Hello, Prerequirement : * Web service with no response (request only) (Jax-ws configuration) * WSS Policy set on this service * RequireSignatureConfirmation set in the policy.
When receiving a bogus request (in my case a request without any signature), CXF respond with a empty-body empty-SignatureConfirmation BEFORE validating the request against the policy. Therefore, the client gets a 202 response, where it think should get a soap fault. I'm aware the client should fail on the signature confirmation, but since it send a request without signature in the first place, chances are high it just ignores the response without knowing the request failed. Is my analysis right ? Is that a bug ? Thanks for your responses. Simon -- View this message in context: http://cxf.547215.n5.nabble.com/WSS-CXF-Server-respond-empty-SignatureConfirmation-instead-of-failing-on-bogus-request-tp5739797.html Sent from the cxf-user mailing list archive at Nabble.com.
