Ok, that enabled me to figure out that CXF 3.0.x was not using the WS-SecurityPolicy 1.1 namespace properly:
https://issues.apache.org/jira/browse/CXF-6105 I've now fixed this. Could you try again with the latest CXF 3.0.3-SNAPSHOT code (you will have to build it yourself until the latest SNAPSHOT code deploys). Colm. On Fri, Nov 14, 2014 at 4:29 PM, tobee <lukasz.tob...@gmail.com> wrote: > we managed to enable audit: > " XmlException: Cannot read the token from the 'DerivedKeyToken' element > with the 'http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512' > namespace for BinarySecretSecurityToken, with a '' ValueType. If this > element is expected to be valid, ensure that security is configured to > consume tokens with the name, namespace and value type specified." > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/possible-wss4j-bug-tp5750539p5751155.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com