The EncodingType is mandatory according to the Basic Security Profile specification. You can disable validation of an incoming message against this specification by setting the property "ws-security.is-bsp-compliant" to "false". See here for more details:
http://cxf.apache.org/docs/ws-securitypolicy.html How are you creating the message that it is not putting in an "EncodingType"? Could you attach your configuration + the resulting message? Colm. On Wed, Aug 14, 2013 at 10:42 AM, Ted Roeloffzen <[email protected]>wrote: > Hi All, > > I'm still trying to figure out CXF and WSSE. > At this point, sending a message to the server works fine, aside from the > timestamp not being correct. > But the return message gives a exception. > I get the exception that there is no EncodingType, or at least it says that > the EncodingType is "". > When I look at the message I'm getting there is no EncodingType in the > BinarySecurityToken-element. Is it mandatory for CXF to have an > EncodingType here? > > If so, how can I programmaticaly alter the WSSE-securityheader and insert > this property? > > kind regards, > > Ted > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
