Web service security is an important, but optional, part of your web services implementation. Existing and legacy web service security is described in this chapter. For Rampart and Axis2 web services security you will learn about:
- Using custom SOAP headers with Axis2 and encrypting them;
- Using and setting up Rampart;
- Using HTTPS/SSL to secure web service network traffic.
For legacy web services you will learn about the following, some of which can be utilized with Rampart:
- IBM Cúram Social Program Management modeling requirements for using secure web services;
- Coding password callback handlers (also applicable to Axis2 if your policy specifies a password callback handler);
- Setting up the client environment;
- Creating keystore files (also applicable to Axis2 if your environment requires these steps for supporting HTTPS/SSL).