The problem is that the policy in the WSDL is not valid:
According to the WS-SecurityPolicy 1.3 spec, the HttpsToken must have a
wsp:Policy child. So you could try modifying the WSDL locally and adding in:
Colm.
On Fri, Oct 7, 2016 at 7:38 AM, arthurfiddich
Hi CXF Users,
I'm currently trying to figure out the differences between onBehalfOf and ActAs
token delegation.
And whether the implementation at the STS is correct or not.
I could not find anything substantial in the WS-Trust specification.
Is our implementation within the STS just a guessing b