All I can recommend is that you have a look at the WS-Security system
test in CXF:
http://svn.apache.org/repos/asf/incubator/cxf/trunk/systests/src/test/java/org/apache/cxf/systest/ws/security/
It's based loosely off a WS-Security interoperability scenario with
WCF, and uses signature with the DirectReference method, which will
send the client's X.509 certificate directly in the SOAP header.
-Fred
On Apr 13, 2008, at 3:59 AM, adam_j_bradley wrote:
After finally working out the remote web service required the use of
the
WS-Security X.509 Certificate Token Profile (duh!) I've been eagerly
trying
to find a working example.
I have found
http://www.nabble.com/client-SSL-question-td15564062.html#a15769013
- thanks
Khaled! - which describes which covers off the use of the
USERNAME_TOKEN but
not the use of an X.509 Certificate. I did a bit of digging around
in the
test cases for both CXF and WSS4J and I'm sure there's an example
there, but
I couldn't find it.
Any help/advice greatly appreciated.
Thanks in advance.
Adam
--
View this message in context:
http://www.nabble.com/Q%3A-WS-Security-X.509-Certificate-Token-Profile-tp16656740p16656740.html
Sent from the cxf-user mailing list archive at Nabble.com.
