Developing message-level security for JAX-RPC web services
IBM® WebSphere® Application Server supports the Java™ API for XML-Based Web Services (JAX-WS) programming model and the Java API for XML-based RPC (JAX-RPC) programming model.
Subtopics
Developing web services clients that retrieve tokens from the JAAS Subject in an application
The security handlers are responsible for propagating security tokens. These security tokens are embedded in the SOAP security header and passed to downstream servers.Developing web services applications that retrieve tokens from the JAAS Subject in a server application
With a server application, the application acts as the request consumer, and the response generator is deployed and runs in the Java™ Platform, Enterprise Edition (Java EE) container. The consumer component for Web Services Security stores the security tokens that it receives in the Java Authentication and Authorization Service (JAAS) Subject of the current thread. You can retrieve the security tokens from the JAAS Subject that is maintained as a local thread in the container.Developing web services applications to use a UsernameToken with no registry interaction
To authenticate a UsernameToken with a caller part without accessing the WebSphere Application Server registry, you can replace the authentication method of the UsernameToken consumer and configure the caller to use an alternative Java Authentication and Authorization Service (JAAS) login configuration.Developing web services clients that retrieve tokens from the JAAS Subject in an application
The security handlers are responsible for propagating security tokens. These security tokens are embedded in the SOAP security header and passed to downstream servers.Developing web services applications that retrieve tokens from the JAAS Subject in a server application
With a server application, the application acts as the request consumer, and the response generator is deployed and runs in the Java Platform, Enterprise Edition (Java EE) container. The consumer component for Web Services Security stores the security tokens that it receives in the Java Authentication and Authorization Service (JAAS) Subject of the current thread. You can retrieve the security tokens from the JAAS Subject that is maintained as a local thread in the container.Developing web services applications to use a UsernameToken with no registry interaction
To authenticate a UsernameToken with a caller part without accessing the WebSphere Application Server registry, you can replace the authentication method of the UsernameToken consumer and configure the caller to use an alternative Java Authentication and Authorization Service (JAAS) login configuration.


File name: container_wssec_developing_message_security_jaxrpc.html