You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Marc Jadoul <ma...@auth-o-matic.com> on 2009/05/12 11:15:22 UTC

Asymmetricbinding in WS-SecurityPolicy-1.2

Hi,

I am trying to implement WS-SecurityPolicy (1.2) asymmetric binding
for a web services on AXIS2 1.4.1, but my goal was to have an X509
certificate only for the initiator. Responses should not be signed.
There would be no encryption.
Apparently, currently if using rampart 1.4 (implementing
WS-SecurityPolicy-1.2 ?) it seems that attaching a security policy
without "recipienttoken" fail with the following Exception thrown:

Caused by: org.apache.ws.secpolicy.WSSPolicyException: Asymmetric
binding should have both Initiator and Recipient tokens defined

Nevertheless, if I check the standard, those element seems to be
optional for asymmetric binding....

Am I missing something here?

Marc