Hi, I have sucessfully deployed Rampart policy sample 3 with Axis2 and Rampart 1.3 I am not sure about how the security mechanism work in this sample. This is what I think: The client sign and encrypt its message using private key stored in client.jks. When a server receive the message, it decrypt and verify the message by using public key extracted from the message header.
This means that anyone who intercept the package can decrypt the message? Thanks, Thawan Kooburat Department of Computer Engineering Faculty of Engineering Chulalongkorn University Bangkok Thailand --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]