Nevermind answering this. I figured it out that it is done by determining that WSSecurityEngine.processSecurityHeader() executed the appropriate actions and that the signature action was performed over the appropriate elements by going over the WSSecurityEngineResult objects returned by the method.
By the way, WSSecurityEngine.processSecurityHeader() returns a "null" if the processed message does not contain any WSSecurity headers. :). Thanks, Juan Carlos >>> "Juan Carlos Luciani" <[EMAIL PROTECTED]> 08/01/06 5:10 PM >>> Hi, I am able to verify the timestamp and signatures of a SOAP message by passing the message to the processSecurityHeader method of the WSSecurityEngine class. The problem is that the method succeeds as well if I pass it a message without any WSSecurity headers. Is there a way to verify (short of dissecting through the SOAP message) that it contains a timestamps and a signature of the timestamp and the body of the message? Thanks, Juan Carlos --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
