Hi, I've developed a Web service secured with WSS4J. The client is a .NET client using WSE. I'm using X509 tokens and the current configuration works fine since early CVS releases of WSS4J. I recently upgraded to 1.5.0 and my java clients works fine. But the .NET client stopped working with this message:
Message "WSE535: The following SecurityToken QName is unsupported: http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd:SignatureConfirmation. Please check your configuration for registered SecurityToken qnames." It seems to me that the new version works in WSS1.1 compliance so following the specification sends the SignatureConfirmation. .NET is not 1.1 compliant so it doesn't expect that element. I think anyway should exists a way to force WSS4J work in 1.0 mode anyway, or to be backward compatible. Someone can help? Bye, Davide Romanini
signature.asc
Description: Questa รจ una parte del messaggio firmata digitalmente
