Java WSDP XWSS Security

<< Using Application Server WS-Security | Configuring Message Security Using XWSS >>

SING THE

AVA

WSDP XWSS S

ECURITY

MPLEMENTATION

247

xms

application. The sample also demonstrates the binding of WS-Security func-

tionality directly to the application. (The

/samples/

directory will only exist if

you selected

Install Samples Server

during installation.)

The sample applications are installed in the following directories:

<INSTALL>/samples/webservices/security/ejb/apps/xms/

<INSTALL>/samples/webservices/security/ejb/apps/xms_apl_lvl

For information on compiling, packaging, and running the sample applications,
refer to the sample file at

<INSTALL>/samples/webservices/security/docs/

common.html

or to the Securing Applications chapter of the Application Server

Developers' Guide (see Further Information, page 251, for a link to this docu-
ment).

Using the Java WSDP XWSS Security
Implementation

The Java Web Services Developer Pack (Java WSDP) includes XML and Web
Services Security (XWSS), a framework for securing JAX-RPC, JAX-WS, and
SAAJ applications and message attachments.

XWS-Security includes the following features:

· Support for securing JAX-RPC and JAX-WS applications at the service,

port, and operation levels.

· XWS-Security APIs for securing both JAX-RPC and JAX-WS applica-

tions and stand-alone applications that make use of SAAJ APIs only for
their SOAP messaging.

· A sample security framework within which a JAX-RPC application devel-

oper will be able to secure applications by signing, verifying, encrypting,
and/or decrypting parts of SOAP messages and attachments.

The message sender can also make claims about the security properties by
associating security tokens with the message. An example of a security