This discussion is archived
5 Replies Latest reply: Mar 1, 2013 2:34 AM by user9024636 RSS

custom WS-Policy in OSB 11g - <wsu:timestamp> not first in header

user9024636 Newbie
Currently Being Moderated
A custom WS-policy is configured on an OSB 11g Business Service for encrypting a part of the message header (UsernameToken part is being encrypted). This is working fine.

We need to modify this WS-Policy to add Timestamp to the WS security header. We tried adding <MessageAge> assertion to the policy - this is working fine except that the timestamp element is not coming as the first element in security header - instead EncryptedKey is the first element. For example, the output is like below:

<soapenv:Header>
<wsse:Security>
<ns1:EncryptedKey>
     ...
</ns1:EncryptedKey>
<wsu:Timestamp>
<wsu:Created>2013-02-19T09:39:20.263-06:00</wsu:Created>
<wsu:Expires>2013-02-19T09:44:20.263-06:00</wsu:Expires>
</wsu:Timestamp>
<ns1:EncryptedData>
...
</ns1:EncryptedData>
</wsse:Security>
</soapenv:Header>

OWSM is not an option as client do not want it yet.

If anyone knows the solution, kindly let me know.

Thanks.

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points