Hi Dan, Actually the CXF client request looks fine to me. The second (endorsing) signature is not encrypted as it is for the .NET message, but I don't see anything in the policy that requires this. The problem is with the CXF service, where it checks to see if every signature was encrypted, instead of just the primary signature. I've merged a fix for this here:
https://issues.apache.org/jira/browse/CXF-4410 Colm. On Fri, Jul 6, 2012 at 4:14 PM, DTaylor <[email protected]> wrote: > Hi Colm, > > My apologies for the delay but I got pulled off to do some emergency > firefighting elsewhere. > > I've attached the .NET message (NetMessage.xml), the Java message > (JavaMessage.xml) and the failing stack trace (failingStackTrace.txt). > > Thank you again for looking at this, > > Dan. > > http://cxf.547215.n5.nabble.com/file/n5710684/failingStackTrace.txt > failingStackTrace.txt > http://cxf.547215.n5.nabble.com/file/n5710684/JavaMessage.xml > JavaMessage.xml > http://cxf.547215.n5.nabble.com/file/n5710684/NetMessage.xmlNetMessage.xml > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/The-signature-is-not-protected-tp5710349p5710684.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
