Yes, CXF supports Kerberos with SecureConversation. The SOAP request you attached for CXF looks like the Ws-SecurityConversation call, whereas the .NET request looks like the service call (after the initial WS-SC call).
BTW I checked in a test for CXF for a similar security policy (newer security namespace): https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=commit;h=eb746f58 Colm. On Wed, Nov 5, 2014 at 11:20 AM, tobee <[email protected]> wrote: > SOAP sent from > java: > http://pastebin.com/fKY27tqW > .net: > http://pastebin.com/BEK2b3Tc > > First thing that you can notice is that .net client is sending > SecurityContextToken after Timestamp > while java places BinarySecurityToken there > googled this: > > http://cxf.547215.n5.nabble.com/Apache-CXF-with-WS-Security-tp5747114p5747238.html > We will try to disable it on .net side and see if it works. > > Does cxf support kerberos token with SecureConversation? if it does how can > i force it to do so? > > Regards > Lucas > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/possible-wss4j-bug-tp5750539p5750718.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
