Hi Nandana, I'm using Rampart 1.4 on both the client and service side. I used the same policy file for my Rampart 1.3 installation and the security header was in the response.
Do I have to configure my client code so that it accepts a SOAP response message without security headers? Or do I configure my policy so that Rampart 1.4 sends a SOAP message with security headers? And if so, how do I go about doing this? Thanks again. Regards Sanjay -----Original Message----- From: Nandana Mihindukulasooriya [mailto:[EMAIL PROTECTED] Sent: Mon 14/07/2008 18:50 To: rampart-dev@ws.apache.org Subject: Re: "Missing wsse:Security header in request" exception. Hi Sanjay, I just noticed the absence of <wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse > curity-secext-1.0.xsd<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd>" > soapenv:mustUnderstand="true" /> in the SOAP > response Header. Any idea why this element is missing in the SOAP > response header? Looking at your policy, it seems that you don't need to have a security header in the response. Rampart 1.4 doesn't send empty security headers. Do you use Rampart 1.3 at the client side ?
