Java WSDP XWSS Security
U
SING THE
J
AVA
WSDP XWSS S
ECURITY
I
MPLEMENTATION
247
xms
application. The sample also demonstrates the binding of WS-Security func-
tionality directly to the application. (The
/samples/
directory will only exist if
you selected
Install Samples Server
during installation.)
The sample applications are installed in the following directories:
·
<INSTALL>/samples/webservices/security/ejb/apps/xms/
·
<INSTALL>/samples/webservices/security/ejb/apps/xms_apl_lvl
For information on compiling, packaging, and running the sample applications,
refer to the sample file at
<INSTALL>/samples/webservices/security/docs/
common.html
or to the Securing Applications chapter of the Application Server
Using the Java WSDP XWSS Security
Implementation
The Java Web Services Developer Pack (Java WSDP) includes XML and Web
Services Security (XWSS), a framework for securing JAX-RPC, JAX-WS, and
SAAJ applications and message attachments.
XWS-Security includes the following features:
· Support for securing JAX-RPC and JAX-WS applications at the service,
port, and operation levels.
· XWS-Security APIs for securing both JAX-RPC and JAX-WS applica-
tions and stand-alone applications that make use of SAAJ APIs only for
their SOAP messaging.
· A sample security framework within which a JAX-RPC application devel-
oper will be able to secure applications by signing, verifying, encrypting,
and/or decrypting parts of SOAP messages and attachments.
The message sender can also make claims about the security properties by
associating security tokens with the message. An example of a security