Hi, Can you attach the policy file and the resulting SOAP envelope. The issue you mentioned about isSecHeaderRequired seems like a bug, please create a JIRA for that issue. But at the first glance, it has nothing to do with this.
At the same time, can you try just using the username token as just <sp:SignedSupportingTokens/>. IIRC, in the asymmetric binding, username tokens are by default encrypted. thanks, Nandana On Thu, Jan 21, 2010 at 12:46 PM, El Bog <seb_carpent...@yahoo.fr> wrote: > > Hello, > > I'm trying to build a policy file that would : > - use AsymmetricBinding policy, > - add the usernametoken to the security header, > - Sign and Encrypt that usernametoken. > > To sign and Encrypt the usernametoken, I've been trying to use the > <sp:SignedEncryptedSupportingTokens> assertion. > > This results in the usernametoken simply not being added to the header... > > I had a look at the rampart bug archive, and found RAMPART-34 which is very > close, however it describes a situation where a <sp:TransportBinding> is > used, which is not the case for me. > > Looking deeper into axis code, I ended looking at the following code : > > RampartUtil.isSecHeaderRequired method. > > It seems that this method cheks for : > - SupportingTokens, > - SignedSupportingTokens, > - EndorsingSupportingTokens, > - SignedEndorsingSupportingTokens > to decide wether a security header is required or not. > > This results in Rampart considering there is no need for a security header, > whereas when I only use a > <sp:SignedSupportingTokens> assertion, it does. > > I do not understand why this method does not check for the others > assertions > which would also encrypt : > - SignedEncryptedSupportingTokens > - EncryptedSupportingTokens > - EndorsingEncryptedSupportingTokens > - SignedEndorsingEncryptedSupportingTokens > > > Am I missing something or is this a bug in Rampart? > > Regards > -- > View this message in context: > http://old.nabble.com/-Axis2-1.4.1---Rampart-1.4--AsymmetricBinding-and-SignedEncryptedSupportingTokens-policy-not-appied-on-Usernametoken-tp27256538p27256538.html > Sent from the Axis - User mailing list archive at Nabble.com. > >
