This week's book giveaway is in the Design forum.
We're giving away four copies of Building Microservices and have Sam Newman on-line!
See this thread for details.
The moose likes Web Services and the fly likes SAAJ and Ws security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Building Microservices this week in the Design forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "SAAJ and Ws security" Watch "SAAJ and Ws security" New topic
Author

SAAJ and Ws security

D. Rose
Ranch Hand

Joined: Apr 25, 2003
Posts: 215
We are implementing web service client. We need to implement ws security with username token.
I was planning to use wss4j but our client said they want to use SAAJ.
I know SAAJ can be used for simple web service but how can it be used in implementing ws security? Any ideas?
Ulf Dittmer
Rancher

Joined: Mar 22, 2005
Posts: 42958
    
  73
SAAJ does not implement WS-Security; wss4j does. SAAJ is a low-level API for making SOAP calls (and JAX-RPC is a higher-level API built on top of SAAJ). But neither of them deals with security.

If all you require is username/password functionality, you can probably get away with using HTTP authentication instead of WS-Security.

(Just to be clear: the client did mention SAAJ, and not JAAS?)
[ October 21, 2005: Message edited by: Ulf Dittmer ]
 
I’ve looked at a lot of different solutions, and in my humble opinion Aspose is the way to go. Here’s the link: http://aspose.com
 
subject: SAAJ and Ws security
 
It's not a secret anymore!