Version 12

    JBoss Web Services 1.0 WS-Security Feature List

    This page offeres an overview of the specific features that make up the new JBossWS WS-Security support.

     

    Supported Specifications

    • Web Services Security SOAP Message Security 1.0 (2004)

    • X.509 Certificate Token Profile (2004)

    • UsernameToken Profile 1.0 (2004)

     

    Supported Features

    Core Features

    • Body encryption

    • Body signature

    • Multiple target encryption

    • Multiple target signing

    • RSA encrypted symmetric keys

    • AES symmetric encryption/decryption

    • 3DES symmetric encryption/decryption

    • RSA/DSA signatures

    • Message expiration

    • X.509 tokens

    • Username tokens with JBossSX/JAAS integration

    • Signed timestamps

    • Direct token references

    • Key identifier references

    • X.509 issuer serial references

    • STR transformation

    • X.509 certificate validation

     

    Configuration Features

    • Client and server deployment descriptors

    • Configurable key and trust stores

    • Configurable certificate use

    • Configurable out-bound symmetric encryption algorithm (aes-128, aes-192, aes-256, tripledes)

    • In-deployment key and trust stores

    • Default deployment security configuration

    • Per WSDL operation security configuration

    • Configured QName selected targets

    • Configured WSU-ID selected targets

    • Policy for required signature/encryption targets

     

    Unsupported Features

    There are some features that are unsupported in this release, although they may be added in future versions. If their is a feature that you have a need for that is on this list, open a JIRA Feature Request

     

    • Shared secret symmetric encryption/decryption

    • Embedded token references

    • KeyName token references

    • Configurable out-bound token teference types (Currently Direct References are always used)

    • Direct references that reference an external source

    • Configurable token signing

    • Username token digest algorithm

    • PKVIPath tokens

    • PKCS7 tokens