You mean, am I able to reproduce the problem every time? Yep. That's what I express in my first post. With cxf 2.3.3 :
1 - WS-SecureConversation only works 2 - WS-Security (encryption for the illustrating use case) only works 3 - WS-Security & WS-SecureConversation on the same application set for different endpoints a) If configuration contains resources cxf-extension-policy.xml and cxf-extension-ws-security.xml, then only WS-SecureConversation endpoint can be called by a client. Clients trying to communicate with endpoints configured for WS-Security leads to server exception b) If configuration does not contain aforementioned resources, then only WS-Security endpoints can be called by clients. Clients trying to communicate with endpoints configured for WS-SecureConversation leads to server exception. And I don't understand why adding more <import resource... > break endpoints configured with WS-Security. (the These policy alternatives can not be satisfied: ..... exception) Thanks, Gabriel -- View this message in context: http://cxf.547215.n5.nabble.com/WS-SecureConversation-and-WS-Security-at-the-same-time-for-different-endpoint-is-not-working-tp4410427p4412188.html Sent from the cxf-user mailing list archive at Nabble.com.
