I have a C# code that asks the STS for a token using username password
credentials.
I'm using the UT or UTEncrypted endpoints but I get this error:
These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}ProtectionToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp:
Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SymmetricBinding:
Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts:
{http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRYPTED
Is there a way for the STS to be configured not to apply the above policies?
Is there another endpoint for these kind of things?
I simply want to use a username/password credential combination to request a
security token.
--
View this message in context:
http://cxf.547215.n5.nabble.com/RequestSecurityToken-without-Encrypting-and-Signing-tp5711426.html
Sent from the cxf-user mailing list archive at Nabble.com.
