Hello, I'm replacing a .Net web service by a Java web service using JAX-RPC.
Now I'm implementing security with WSS4J in the JAX-RPC handlers, I need to use the existing security model in the .Net web service (using WSE 3.0) so the clients have minimal changes. The problem is that in WSE 3.0 it is possible to encrypt a soap body using a UsernameToken, also in the UsernameToken is possible to say not to send the password. An example of this is in http://www.codeproject.com/KB/XML/WSE30UsernameAssertion.aspx?display=Print The old web service is using this technique to encrypt the message body, but in WSS4J I can't find a way to do it. I really don't know if it is possible to do it WSS4J. So if it is possible how do I encrypt a soap body using a UsernameToken and add the UsernameToken to headers without the password? Thanks _____________________ Sérgio Patrício [EMAIL PROTECTED] Link Consulting
