Hello, I've noticed the following behavior on CXF 2.3.1. If I declare a security policy at port-type operation level (Policy.Placement.PORT_TYPE_OPERATION) and include it directly in the wsdl, the policy is picked up correctly and processed by both PolicyIn and PolicyOut interceptors (which create the right interceptors chain).
Instead, if I use the @Policy annotation to include the policy in my operation, even if the generated wsdl is identical and correctly contains both the policy declaration and the policy reference on the operation, the PolicyIn and PolicyOut interceptors seem to ignore the declared policy and do not add the needed interceptors in the chain. Instead, adding the same policy declaration at service level works just fine, and the policy is correctly picked up by the interceptors. Unfortunately, this solution does not work for me, as in this case the policy is applied to all service operations, included WS-RM operations which shouldn't be protected. Is this a known problem? Is there a workaround solution? On a different topic, policies declared with @Policy at service level get declared and referenced twice in the wsdl. Thanks, Riccardo. -- View this message in context: http://cxf.547215.n5.nabble.com/PolicyIn-and-PolicyOut-Interceptors-ignore-Policy-annotations-at-operation-level-tp3357175p3357175.html Sent from the cxf-user mailing list archive at Nabble.com.
