That's the realm of WS-Security; Axis2 has the Rampart module that implements it.
Ping & DNS - updated with new look and Ping home screen widget
Joined: Sep 09, 2008
Thanks for your answer. My only requirement is to create a callback method which can authenticate the username and password and add these two attributes in the header. Is rampart the only way of implementing it? Actually I am using JAX-WS with annotations, hence I was looking for something in annotation which can perform this task. (I am having problem implementing Axis2 1.5.4 and Rampart 1.5.1 with SSL layer.)
Joined: Mar 22, 2005
There is no standard Java API for how WS-Security integrates with JAX-WS - each SOAP stack does it differently. But none I'm aware of uses annotations. And yes - Rampart is what you use for WS-Security along with Axis2.
You shouldn't be using SSL to secure web services - WS-Security provides encryption as well as authentication.