axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Soactive Inc <soact...@gmail.com>
Subject Re: WSS4J vs. Apache XML security for digital signatures?
Date Fri, 04 Nov 2005 17:15:46 GMT
I use the following links to help me understand and implement Web Service
security for Axis-based services and they work pretty well. I would advise
against using XML security directly if you are not used to dealing with the
intricacies of security for XML. The WSS4J abstraction is meant to shield
you from doing just that and also to easily comply with the WS-Security
standard:

- http://ws.apache.org/wss4j/axis.html

- http://wiki.apache.org/ws/FrontPage/WsFx/wss4jParameters

- http://ws.apache.org/wss4j/package.html

-Arun

On 11/4/05, Allen Cronce <acronce@earthlink.net> wrote:
>
> Hi all,
>
> I'm interested in adding digital signatures to our Axis 1.3 based soap
> service. Originally I had assumed that I would use WSS4J (or something
> like it) to do implement this. But the Axis example code uses Apache XML
> Security directly, via a sample helper class called SignedSOAPEnvelope.
> And posts to this list seem to be split in their recommendations.
>
> Can anyone with practical experience adding security to their Axis
> service comment on the best overall direction to proceed?
>
> Best regards,
> --
> Allen Cronce
>

Mime
View raw message