Hello, Does CXF 2.1 have any work done yet on WS-SecurityPolicy[1]? If not, is there a incremental how-to-eat-an-elephant way of implementing it? I'm quite pressed for time unfortunately and am certainly not the most technical developer on the team so anything other than all-or-nothing might help this get implemented.
What I'm thinking is perhaps just getting CXF to validate the Security Policy WSDL, even if it would presently be ignored; then, implementing various parts of it based on usage demand, user patches and time constraints. What I'm seeing is that we already have WS-Policy implemented, at least for WSDL-first, and that WS-Addressing and WS-ReliableMessage are already implemented child elements of WS-Policy. Am I correct here? And are those child elements of WS-Policy already checked for schema validation? There may already be code in CXF for WS-RM and WS-Addressing that may point to how WS-SecurityPolicy should be implemented. Thanks, Glen [1] http://tinyurl.com/5vq25v
