I am using Rampart as a library in my standalone Java application. I am facing the following two issues when I specify "EncryptBeforeSigning" in my policy:
1) When I set <EncryptedParts> and <SignedParts> to <Body>, <ReferenceList> gets added as a direct child of the <wsse:Security> header. However, when I use <SignBeforeEncrypting>, <ReferenceList> gets added to <EncryptedKey>. Why this difference? 2) When I set <EncryptedParts> and <SignedParts> to some header, Rampart does the encryption correctly, but doesn't sign. I dug into the code and found that after the message is encrypted the original nodes are no longer there (because they have been replaced by <EncryptedData> elements) and therefore, the signing function can't find any nodes to sign. Any help would be greatly appreciated. Regards, Harsha --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
