Hi,
Couple of days back I had the same problem but I could not make it using rampart but solved the problem. Find below the working code. I have created the stub using wsdl with Eclipse IDE. URL endPointURL = new URL("http:// "); EngineConfiguration config = new FileProvider("client_deploy.wsdd"); Service service = new Service(config); TestSoapStub stub = new TestSoapStub(endPointURL, service); stub._setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE); stub._setProperty(WSHandlerConstants.SIG_PROP_FILE, "client_crypto.properties"); stub._setProperty(WSHandlerConstants.USER, "client"); stub._setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,"com.unistream.client .ServiceSecurityHandler"); stub._setProperty(WSHandlerConstants.SIG_KEY_ID,"DirectReference"); stub.login(userID,password); client.deploy.wsdd file (just copy the same contents) <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> <globalConfiguration > <requestFlow > <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > </handler> </requestFlow > </globalConfiguration > </deployment> client_crypto.properties file (just copy the same contents and change the keystore.password, keystore.alias, alias.password, merlin.file according to ur spec) org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry pto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=xyzabc org.apache.ws.security.crypto.merlin.keystore.alias=client org.apache.ws.security.crypto.merlin.alias.password= xyzabc org.apache.ws.security.crypto.merlin.file=client.jks If you find any other better solution, please let me know. Regards, -senthil _____ From: Tirtza Bernstein [mailto:[EMAIL PROTECTED] Sent: Wednesday, October 17, 2007 7:54 PM To: axis-user@ws.apache.org Subject: Rampart signature I am using Axis2-1.3 and Rampart 1.3. I am the client and my requests need to be signed. My axis.client.xml includes the following <module ref="rampart" /> <parameter name="OutflowSecurity"> <action> <items>Signature</items> <user>wally</user> <signaturePropFile>crypto.properties</signaturePropFile> <passwordCallbackClass>net.idt.svp.security.PWCallback</passwordCallbackClas s> <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier> </action> </parameter> <parameter name="InflowSecurity"> <action> <items>Signature</items> <signaturePropFile>crypto.properties</signaturePropFile> </action> </parameter> My crypto.properties org.apache.ws.security.crypto.provider=org.apache.ws.security.components.cry pto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.file=J:\svp_prime\trunk\security\test.j ks org.apache.ws.security.crypto.merlin.keystore.password=pswd My Client includes the following: _serviceClient.getOptions().setTo(new org.apache.axis2.addressing.EndpointReference(targetEndpoint)); _serviceClient.getOptions().setUseSeparateListener(useSeparateListener); StAXOMBuilder builder = new StAXOMBuilder("resources/policy.xml"); Policy clientPolicy = PolicyEngine.getPolicy(builder.getDocumentElement()); _serviceClient.getOptions().setProperty(RampartMessageData.KEY_RAMPART_POLIC Y, clientPolicy); _serviceClient.engageModule("rampart"); My problem is that I have no clue how to set up the policy.xml. Rampart's examples do not include an example of pure signature only (no timestamp). Can someone supply me with an example? Thanks.