The STS is co-located with the service provider in this case, so the client sends the WS-Trust RST to the service endpoint. This is what typically happens with Ws-SecureConversation - it's just copied for convenience for the SPNEGO system tests, as the focus is on CXF client side support for this feature.
Colm. On Mon, Mar 5, 2012 at 12:34 AM, Jason Pell <[email protected]> wrote: > Hi, > > The systest samples for the new spnego seem to missing a section in > the ws policy for configuring the location of the STS. All that is > provided in the sames at the moment seems to be > a stock standard kerberos ws-security call, but with a spnego token. > > I feel sure I must be missing something? Ws-SecurityPolicy and > especially ws-trust is all very new to me, as is kerberos and spnego, > but I am interested to learn whether the example is > indeed missing the ws-trust wsdl segments or its done in a separate > way for spnego? > > thanks > Jason -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
