I have a run time policy that identifies a consumer by a custom token using XPath. My goal is to identify the username token in the WSS security header against the user identifier I specified in a consumer application asset. The XPath expression appears working fine. I am just curious if Mediator will remove the WSS security elements when executing this policy action. As I know, the other policy action (identify consumers by WSS) removes the WSS security elements before forwarding a SOAP request to a native service. I do not want this same behavior when using the XPath approach. I would appreciate it if anyone can share their experience with me…
Thanks,
Terry