In this chapter, we will cover:
Authenticating a Web-Service call using a username token with a plain/digest password
Authenticating a Web-Service call using Spring security to authenticate a username token with a plain/digest password
Securing SOAP messages using a digital signature
Authenticating a Web-Service call using an X509 certificate
Encrypting/decrypting SOAP Messages
In the previous chapter, the usage of SUN's implementation (XWSS): OASIS Web-Services Security (WS-Security or WSS) specification in Spring-WS (that uses
XwsSecurityInterceptor to perform security operations) is explained. In this chapter, Spring-WS's support for Apache's implementation (WSS4J) of OASIS WS-Security ...