WSSecurity

Version 7

    JBoss Web Services 1.0 - WS-Security

     

    New to JBossWS is full WS-Security support for any service or client.

     

     

    More information can be found in the JBossWS User Guide

     

    What is WS-Security?

     

    WS-Security standardizes authorization, encryption, and digital signature processing of web services. Unlike transport security models, such as SSL, WS-Security applies security directly to the elements of the web service message. This increases the flexibility of your web services, by allowing any message model to be used (point to point, multi-hop relay, etc).

     

    Specifications

     

    WS-Security is defined by the combination of the following specifications:

     

    OASIS Specifications

     

    W3C Specifications

     

    WS-I Specifications

     

    Features

     

    See the JBoss WS-Security Feature List page.

     

    Configuration

     

    You can enable WS-Security on your web service by adding a jboss-wsse-server.xml descriptor and/or a jboss-wsse-client.xml descriptor to your deployment. Both of these files are documented here.

     

     

    Examples

     

    1. Message Signing

    2. Message Encryption

    3. Message Signing and Encryption

    4. Encrypting Keystore and Truststore Passwords

    5. Complex Doc/Lit Nested Element Encryption & Signing with Walkthrough