Hi there,
I will give that a new try because I am not sure whats the problem.
I have a STS which provides a SCT.
My business service policy is described like this (BiPRO-standard):
<wsp:Policy wsu:Id="BiPROAuthSecurityPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken
RequireClientCertificate="false" />
</wsp:Policy>
</sp:TransportToken>
</wsp:Policy>
</sp:TransportBinding>
<sp:SupportingTokens>
<wsp:Policy>
<sp:SecureConversationToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<sp:Issuer>
<wsa:Address>http://localhost:8080/DoubleItSTS/STS</wsa:Address>
</sp:Issuer>
</sp:SecureConversationToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Now I tried to call the business service with a request header like this:
<soapenv:Header>
<wsse:Security>
<wsc:SecurityContextToken
xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc";>
<wsc:Identifier>uuid:D47D9C3E74F30DF5BE14090688057401</wsc:Identifier>
</wsc:SecurityContextToken>
</wsse:Security>
</soapenv:Header>
I thought that a call with a header like this has correct format to get
processed but instead I got this message:
These policy alternatives can not be satisfied:
{http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient}SecureConversationToken
Whats wrong with the request? How can I fix this issue?
Regards,
SRog
--
View this message in context:
http://cxf.547215.n5.nabble.com/BiPRO-Security-Token-Service-tp5748199.html
Sent from the cxf-user mailing list archive at Nabble.com.
