Hi, I am new to your community and maybe I can help you to implement this feature.
I followed the link http://www.nabble.com/WS-Security-error-when-using-BinarySecurityToken-td14669528.html <bean id="clientFactory2" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> <property name="serviceClass" value="demo.customer.ContractServicesTMD" /> <property name="address" value="https://wssecureproxy-ta.customer.de:1443/b2b/vcs01_00/services/b2b-tmd/productservicetmd"; /> <property name="outInterceptors"> <list> <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <ref bean="wss4jOutConfiguration" /> </list> </property> <property name="inInterceptors"> <list> <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" /> <ref bean="wss4jInConfiguration" /> </list> </property> </bean> <bean id="wss4jOutConfiguration" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <property name="properties"> <map> <entry key="action" value="UsernameToken Timestamp Signature" /> <entry key="user" value="username" /> <entry key="passwordType" value="PasswordDigest" /> <entry key="signaturePropFile" value="client_sign.properties" /> <entry key="signatureKeyIdentifier" value="DirectReference"/> <entry> <key> <value>passwordCallbackRef</value> </key> <ref bean="passwordCallback" /> </entry> <entry key="encryptionPropFile" value="serviceKeystore.properties"/> <entry key="decryptionPropFile" value="serviceKeystore.properties"/> <entry key="encryptionUser" value="useReqSigCert"/> <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> </map> </property> </bean> and I got the following wsse:nonce </ds:SignatureValue> <ds:KeyInfo Id="KeyId-F6D3D53C21EB055BCC12538955050082"> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="STRId-F6D3D53C21EB055BCC12538955050103"><wsse:Reference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; URI="#CertId-F6D3D53C21EB055BCC12538955050011" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; /></wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="Timestamp-2"><wsu:Created>2009-09-25T16:18:24.997Z</wsu:Created><wsu:Expires>2009-09-25T16:23:24.997Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="UsernameToken-1"><wsse:Username>cybercon</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";>TnHLFsv4i2Z380EYgRLgJ8NcF54=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>cvauJ+nfdo5UDM85O8nE2Q==</wsse:Nonce><wsu:Created>2009-09-25T16:18:24.996Z</wsu:Created></wsse:UsernameToken></wsse:Security></soap:Header><soap:Body xmlns:wsu="http: //docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-4"><ns5:readNetworkAvailabilityTMD xmlns:ns2="http://www.telekom.de/tvpp/b2b/schema/tmd/basicobjectmodeltmd_v01_00"; xmlns:ns3="http://www.telekom.de/tvpp/b2b/schema/tmd/contractservicestmd_v01_00"; xmlns:ns4="http://www.telekom.de/tvpp/b2b/schema/globalobjectmodel_v01_00"; xmlns:ns5="http://telekom.demo/"; xmlns:ns6="http://www.telekom.de/tvpp/b2b/schema/tmd/productservicestmd_v01_00"; xmlns:ns7="http://schemas.xmlsoap.org/ws/2004/08/addressing";><arg0><ns4:security><ns4:authentication><ns4:vo>B2B14</ns4:vo><ns4:login>6000600600</ns4:login><ns4:password>#tvpp12345#</ns4:password></ns4:authentication></ns4:security></arg0><arg1 /></ns5:readNetworkAvailabilityTMD></soap:Body></soap:Envelope> I tested the connection successfully with SOAPUI and copied a part of the raw field. <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#id-3"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>cJedPMu2zh0W0lC31yO3WzsAxO8=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> My counterpart is a XS40 Datapower, which is full featured. My first question is in which class is the code implemented? And my second question is, will you support the feature in the future? Regards, Ralf Josephy -- Jetzt kostenlos herunterladen: Internet Explorer 8 und Mozilla Firefox 3.5 - sicherer, schneller und einfacher! http://portal.gmx.net/de/go/atbrowser
