cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Penmatsa, Vinay" <vinay.penma...@sap.com>
Subject Signature only in policy for Username Token
Date Tue, 27 Sep 2011 23:03:42 GMT

Hi,
With the following policy definition, the header is sent encrypted. How can I get the client
to only sign and not encrypt?

------
	<wsp:Policy wsu:Id="UsernameToken"
		xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
		xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
		<wsp:ExactlyOne>
			<wsp:All>
				<sp:AsymmetricBinding>
					<wsp:Policy>
						<sp:InitiatorToken>
							<wsp:Policy>
				              <sp:X509Token
				                  sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
				                <wsp:Policy>
				                  <sp:WssX509V3Token10/>
				                </wsp:Policy>
				              </sp:X509Token>
							 </wsp:Policy>			            
						</sp:InitiatorToken>
						<sp:RecipientToken>
				            <wsp:Policy>
				              <sp:X509Token
				                  sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
				                <wsp:Policy>
				                  <sp:WssX509V3Token10/>
				                </wsp:Policy>
				              </sp:X509Token>
				            </wsp:Policy>
				          </sp:RecipientToken>	
						<sp:Layout>
							<wsp:Policy>
								<sp:Lax />
							</wsp:Policy>
						</sp:Layout>
						<sp:AlgorithmSuite>
							<wsp:Policy>
								<sp:Basic128 />
								<!-- To use the export grade encryption that comes bundled in the 
									JDK, comment out the above Basic256 algorithm and uncomment the below Basic128. -->
								<!-- <sp:Basic128 /> -->
							</wsp:Policy>
						</sp:AlgorithmSuite>
					</wsp:Policy>
				</sp:AsymmetricBinding>
				<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
			        <wsp:Policy>
			          <sp:MustSupportRefKeyIdentifier/>
			        </wsp:Policy>
		      	</sp:Wss10>
				<sp:SignedSupportingTokens>
					<wsp:Policy>
						<sp:UsernameToken
							sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
							<wsp:Policy>
								<sp:WssUsernameToken10/>
							</wsp:Policy>
						</sp:UsernameToken>
					</wsp:Policy>
				</sp:SignedSupportingTokens>			
			</wsp:All>			
		</wsp:ExactlyOne>
	</wsp:Policy>
---


Regards,
Vinay


Mime
View raw message