I don't think there is a spec compliant way. All of the use-cases are based around encrypting the symmetric key with the cert of the recipient.
Colm. On Wed, Mar 14, 2012 at 4:52 PM, Giovanni Bussu <bu...@link.it> wrote: > On Wed, 2012-03-14 at 16:34 +0000, Colm O hEigeartaigh wrote: >> This is not valid according to the spec: >> >> ENC_KEY_INFO - an element named ds:KeyInfo, included as a child of an >> ENCRYPTED_KEY or ENCRYPTED_DATA. >> >> R5426 Any ENC_KEY_INFO MUST contain a child SECURITY_TOKEN_REFERENCE. > > Ok, so I guess this isn't the right way to encrypt a message with a > symmetric key. Do you know if there's a way to configure WSS4J to > achieve this in a Basic Profile compliant way? > > -- > Giovanni Bussu > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com