According to the WS-Security specification:
"The <wsse:Security> header block provides a mechanism for attaching security-related information targeted at a specific recipient in the form of a SOAP actor/role."
<wsse:Security S11:actor="..." S11:mustUnderstand="..."/>
Currently, Rampart is far from full support for actor/role.
- RampartEngine has a bare support, taking the 'actor' attribute from a random Security header.In addition, in SOAP 1.2, the 'actor' attribute is renamed to 'role', which is not handled by the RampartEngine.
- Rampart message builders has no support for actor/role.
- Rampart configuration has no support for actor/role also
WSS4J has support for actor/role and such could easily be added in Rampart.Proper configuration should be added and actor/role values should be propagated to WSS4J.