Hi Allan, It's using http. Is there no way enforce https, that is not to send > the message at all if no https protocol is used?
I think your point is valid. I think Rampart should check the incoming transport if we have a transport binding with https token. Can you create a jira issue for this ? Regards, Nandana
