Robter, usually this is not required. It depends on the setup of your deployment files on the client side. You can setup the request and the response path independently.
BTW, which handler do you use? The JAX-RPX compliant handler or the WSDoAll* pair of handlers? Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Robert Sauer [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 22. Juli 2005 07:39 > An: [email protected] > Betreff: ws-sec req/resp symmetry > > > Greetings, > > this seems to be more of a spec question, but I was not able > to find it > yesterday. The scenario is as follows: > > When sending authentication enabled requests, we include for instance > username/password info with the request by using the WSS4JHandler. The > problem now is that when the response arrives, the same > handler is looking > for ws-sec headers in it, too. When they are missing it > throws an exception, > thus rendering the call failed. > > Is it really required that any response to a ws-sec enabled > request has to > include ws-sec headers, too? > > Best regards, > Robert > >
