Hi,
The issue here is that your policy does not define "how" to encrypt the
response. If you were to include a policy along the lines of the following,
then it should work:
<sp:RecipientEncryptionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientEncryptionToken>
Colm.
On Tue, Jan 20, 2015 at 7:38 AM, Rajesh Rao <[email protected]> wrote:
> I have spent the last 2 days trying to find out what the issue actually is,
> but to no use. Searched Stackoverflow and other forums still not being to
> figure out the issue. I am using the standard apache CXF 2.7.8 version on a
> Wildfly 8.1. My WS Policy looks like
>
>
>
> I am sending a SOAP request using SOAP UI which looks like
>
>
>
> The response from the apache cxf looks like
>
>
>
> The server side implementation code looks like below
>
>
>
> I can see that the data on the server is being received, decrypted
> properly,
> signature verification done, processed and SOAP Body is also getting
> generated properly. Furthermore in accordance with the policy the signed
> SOAP header elements are being returned by the apache cxf. But for some
> reason the contents of the SOAP Body is not getting encrypted or signed,
> which according to policy it should. As you can see from the java
> implementation, I have set the "ws-security.encryption.username" property
> to
> "useReqSigCert".
>
> Can any of you please help with this?
>
> Thanks in advance for helping out.
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Response-not-getting-encrypted-tp5753247.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
