So far the samples seem to explicitly (through API) retrieve a token from the STS. I'm wondering whether this can be done declaratively only by way of the policy. It seems that if I have a policy file exposed within a service's WSDL that states what STS that is acceptable, then the client shouldn't need to get a token through the API?
In other words, in code I would expect something like: - setup a ServiceClient for the service provider endpoint - engage Rampart - load the service's policy document - call service and I would expect that based on Rampart's understanding of the policy it would know to retrieve a token from the STS prior to actually making the call to the service provider. If my expectation is wrong, then once I get a token from the STS programmatically, how do i attach it to the actual service call? Thanks, --tim --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]