I am re-opening a question I saw no answer to asked in this forum quite a while ago.
In the STS service requesting a SMAL20 token the response is okay. But in the service that needs to have the SAML20 token, the response has no headers at all. This is in spite of the must understand setting in the client headers in both the addressing and security part. Everything is 1.6.2; rampart, axis2, and axiom is 1.2.14. Adding the <parameter name="includeOptionalHeaders">true</parameter> in the service.xml does not help (though that is what I used programmatically on the client side to generate the correct addressing headers). Is this a bug or what am I doing wrong in the configuration? Thanks, Brian Reinhold
