I'm using CXF 3.1.5, trying to send a request to a STS server, the STS server has a policy, the related part is as following
<wsp:Policy>
<sp:RequireThumbprintReference />
<sp:WssX509V3Token10 />
</wsp:Policy>
so in the request CXF sends to the STS server, the signature key looks like that:
<wsse:SecurityTokenReference wsu:Id="...">
<wsse:KeyIdentifier EncodingType="..."ValueType="...#ThumbprintSHA1">...</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
but I want to change the SecurityTokenReference into that
<wsse:SecurityTokenReference>
<wsse:Reference URI="..." ValueType="...#**X509v3**"/>
</wsse:SecurityTokenReference>
it refers to the BinarySecurityToken which is a X.509 Certificate
So what should I do? I found something about PolicyBasedWSS4JOutInterceptor and PolicyBasedWSS4JInInterceptor, but don't known how they works.
Thanks a lots!
@pedrofb, thanks a lot for your help. unfortunately, I still got two BinarySecurityToken Elements and I couldn't use an alternative policy file.
but I found a solution here:How to get incoming & outgoing soap xml in a simple way using Apache CXF?
It provides a solution for me to edit the soap envelop right before CXF sends it out. It's not very good, but it's the best solution I got.