THIS IS A TEST INSTANCE. ALL YOUR CHANGES WILL BE LOST!!!!
...
With WS-SecureConversation, there are two Security policies that come into affect: 1)
- The "outer" policy that describes the security requirements for interacting with the actual endpoint. This will contain a SecureConversationToken in it someplace.
...
- The "bootstrap" policy that is contained in the SecureConverstationToken. This policy is the policy in affect when the client is negotiating the SecureConversation keys.
Configuring the WS-SecurityPolicy properties for WS-SecureConversation works exactly like the configuration for straight WS-SecurityPolicy. The only difference is that there needs to be a way to specify which properties are intended for the bootstrap policy in the SecureConversationToken and which are intended for the actual service policy. To accomplish this, properties intended for the SecureConversationToken bootstrap policy are appended with ".sct". For example:
...