On Thu April 23 2009 6:23:39 am Colm O hEigeartaigh wrote: > WSS4J has very little WS-SecurityPolicy functionality...this is provided > by both CXF and Rampart which layer over WSS4J, so you want might to > redirect your question there.
I can at least provide an answer for CXF. The "Once" isn't implemented yet. It currently checks if it != Never and sends it. A patch would be great. :-) Would just need to record a flag someplace and check it. Dan > > Colm. > > -----Original Message----- > From: Dennis Sosnoski [mailto:[email protected]] > Sent: 22 April 2009 11:33 > To: wss4j-dev > Subject: Using IncludeToken/Once > > Does WSS4J cache certificates to support a > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/O > nce > token inclusion property? If so, does the cache ever get cleared? > > I'm wondering if this can be used to support sending a certificate from > the client to a server only on the first request, with the certificate > referenced by a mechanism such as thumbprint for the following requests. > > Thanks, > > - Dennis -- Daniel Kulp [email protected] http://www.dankulp.com/blog --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
