Hi
I reckon it would be useful if it were possible to explicitly state in the CXF
WS-Policy feature that a given policy
expression is inbound/outbound only.
Perhaps another option is to provide reusable policy interceptors which could simply (and blindly) assert some policies using
preconfigure
Well I can definitely work around the problem, just by configuring my
interceptors to check off the same assertions on the outbound side.
This requires though, that I stick a reference to some request state
information on the exchange, and that I ensure that an OutInterceptor
is installed
Hmm.. I'm not really sure, but this MAY be correct behavior.
I'm thinking something like the MTOM policy. For that, there has to be
something on the outgoing side to see if the MTOM policy is there and turn on
MTOM if so.
It's somewhat like some policies are "enforced" on the incoming chain
Fred Dushin-3 wrote:
>
> But regardless, should the effective policy on the response be the
> same as the effective policy on the request? Or should policy
> assertion implementors code their interceptors to handle the response
> chain, as well as the request?
>
Does WS-SecurityPolicy h
