This is great, thanks so much Colm for all your help! I disabled the BSP compliance, and it kind of worked with the initial, non SwA call, but it keeps on failing with the call that includes the attachments:
Caused by: *org.apache.xml.security.transforms.InvalidTransformException*: Unknown transformation. No handler installed for URI http://docs.oasis-open.org/wss/oasis-wss-SwAProfile-1.1#Attachment-Ciphertext-Transform at org.apache.xml.security.transforms.Transform.<init>(*Transform.java:155*) at org.apache.xml.security.transforms.Transforms.item(*Transforms.java:321*) ... 54 more This is the error I ran into previously even with CXF 2.7, after adding custom resolvers. I wonder if that requires a custom transformation? Any pointers are greatly appreciated. Thank you once again, Colm. I greatly appreciate you looking into this problem. On Thu, Feb 13, 2014 at 8:42 AM, Colm O hEigeartaigh <[email protected]>wrote: > The error message is fairly self-explanatory here, the Signature does not > contain a PrefixList Attribute as required by the Basic Security Profile. > To get around this, you can disable Basic Security Profile compliance on > the inbound side by setting the property "ws-security.is-bsp-compliant" to > "false". > > Colm. > > >
