Thanks Colm, Just a quick query, Is it good to expose the WSDL along with policy? I have an WSDL created which explicitly says what all WS-Security policies and specifications I have used , having that said is it a threat(security-wise) to expose them to the consumer?
If it is a threat, what would be the ways to hide it from being populated in the WSDL? -- View this message in context: http://cxf.547215.n5.nabble.com/WS-Security-UsernameToken-Password-Digest-Sign-Encrypt-Messages-tp5734299p5734331.html Sent from the cxf-user mailing list archive at Nabble.com.
