<sp:SupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> <wsp:Policy> <sp:UsernameToken/> </wsp:Policy> </sp:SupportingTokens>

When associated with an endpoint policy subject, this policy assertion has the following effects:

<wsp:Policy wsu:Id="AuthenticateAndAuthorizeWSSUsernameTokenPolicy"> <wsp:All> <sp:SupportingTokens> <wsp:Policy> <sp:UsernameToken/> </wsp:Policy> </sp:SupportingTokens> <sp:SupportingTokens> <wsp:Policy> <sp:SamlToken/> </wsp:Policy> </sp:SupportingTokens> </wsp:All> </wsp:Policy>

Note | |
---|---|

The |

A special case is the *empty policy*, an example of which is shown in
Example 5.1.

Where the empty policy alternative, `<wsp:All/>`

, represents an
alternative for which no policy assertions need be satisfied. In other words, it always
returns `true`

. When `<wsp:All/>`

is available as an alternative,
the overall policy can be satisified even when no policy assertions are
`true`

.

A special case is the *null policy*, an example of which is shown in
Example 5.2.

Where the null policy alternative, `<wsp:ExactlyOne/>`

, represents an
alternative that is never satisfied. In other words, it always returns
`false`

.