Welcome to the XML and WebServices Security Project. This project is
part of Project Metro, in the Glassfish community.
Here's a detailed overview of the project.
Your participation is fundamental to make this project useful to the
Java Community. We encourage you to download and use our
- Starting 09/20/2006 : XWSS
2.0 sources will exist in a branch named XWSS_2_0. The Main Trunk
of XWSS Project will contain sources for XWSS 3.0. XWSS 3.0
ships into WSIT and has a
whole lot of new features including an optimized runtime. So XWSS
3.0 and WSIT Security refer to the same thing going forward. XWSS 3.0
however will continue to support XWSS 2.0 style of security
configuration (for backward compatibility reasons).
- If you have been using XWSS from JWSDP 1.x and JWSDP 2.0
releases and find that your certificates have expired as of 04/12/06 then please download
the new Keystores with certificates that will be valid for the next 10
years from the links below.
You can also get these keystores from the xwss/xwss-ri/etc
directory when you checkout the sources of this project from java.net.
- CVS: 3.1
:pserver:firstname.lastname@example.org:/cvs co xwss/xwss-ri
- CVS: 3.0
:pserver:email@example.com:/cvs co -r XWSS_3_0 xwss/xwss-ri
- CVS: 2.0 (FCS)
:pserver:firstname.lastname@example.org:/cvs co -r XWSS_2_0 xwss/xwss-ri
- FishEye: http://fisheye5.cenqua.com/browse/xwss
- Browse: source
XWSS can be used to secure WebServices
developed using JAX-RPC as well as JAX-WS. It has the
following dependencies on the JRE version and other java technologies.
- Sun's JDK/JRE 1.5 or Later
- SAAJ 1.3
- JAXP 1.3
- Java Mail
- JSR 105
- JAXB 1.0 or 2.0 and later..
- JSR 173
For WebServices running under JAX-RPC, a
developer can use XWSS2.0 with Sun's JDK/JRE
1.4 (augmented with JAXP 1.3 implementation jars placed in