XWSS Project DescriptionPart of Project GlassFish
XML and Web Services Security (XWS-Security), provides a
framework within which a JAX-WS and SAAJ application developer can
applications. Although part of Project GlassFish, XWSS is also
available from java.net's XWSS project.
XWSS 3.0 has a whole lot of new features including realignment with JAXWS 2.1 architecture which gives an impoved performance. Using the XWS-Security framework, developers of JAX-WS can secure their applications by configuring the request and response security policies at the level of service, port, or operation.
XWSS 3.0 also supports WS-Policy, WS-SecurityPolicy, WS-Trust and WS-SecureConversation. Please refer to the WSIT project for additional details. WSIT is also a part of Project Glassfish. XWSS 3.0 is delivered as part of the Web Services Interoperability Technology (WSIT/Metro) project, which is an open-source implementation of next generation Web services technologies that deliver interoperability between Java EE and .Net WCF.
XWSS 3.0 provides XML and Web Services Security (XWS-Security), and implements the OASIS standards for Web Services Security (WSS) Version 1.1. The WSS 1.1 standard can be viewed at http://docs.oasis-open.org/wss/v1.1/wss-v1.1-spec-os-SOAPMessageSecurity.pdf.
JAX-WS applications running on other containers (such as TOMCAT) can also be secured in two ways :
1. Install WSIT/METRO on the Container (Only TOMCAT is
2. Use XWSS 2.0 Style security. (XWSS 3.0 supports XWSS 2.0 style functionality as well as WSIT/Metro)
Standalone SAAJ applications
can be secured by using XWSS
NOTE : You can now use Netbeans to
secure your webservices. Samples and documentation regarding these can
in the WSIT
The current implementation of XML and Web Services Security fully supports the implementation of Web Services Security (WSS) Interop scenarios. The following are some of the interoperability scenarios documents that are supported by this implementation:
Please send questions, comments, and feedback to firstname.lastname@example.org.