Hello, I have CXF-based web service client that talks to a 3rd party web service which uses WS-Policy and WS-SecureConversation. One of the issues I'm having is that currently a new WS-SecureConversation SecurityContextToken is requested and granted before each new request to the remote service. I would like to just request one SecurityContextToken and reuse it for, say, one hour if not more. (The SecurityTokens I'm getting have an expiration time of 15 hours).
I've tried to get CXF to reuse SecurityTokens, with versions 3.0.5, 3.1.0 and 3.1.1. My jaxws:properties element in cxf.xml sets the "ws-security.enable.nonce.cache" and "ws-security.enable.timestamp.cache" to true, not that I'm sure these are really what I need. New SecurityTokens get requested whether I'm calling the same wsdl:operation in quick succession, or different operations. I've debugged the sending and receipt of a few messages, and while org.apache.cxf.ws.security.tokenstore.TokenStore.add(SecurityToken) gets called several times (once per SecurityToken request, I think), org.apache.cxf.ws.security.tokenstore.TokenStore.getToken(String) never gets called. I have ehcache (2.10.0) as a dependency in my POM. I've added a cxf-ehcache.xml file to my project, similar to the default one, to no visible effect. How might I cache and reuse a SecurityToken? I attach to this message a representative wsp:Policy element. Many thanks, Andrew policyexcerpt.xml <http://cxf.547215.n5.nabble.com/file/n5758451/policyexcerpt.xml> -- View this message in context: http://cxf.547215.n5.nabble.com/Caching-and-reusing-SecureConversationToken-how-tp5758451.html Sent from the cxf-user mailing list archive at Nabble.com.
