Network Deployment (Distributed operating systems), v8.0 > Develop and deploying applications > Develop web services - Security (WS-Security) > Develop applications that use Web Services Security
Develop message-level security for JAX-RPC web services
IBM WAS supports the Java™ API for JAX-WS programming model and JAX-RPC.
- Develop web services clients that retrieve tokens from the JAAS Subject in an application
The security handlers are responsible for propagating security tokens. These security tokens are embedded in the SOAP security header and passed to downstream servers.
- Develop web services applications that retrieve tokens from the JAAS Subject in a server application
With a server application, the application acts as the request consumer, and the response generator is deployed and runs in the Java EE container. The consumer component for Web Services Security stores the security tokens that it receives in the JAAS Subject of the current thread. We can retrieve the security tokens from the JAAS Subject that is maintained as a local thread in the container.