Try to add the UT as a supporting token with a symmetric/asymmetric binding policy instead of the transport binding.
Scenario #7 would be a good starting point. Thanks, Thilina On Wed, May 16, 2012 at 9:03 AM, Jorge Hernandez Rosello <[email protected]>wrote: > Hi all.**** > > ** ** > > I am working with UsernameToken scenario and desire hide the password is > sent in the request message when consuming a service, this time encrypting > this part of the message with the certificate of application server > (wso2as-4.1.2). To do this I modified the policy by adding an additional > element with the help of a Protection Assertions (Encrypted Parts > Assertion). Here the part of modified message:**** > > ** ** > > <sp:SupportingTokens**** > > xmlns:sp=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>**** > > <wsp:Policy>**** > > <sp:UsernameToken sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient > ">**** > > *<sp:EncryptedParts xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>* > > * <sp:Password/>* > > * </sp:EncryptedParts>* > > </sp:UsernameToken>**** > > </wsp:Policy>**** > > </sp:SupportingTokens>**** > > ** ** > > Annex the complete policy with the rampart configuration. By now I have > not been successful. Any idea? **** > > ** ** > > --**** > > Salu2,**** > > Ing. Jorge Hernández Roselló.**** > > ** ** > > <http://www.uci.cu/> > > > _______________________________________________ > User mailing list > [email protected] > http://wso2.org/cgi-bin/mailman/listinfo/user > > -- Thilina Buddhika Associate Technical Lead WSO2 Inc. ; http://wso2.com lean . enterprise . middleware phone : +94 77 44 88 727 blog : http://blog.thilinamb.com
_______________________________________________ User mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/user
