cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew <>
Subject Caching and reusing SecureConversationToken - how?
Date Sat, 20 Jun 2015 13:14:30 GMT

I have CXF-based web service client that talks to a 3rd party web service
which uses WS-Policy and WS-SecureConversation. One of the issues I'm having
is that currently a new WS-SecureConversation SecurityContextToken is
requested and granted before each new request to the remote service. I would
like to just request one SecurityContextToken and reuse it for, say, one
hour if not more. (The SecurityTokens I'm getting have an expiration time of
15 hours).

I've tried to get CXF to reuse SecurityTokens, with versions 3.0.5, 3.1.0
and 3.1.1. My jaxws:properties element in cxf.xml sets the
"ws-security.enable.nonce.cache" and "ws-security.enable.timestamp.cache" to
true, not that I'm sure these are really what I need. New SecurityTokens get
requested whether I'm calling the same wsdl:operation in quick succession,
or different operations. 

I've debugged the sending and receipt of a few messages, and while gets
called several times (once per SecurityToken request, I think), never gets
called. I have ehcache (2.10.0) as a dependency in my POM. I've added a
cxf-ehcache.xml file to my project, similar to the default one, to no
visible effect.

How might I cache and reuse a SecurityToken? I attach to this message a
representative wsp:Policy element.

Many thanks,


View this message in context:
Sent from the cxf-user mailing list archive at

View raw message