Hi Colm Thanks! Will check it out
Mike On 09 Jun 2011, at 10:48 AM, Colm O hEigeartaigh wrote: > Hi Michael, > > Those attributes are mandatory according to the Basic Security Profile > 1.1 specification, which is enforced by default in WSS4J 1.6. You can > disable the Basic Security Profile enforcement, if you are processing > third-party UsernameTokens with WSS4J. > > See the section "Basic Security Profile 1.1 compliance" here: > > http://ws.apache.org/wss4j/topics.html > > Colm. > > On Thu, Jun 9, 2011 at 9:28 AM, Mike O'Connell <[email protected]> wrote: >> Hi All >> >> I've run into an issue during interoperability testing using WSS4j and the >> UsernameToken. >> >> The following element attributes that are defined as optional in the wss-1.1 >> specification (link below) are not optional in WSS4j-1.6.0 (according to >> source): >> >> * /wsse:UsernameToken/wsse:Password/@Type >> * /wsse:UsernameToken/wsse:Nonce/@EncodingType >> >> From section 3.1 of the specification >> http://www.oasis-open.org/committees/download.php/16782/wss-v1.1-spec-os-UsernameTokenProfile.pdf >> >> I've changed it locally but I feel it needs to be integrated into the main >> WSS4j trunk. >> >> Thanks, >> >> Michael O'Connell >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [email protected] >> For additional commands, e-mail: [email protected] >> >> > > > > -- > Colm O hEigeartaigh > > http://coheigea.blogspot.com/ > Talend - http://www.talend.com > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
