views:

34

answers:

1

I am trying to write a client to consume a .NET service secured through https and WS-security. (I don't have control over the server.)

We got everything communicating properly when we drop SSL and WS-security; then we got everything communicating properly when we added SSL. Now we're trying to add WS-security, and can't get it to work. I keep on getting the following error:

The security context token is expired or is not valid. The message was not processed.

I'm using WSS4J with Apache Axis in order to send the WS-security items (username token).

What could be causing this issue? I've Googled around and can't seem to find a solution.

A: 

Security context token means that WS-Secure Conversation is used. The token is used to sign series of messages between client and server. As far as I know it is usually recommended to turn this feature off when creating interoperable service in .NET.

Ladislav Mrnka
I thought that was the whole purpose of WSS4J... Is that not the case?
Lukas
I'm not Java developer but I think WSS4J supports WS-Secure conversation.
Ladislav Mrnka