[jboss-user] [JBoss Web Services] - Re: Attaching a WS-Security policy forces use of "Standard WSSecurity Endpoint" configuration

Alessio Soldano do-not-reply at jboss.com
Mon Jan 17 03:07:45 EST 2011

Alessio Soldano [http://community.jboss.org/people/alessio.soldano%40jboss.com] created the discussion

"Re: Attaching a WS-Security policy forces use of "Standard WSSecurity Endpoint" configuration"

To view the discussion, visit: http://community.jboss.org/message/581102#581102

Ciao Riccardo,
basing the handlers configuration for ws-security on the "Standard WSSecurity Endpoint" conf there is most likely something that should be changed (having that as a configurable option would be better)... the point is that the WS-Policy usage here should basically allow the engine to setup WS-Security without the need of user provided security handler configuration.
This said, however, the WS-Policy engine in JBossWS-Native is experimental and no real WS-*Policy implementation was ever based on that (mainly because at the time that code was written, the multiple-stack support work was being started and then we decided to go for CXF/Metro integration stacks, especially for the WS-* support). While there's indeed some initial code for WS-SecurityPolicy in native, that's not finished.
So, if you need a real support for WS-Policy (especially for WS-Security Policy), you should really evaluate moving to JBossWS-CXF stack. If you can't afford also moving to JBoss AS 6 Final and want to stay on 5.1.0, JBossWS-CXF 3.4.0 is the version for you (see  http://community.jboss.org/docs/DOC-13569 http://community.jboss.org/wiki/JBossWS-SupportedTargetContainers)

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-user/attachments/20110117/d3e31be1/attachment.html 

More information about the jboss-user mailing list