Hello, for the following CXF security config file: http://tinyurl.com/5mgyh5
Line 102 and Line 121, does the WSS4J Action here "Timestamp Signature Encrypt" mean the same thing as "Use the X.509 Token Profile" I.e., those three actions are used to activate X.509 profiles? Also, the CXF WS-Security UsernameToken guide, which I've been adding some updates to: http://cwiki.apache.org/CXF20DOC/ws-security.html#WS-Security-ConfiguringWSSecurityActions Tells us to use this action for Username Tokens: outProps.setProperty(WSHandlerConstants.ACTION, WSHandlerConstants.USERNAME_TOKEN); But then tells us at the bottom what we need to do to subsequently sign the message: outProps.put(WSHandlerConstants.ACTION, "Signature"); Which would overwrite the previous value. What if we want both Username Tokens *and* Signing--is it as simple as this: outProps.put(WSHandlerConstants.ACTION, "UsernameToken Signature"); Thanks, Glen -- View this message in context: http://www.nabble.com/Two-more-questions-on-CXF---WSS4J-tp18279527p18279527.html Sent from the WSS4J mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
