When using Web Services Security for message-level protection of SOAP message in WebSphere® Application Server, the choice of configuration options can affect the performance of the application.
The Java Cryptography Extension (JCE) is integrated into the software development kit (SDK) Version 1.4.x and later. This is no longer an optional package. However, the default JCE jurisdiction policy file shipped with the SDK enables you to use cryptography to enforce this default policy. In addition, you can modify the web services security configuration options to achieve the best performance for web services security protected applications.
The Java Cryptography Extension (JCE) policy is integrated into the IBM® Software Development Kit (SDK) Version 1.4.x and is no longer an optional package. However, due to export and import regulations, the default JCE jurisdiction policy file shipped with the SDK enables you to use strong, but limited, cryptography only.