Hi,
No, you can use policy alternatives at a higher level than the supporting
token for this. For example, something like:
<wsp:Policy wsu:Id="Combined">
<wsp:ExactlyOne>
<wsp:All>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="...">
<wsp:Policy/>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsp:All>
<wsp:All>
<wsp:Policy>
<wsp:ExactlyOne>
<wsp:All>
<sp:SupportingTokens>
<wsp:Policy>
<sp:SamlToken sp:IncludeToken="...">
<wsp:Policy/>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsp:All>
Colm.
On Thu, Oct 9, 2014 at 8:46 AM, Khamphousone Bounkong <
[email protected]> wrote:
> Hello,
>
>
>
> I would like to know why the class
> *org.apache.wss4j.policy.model.SupportingTokens* is handling only one
> alternative.
>
> In fact, I’m trying to define a policy that can accept a UsernameToken or
> a SamlToken with CXF-STS.
>
> Do I need to define one web service for each token type ?
>
>
>
> Thank you very much.
>
>
>
> Best regards,
>
>
>
> Bounkong Khamphousone
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
