Problems using Message Security (SignOnlyWithMutualCertificate)
I have encountered several complications with Message Security when trying to use SignOnlyWithMutualCertificate. But these questions seem to apply to any Message Level Security.
1) How do I specify to HPSV what fields, etc, I wish to sign when using Message Security? I have requirements to sign several parts of my SOAP message, but I cannot find any options in the service descriptors in HPSV as to fields to sign.
For instance, in my requirements, I need to sign the following fields:
- serviceContext (field in our own header XSDs)
How/where to I specify to HPSV that these are the fields I wish to sign?
2) As a related question, is there any way to indicate to HPSV that I want it to act as a simple pass-through? I do not wish for it to alter my request at all, and simply pass my requests and responses through. Is there any way to accomplish that?