dynamic security levels with WSS4J

[Robert Maier <ro...@gmail.com>]

Hi,

My name is Robert Maier, I just subscribed to this list so this is my first
post. I have been following the list offline for a couple of weeks now, many
of your answers have been very helpful to me, thanks.

Let me get to the point. I recently started working with WSS4J and using the
mailing list and other docs I managed to have a service and a client (both
using Apache Axis 1.4 as SOAP engine and WSS4J for WS-Security) communicate
securely, i.e. signed and/or encrypted messages.

My current problem: I am trying to make the service more flexible, i.e. I'd
like it to understand whatever SOAP Requests it receives no matter if they
are signed, encrypted, both signed and encrypted or neither. At this point
the service only understands one type of SOAP Request (defined in its wsdd
file using the WSDoAllReceiver handler). Is there a simple way of doing
this?

[ This is Axis architecture specific: Theoretically, a simple solution to
this problem would be to have Axis allow a handler mechanism where not all
the handlers in a chain must process the message, but so far I have been
unable to find this possiility ]

Thanks.
Cheers,
Robert.