Actually, the policy you pasted was the service policy. The IncludeTimestamp policy assertion should instead be in the policy of the STS.
Colm. On Wed, Feb 5, 2014 at 4:12 PM, bob45 <[email protected]> wrote: > I tried and the effect is: > > WARNING - PhaseInterceptorChain.doDefaultLogging(364) | Interceptor for > { > http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecureConversationTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}RequestSecurityToken > has thrown exception, unwinding now: > org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not > be satisfied: > {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}ProtectionToken > { > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp > : > Received Timestamp does not match the requirements > { > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SymmetricBinding > : > Received Timestamp does not match the requirements > at > > org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:167) > > Could it be a namespace problem? The namespace in the message is: > xmlns:u=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > > Do you have an idea? > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Where-to-put-sp-Timestamp-in-WS-Policy-for-RST-SCT-Issue-Request-with-Timestamp-tp5739515p5739518.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
