Message confidentiality
To keep the message safe from eavesdropping, encryption technology is used to scramble the information in Web services requests and responses. The encryption ensures that nobody accesses the data in transit, in memory, or after it has been persisted, unless they have the private key of the recipient. The WS-Security: SOAP Message Security 1.0/1.1 specification describes enhancements to SOAP messaging to provide message confidentiality.
There are two options to configure WS-Security for JAX-WS Web services:
| Policy sets |
|
| Programming API for securing SOAP message with Web Service Security (WSS API) and Service Programming Interfaces (SPI) for a service provider |
We use policy sets in our examples.
|
ibm.com/redbooks |