Hi, I am trying to implement WS-SecurityPolicy (1.2) asymmetric binding for a web services on AXIS2 1.4.1, but my goal was to have an X509 certificate only for the initiator. Responses should not be signed. There would be no encryption. Apparently, currently if using rampart 1.4 (implementing WS-SecurityPolicy-1.2 ?) it seems that attaching a security policy without "recipienttoken" fail with the following Exception thrown:
Caused by: org.apache.ws.secpolicy.WSSPolicyException: Asymmetric binding should have both Initiator and Recipient tokens defined Nevertheless, if I check the standard, those element seems to be optional for asymmetric binding.... Am I missing something here? Marc
