I am having many issues with WS-Security configuration using JBoss AS 6.1 with JBossWS-CXF 3.4.1 which comes with CXF 2.3.1 and WSS4J 1.5.8. I am being told on the CXF mailing lists that these versions are ancient and that I should upgrade, but I am in an environment where I am constrained to stick with this version of JBoss AS.
So, my questions are:
Has anyone successfully updated JBossWS-CXF in AS 6?
In the compatibility matrix, nothing is marked as tested later than the version that I have. Am I inviting alot of new issues with JBoss/CXF integration if I do this?
Or, should I just try to disable all the web service stuff in Jboss AS 6 and then completely embed CXF? If I were to take this approach, what would be an efficient way of going about this, considering that I will have several web service modules that will need it? Should I bundle them all into an EAR project and then just let the web service modules use them there? Should I then avoid the JBossWS-Tools in eclipse, which I suppose rely on JBossWS-CXF integration features?