Java web services, WS-Security without client certificates
Learn how to use WS-Security symmetric encryption for secure exchanges without client certificates
From the developerWorks archives
Date archived: December 19, 2016 | First published: August 03, 2010
WS-Security symmetric encryption lets you secure message exchanges between client and server without requiring client certificates, simplifying your web service configuration while also providing performance benefits. You can use it directly or in the bootstrap for WS-SecureConversation exchanges. In this article, you'll learn how to configure and use symmetric encryption with the three main open source Java™ web services stacks: Axis2, Metro, and CXF. You'll also see how plain WS-Security symmetric encryption performance compares to WS-SecureConversation performance.
This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.