> In fact, I'm wondering, if your policy is totally correct.
> Given that you expect the secure conversation flow all the
> time, should it look like this instead:
>
> <Policy>
> <ExactlyOnce>
> <SecureConverstaion/>
> </ExactlyOnce>
> <ExactlyOnce>
> <SecureConverstaion/>
> <UT/>
> </ExactlyOnce>
> </Policy>
>
> What do you think ? Wondering if it will work...
Hi Sergey,
no, the webservice should be accessed either with SecureConversation
messages or
plain text with a UsernameToken, so I think
<wsp:Policy>
<wsp:ExactlyOne>
<SecureConversation>
<UsernameToken>
</wsp:ExactlyOne>
</wsp:Policy>
is right. If I understand your policy correct, it would describe
SecureConversation + an optional UsernameToken?
cheers
Karl
