Hello, I have a problem about the security header order. In the OASIS is recommended that if Sign Encryption is used, the order in WS header should looks like 1. Order (Sign+Encyption) <wsse:Security> header [encryption element] [signature element]
If the Encryption Sign is used, the order should be 2. Order (Encryption+Sign) <wsse:Security> header [signature element] [encryption element] But this is just one recommendation but a muss in the spec. How can I deal with Sing+Encrypted message but with second order in the Header. Is it possible to communicate this kind of application with WSS4J? I get always validation problem, since the wss4j try to validate it before decrypt the message at first. Thanks for Help. Regards, Hai --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
