Hi Thomas, Sorry for the late reply. According to the given policy you need to have a encryption crypto defined in the RampartConfig section. Even though you don't have any message parts to be encrypted, you still need an encryption crypto as we have to create an encrypted key in the symmetric binding as I said earlier. That encrypted key will be used to sign the messages back and forth. You need to get the web service's certificate and include that in the key store you provide for encryption crypto. You only need the public key of the web service. According to the above policy, you don't need a certificate for yourself. According to the policy, this web service can be accessed by anonymous clients. This security policy only provides integrity. It doesn't provide authentication or non repudiation. Hope this information will help you.
thanks, nandana --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]