-Post: <mailto:users@cxf.apache.org>
List-Id: <users.cxf.apache.org>
Reply-To: users@cxf.apache.org
Delivered-To: mailing list users@cxf.apache.org
Received: (qmail 71258 invoked by uid 99); 24 Feb 2014 14:05:43 -0000
Received: from athena.apache.org (HELO athena.apache.org) (140.211.11.136)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Feb 2014 14:05:43 +0000
X-ASF-Spam-Status: No, hits=3.7 required=5.0
	tests=DATE_IN_PAST_96_XX,SUBJ_ALL_CAPS
X-Spam-Check-By: apache.org
Received-SPF: unknown (athena.apache.org: error in processing during lookup of
 marcellocardoso@contmatic.com.br)
Received: from [189.44.93.167] (HELO contmatic.com.br) (189.44.93.167)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 24 Feb 2014 14:05:37 +0000
Received: from [192.168.0.68] (200-170-98-47.ind.ajato.com.br [200.170.98.47]
 (may be forged))
	(authenticated bits=0)
	by contmatic.com.br (8.14.3/8.14.5) with ESMTP id s1OE5D4O015814
	for <users@cxf.apache.org>; Mon, 24 Feb 2014 11:05:14 -0300
Message-ID: <52DD1F04.6040504@contmatic.com.br>
Date: Mon, 20 Jan 2014 11:05:08 -0200
From: Marcello Ribeiro <marcellocardoso@contmatic.com.br>
Reply-To: marcellocardoso@contmatic.com.br
Organization: Contmatic
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64;
 rv:24.0) Gecko/20100101 Thunderbird/24.3.0
MIME-Version: 1.0
To: "users@cxf.apache.org" <users@cxf.apache.org>
Subject: CXF - WSS4INTERCEPTOR - USERNAME
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 8bit
X-Virus-Checked: Checked by ClamAV on apache.org

Is there any way to send username/password from client to server just 
once, using WSS4iNTERCEPTOR? Only during the first login?
I think about keeping a token and using it all next times instead of 
storing username/password to be sent every logins.

In case of a mobile app running in Android as CXF WS client, would it be 
a good practice to store username/password to be used in the other logins?
I don�t think so, but at same time i am looking for solutions to avoid 
password being "hacked" directly in the device;

Att,
Marcello Ribeiro