Re: Encrypting timestamp or other security headers using WS-SecurityPolicy

Thank you Colm, that policy did help out. Thanks, Giriraj On Mar 23, 2016 1:57 PM, "Colm O hEigeartaigh" wrote: > See here: > > >

Re: Encrypting timestamp or other security headers using WS-SecurityPolicy

See here: https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=systests/ws-security/src/test/resources/org/apache/cxf/systest/ws/x509/DoubleItX509.wsdl;h=dcf01b23c124795a04be170f5d8079102a516b35;hb=HEAD On Wed, Mar 23, 2016 at 5:50 PM, Giriraj Bhojak wrote: > Thank

Re: Encrypting timestamp or other security headers using WS-SecurityPolicy

Thank you Colm. Would you have a policy example of using EncryptedElements instead of using EncryptedParts? I tried few combinations, but they didn't work out. Thanks, Giriraj On Mar 23, 2016 12:58 PM, "Colm O hEigeartaigh" wrote: > Answers inline. > > On Wed, Mar 23, 2016

Re: Encrypting timestamp or other security headers using WS-SecurityPolicy

Answers inline. On Wed, Mar 23, 2016 at 4:49 PM, Giriraj Bhojak wrote: > Do you mean to say the timestamp is not just signed but encrypted as well > if it is part of the AsymmetricBinding? > No, just signed. > In my policy I have also added username token as a supporting

Re: Encrypting timestamp or other security headers using WS-SecurityPolicy

If you are using the SymmetricBinding or AsymmetricBinding policies, the Timestamp is automatically signed if the "IncludeTimestamp" policy is in the Binding policy. The "sp:Header" policy in SignedParts/EncryptedParts is designed to be used for SOAP headers, not for internal headers in the

Encrypting timestamp or other security headers using WS-SecurityPolicy

Hello, I need to sign and encrypt the timestamp WS-Security header. My policy file has following assertions: http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " />