Hello Colm, I configured WSS successfully via the WSS interceptors. Now my plan was to switch to policies and it does not work out.
I am using an .xml to configure the cxf bus (configuring WSRM via the .xml works fine.) The bus config within the .xml looks like this: <cxf:bus> <cxf:features> <cxf:logging /> <p:policies enabled="true"> <wsp:Policy wsu:Id="Asymmetric124" xmlns:wsu=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " xmlns:wsp="http://www.w3.org/ns/ws-policy"> <wsp:ExactlyOne> <wsp:All> <sp:AsymmetricBinding xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <wsp:Policy> <sp:InitiatorToken> <wsp:Policy> <sp:X509Token sp:IncludeToken=" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient "> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:InitiatorToken> <sp:RecipientToken> <wsp:Policy> <sp:X509Token sp:IncludeToken=" http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never "> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:RecipientToken> <sp:Layout> <wsp:Policy> <sp:Lax /> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp /> <sp:OnlySignEntireHeadersAndBody /> <sp:AlgorithmSuite> <wsp:Policy> <sp:Basic128 /> </wsp:Policy> </sp:AlgorithmSuite> </wsp:Policy> </sp:AsymmetricBinding> <sp:SignedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"> <sp:Body /> <sp:Header Name="To" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="From" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="FaultTo" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="MessageID" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="RelatesTo" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="Action" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" /> <sp:Header Name="Timestamp" Namespace=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " /> </sp:SignedParts> <sp:EncryptedParts xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" xmlns:sapsp="http://www.sap.com/webas/630/soap/features/security/policy" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wst=" http://docs.oasis-open.org/ws-sx/ws-trust/200512" xmlns:wsu="http://schemas.xmlsoap.org/ws/2002/07/utility" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"> <sp:Body /> <sp:Attachments /> </sp:EncryptedParts> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </p:policies> </cxf:features> </cxf:bus> Within the .java class I am loading the config: SpringBusFactory bf = new SpringBusFactory(); URL busFile = ClientWSSviaPolicies.class.getResource( "clientWSSviaPoliciesWithAtt_WSRM.xml"); Bus bus = bf.createBus(busFile.toString()); BusFactory.setDefaultBus(bus); plus I am setting the needed properties ((BindingProvider)port).getRequestContext().put( "ws-security.username", "wss"); ((BindingProvider)port).getRequestContext().put( "ws-security.callback-handler", "demo.ws_rm.client.CallBack"); ((BindingProvider)port).getRequestContext().put( "ws-security.signature.username", "wss"); ((BindingProvider)port).getRequestContext().put( "ws-security.signature.properties", "jks/client.properties"); ((BindingProvider)port).getRequestContext().put( "ws-security.encryption.username", "wss"); ((BindingProvider)port).getRequestContext().put( "ws-security.encryption.properties", "jks/client.properties"); But the message which my client creates, is not signed nor encrypted. I search for samples, but I did not find a helpful one. I saw some examples with an wsdl containing the policies, but I wanted to set the policy via the bus. Can you give me a hint what I have done wrong? Thanks. Best regards Kai