Hi Nandana, I've managed to solve the problem by adding "<sp:IncludeTimestamp/>" in the policy.xml. I had omitted it for my service. Would the absence of <sp:IncludeTimestamp/> result in security headers not being included in the SOAP message response? Thanks again.
Regards Sanjay >-----Original Message----- >From: Sanjay Vivek [mailto:[EMAIL PROTECTED] >Sent: 15 July 2008 07:23 >To: [email protected] >Subject: RE: "Missing wsse:Security header in request" exception. > >Hi Nandana, > >I'm using Rampart 1.4 on both the client and service side. I >used the same policy file for my Rampart 1.3 installation and >the security header was in the response. > >Do I have to configure my client code so that it accepts a >SOAP response message without security headers? Or do I >configure my policy so that Rampart 1.4 sends a SOAP message >with security headers? And if so, how do I go about doing >this? Thanks again. > >Regards >Sanjay > > >-----Original Message----- >From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] >Sent: Mon 14/07/2008 18:50 >To: [email protected] >Subject: Re: "Missing wsse:Security header in request" exception. > >Hi Sanjay, > >I just noticed the absence of <wsse:Security >> >xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-ws >> se >> >curity-secext-1.0.xsd<http://docs.oasis-open.org/wss/2004/01/oa sis-200401-wss-wssecurity-secext-1.0.xsd>" >> soapenv:mustUnderstand="true" /> in the SOAP response >Header. Any idea >> why this element is missing in the SOAP response header? > > >Looking at your policy, it seems that you don't need to have a >security header in the response. Rampart 1.4 doesn't send >empty security headers. Do you use Rampart 1.3 at the client side ? > > > >
