The error is caused by the fact that you are manually adding the WSS4JInInterceptor to the CXF in-interceptor list in WebServiceConfiguration. You only do this when you don't have a WS-SecurityPolicy. For the policy case, CXF will set up the interceptors for you automatically.
Note that when you remove the WSS4JInInterceptor, you'll see an error about not specifying a username. This is because the policy is a little unusual, normally a UsernameToken is specified with an "IncludeToken" attribute that specifies "AlwaysToRecipient". In this case, there is no attribute, so CXF expects to send a UsernameToken back to the client. Colm. On Mon, Mar 6, 2017 at 7:46 AM, pat7 <[email protected]> wrote: > Hi, > thats very interesting. I use SOAPUI as a test client for my STS web > service. I generate a zip with my project and put inside the zip also a > soapui request. > > CoBiComNEW.zip > <http://cxf.547215.n5.nabble.com/file/n5777771/CoBiComNEW.zip> > > patrick > > > > -- > View this message in context: http://cxf.547215.n5.nabble. > com/Bipro-Security-token-service-simple-Usernametoken- > tp5777721p5777771.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
