At the risk of looking like a complete dufus I need to ask the following question. When using WS-Security is communication between client and server a 2 step communication? By that I mean does the soap header which contains the UsernameToken work as a handshake mechanism whereby the soap body is not sent until the header has been “authorizied”. The reason I ask is that all my soap requests contain and empty soap body (see previous post) - even though within webMethods I am populating the request object. At least, I believe I am based on the results window. But the soap request dump makes me think otherwise.
The second question I have is about tcpTrace. Does it support https for the destination server? webMethods just hangs whenever I use the actual remote server address. Becuase of this I have been using localhost in order to get the soap request message.