We are trying to consume a XFire web service using WSS4J with a .NET client using WSE 2.0 and are facing an issue. WSS4J expects that the BinarySecurityToken tag will be the first one in the header, but WSE puts the Timestamp in first.
There was a proposed change that would fix this issue posted to the XFire mailing list, but was closed because it's not an XFire issue, but rather WSS4J. Here is a link to that discussion: http://jira.codehaus.org/browse/XFIRE-752?page=all Was this issue ever discussed on the WSS4J mailing list? If so, why was the change not implemented? Please let me know. Thanks, Bobby
