> Is there a way to force a specific ordering of the Security Headers? No, there isn't. The "old" way of configuring security "actions" (as applies to WSS-147) is essentially deprecated in WSS4J 1.6 in favour of using a WS-SecurityPolicy implementation (Apache CXF, Apache Rampart, etc.) that orders things correctly.
Colm. On Thu, Jun 21, 2012 at 1:56 PM, [email protected] < [email protected]> wrote: > Hi All, > > Is there a way to force a specific ordering of the Security Headers? > > I have the Security Policy layout, and I've an interoperability problem > with metro, > which requires to have the security headers ordered as: > > <Security> > <Timestamp id=1> > <saml2:Assertion> > <Signature of 1> > <KeyInfo> > <SecurityTokenReference ValueType="#SAMLID"> > > I can do them using DOM, but this means to process the security header > twice. > I saw this: https://issues.apache.org/jira/browse/WSS-147 but doesn't > help me :-( > > Thanks a lot, > > Massi > > > -- > Massimiliano Masi > > http://www.mascanc.net/~max > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
