In our SOA we will have to sign a request (parts of the SOAP header) twice: 1. the client signs the SOAP body 2. the ESB signs a part of the SOAP header, so that the service can verify, that the request was routed over the ESB
I'm currently trying to implement/configure this using Apache CXF 2.2. Its working on the client side as well as on the ESB. But I'm not able to configure CXF on the server side to allow two different signatures. I'm trying to configure two WSS4JInInterceptor-beans, but the first one reports the error: "WSSecurityException: An error was discoveredprocessing the header"
I'm already using the "signatureParts" in the WSS4JInInterceptor properties configuration.
Does anybody know, how to configure the WSS4JInInterceptor to allow different/multiple XML Signatures?
Many thanks