Which two statements are true about Java clients that use a security token service (STS) supported by the security features of WSIT? (Choose two.)
A. The client only requires a keystore.
B. STS requires a default user name configuration.
C. Using an STS-issued token requires a keystore and a truststore.
D. HTTPS must be configured.
E. An authorized client receives a token digitally signed by the STS.