Hi,
I use WSSE Signature with X.509 Authentication according to http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html Now my customer wants to use the Binary Security Token. I found a webpage with some hints to reach this goal. http://www.nabble.com/WS-Security-error-when-using-BinarySecurityToken-td14669528.html <entry key="encryptionUser" value="useReqSigCert"/> <entry key="signatureKeyIdentifier" value="DirectReference"/> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/> JRoller says, that it doesn't work http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to CXF uses WSS4J to implement WS-Security, which covers two of WSS' token profile options (UsernameToken and X.509 Token), as well as partial support for the SAML token profile. (See the CXF WS-Security documentation for more details.) CXF 2.2 introduces support for WS-SecurityPolicy (also available with Metro), but the below tutorial has the WS-Security configuration done outside of the WSDL. Can somebody explain Philip Wanners Solution? (I could't get in touch with him.) Regards, Karl Schmeing
