Hi, I am working on WS-Trust support for CXF. The requirement is like, while creating a secured request from client to service, client requires to communicate with STS to get required token. Depending on the security requirements of the STS service specified in the wsdl and ws-trust spec, a client may require to secure the STS communication.
Now, I am already in a requesting phase (client-server), how can I create another nested request-response (client-STS and STS-client). Currently, I am relying on the jax-ws Dispatch api to achieve this. I will use the wss4j api to do the required security processing. Having a bootstrap communication between client-sts is not a solution for this, right? Or Can I use reentrant property of PhaseInterceptorChain to achieve this, I am not sure about this option. Does above sounds sensible? Any pointers/suggestions on how to achieve the same by some better way will be appreciated. With Regards, Mayank