Java web services, WS-Security without client certificates

Learn how to use WS-Security symmetric encryption for secure exchanges without client certificates

From the developerWorks archives

Dennis Sosnoski

Date archived: December 19, 2016 | First published: August 03, 2010

WS-Security symmetric encryption lets you secure message exchanges between client and server without requiring client certificates, simplifying your web service configuration while also providing performance benefits. You can use it directly or in the bootstrap for WS-SecureConversation exchanges. In this article, you'll learn how to configure and use symmetric encryption with the three main open source Java™ web services stacks: Axis2, Metro, and CXF. You'll also see how plain WS-Security symmetric encryption performance compares to WS-SecureConversation performance.

This content is no longer being updated or maintained. The full article is provided "as is" in a PDF file. Given the rapid evolution of technology, some steps and illustrations may have changed.

Zone=Java development, SOA and web services, Open source
ArticleTitle=Java web services: WS-Security without client certificates