1 Reply Latest reply on May 26, 2010 6:18 AM by Richard Opalka

    WS-Policy, SOAP 1.2 and the Standard client config

    Riccardo Serafin Newbie



      I'm using JBossWS 3.1.1.GA, and I've discovered a possible problem when mixing the support for WS-Policy, WS-Security and a web service with SOAP1.2 binding.


      The problem is that by default, if no specific client configuration is provided, the client wsdl parser will parse the provided policy, detect that WS-Security is required and load the "Standard WSSecurity Client" configuration from the embedded standard-jaxws-client-confix.xml, which correcly adds the WS-Security handler, but only for the SOAP11 binding. As the web services requires SOAP12, the client will send the message using this protocol, the handler will not be activated, and of course the message will be rejected.


      There a two fixes: first provide a custom client configuration that adds the WS-Security handler for both protocols bindings (which is what I've done), second modify the standard configuration provided with the bundled library to activate the handler for both protocols. I not sure if later versions have already fixed this problems but, if not, would it possible to include this change in the standard config?


      All the best,