7.3. Security for Web Service Interactions
Developers that rely on JAX-RPC to exchange messages between Web service endpoints and clients leverage the security services provided by the J2EE platform. The J2EE platform supports the WS-I Basic Profile 1.0 specifications for secure interoperable Web service interactions. WS-I security compliance requires HTTPS and single hop security for a request and reply between a client and service. The Basic Profile requires that the transport layer of HTTPS be combined with additional mechanisms for basic and mutual authentication.
The J2EE platform provides Web tier and EJB tier endpoints with similar security mechanisms for Web services. Most J2EE developers should already be familiar with its security mechanisms, ...
Get Designing Web Services with the J2EE™ 1.4 Platform JAX-RPC, SOAP, and XML Technologies now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.