Securing web services with WS-Security
The Web Services Security specification defines core facilities
for protecting the integrity and confidentiality of a message, and
provides mechanisms for associating security-related claims with a
message. Web Services Security, an extension of the IBM web services
engine, provides a quality of service.
Web Services Security concepts Securing web services applications at the transport level Authenticating web services clients using HTTP basic authentication HTTP basic authentication uses a user name and password to authenticate a service client to a secure endpoint.Securing JAX-WS web services using message-level security Securing JAX-RPC web services using message-level security Securing web services using Security Markup Assertion Language (SAML) Authenticating web services using generic security token login modules Migrating Web Services Security Developing applications that use Web Services Security Configuring Web Services Security during application assembly Administering Web Services Security Tuning Web Services Security