I can think of 2 ways to go about this.
1. Dynamically insert your handler into the JAX-RPC handler list for every web service and client. It is ok to install container handlers here because JSR109 forbids the client or service endpoint from modifying the handler chain.
2. We integrate our own handler/filter subsystem that is a layer on top of the JAX-RPC handlers.
I ran into this problem when implementing WS-Security because I have to catch the request in a very early stage of processing (so option 1 wasn't possible for me). If the message is encrypted, it can't be analyzed until security processing is complete. So in this special case, I added a direct hook, with the intention of revisting it if there are other components that need to do this.
I am thinking Option 2 is the way to go.
What are your thoughts on this?
JAXWS-2.0 defines handlers at transport, binding and endpoint level with a specific order for them.
The security use case is a good example for a binding handler. What we probably need is the notion of global handler configuration like other stacks have as well (Axis)
Jason, maybe you want to refactor the security handler a s a general binding handler that is configured externaly.
Are binding handlers new? I looked at the final draft and I only see logical and protocol handlers mentioned.