File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
The moose likes Web Services and the fly likes SAAJ and Ws security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "SAAJ and Ws security" Watch "SAAJ and Ws security" New topic

SAAJ and Ws security

D. Rose
Ranch Hand

Joined: Apr 25, 2003
Posts: 215
We are implementing web service client. We need to implement ws security with username token.
I was planning to use wss4j but our client said they want to use SAAJ.
I know SAAJ can be used for simple web service but how can it be used in implementing ws security? Any ideas?
Ulf Dittmer

Joined: Mar 22, 2005
Posts: 42955
SAAJ does not implement WS-Security; wss4j does. SAAJ is a low-level API for making SOAP calls (and JAX-RPC is a higher-level API built on top of SAAJ). But neither of them deals with security.

If all you require is username/password functionality, you can probably get away with using HTTP authentication instead of WS-Security.

(Just to be clear: the client did mention SAAJ, and not JAAS?)
[ October 21, 2005: Message edited by: Ulf Dittmer ]
I agree. Here's the link:
subject: SAAJ and Ws security