Well, seems that the approach of "contract-last" on the webservice creation could be the issue. Changed to "contract-first" we now actually can get the sts client to create the RST. We now just have to find out why the RST SOAP message gets configured with SOAP1.1 when it should be 1.2. Namespaces and configuration should be ok (but probably not). Anyway the sts client later on complains about the soap version mismatch and the message is not yet sent to the STS.
So actually one step back and two step forward :) -- View this message in context: http://cxf.547215.n5.nabble.com/Issue-with-WS-Trust-using-security-tokens-SAML-assertions-tp5744142p5744364.html Sent from the cxf-user mailing list archive at Nabble.com.
