{"id":30525,"date":"2015-12-30T11:00:36","date_gmt":"2015-12-30T09:00:36","guid":{"rendered":"http:\/\/examples.javacodegeeks.com\/?p=30525"},"modified":"2015-12-29T11:22:47","modified_gmt":"2015-12-29T09:22:47","slug":"jax-ws-security-example","status":"publish","type":"post","link":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/","title":{"rendered":"JAX-WS Security Example"},"content":{"rendered":"<p>In this example we shall learn, how to implement JAX-WS security to SOAP web services.<\/p>\n<p>Security is always critical to web services. When talking about web services security here, following security issues are considered:<\/p>\n<h4>Wire-level security<\/h4>\n<ul>\n<li>Assurance between client and web service that they are the only one communicating.<\/li>\n<li>Data encryption.<\/li>\n<li>Assurance that received message is same as sent message.<\/li>\n<\/ul>\n<h4>User authentication and authorization<\/h4>\n<ul>\n<li>Authentication is appropriate credentials to gain access.<\/li>\n<li>Authorization is users-role security. Users might be restricted to some resources based on their roles.<\/li>\n<\/ul>\n<h2>1. Wire-level security using HTTPS<\/h2>\n<p>To make web service more secure, we can use HTTPS instead of HTTP. It addresses three security services<br \/>\nover transport services that HTTP provides; Peer authentication, confidentiality, and integrity.<\/p>\n<h2>2. Container managed security for web service<\/h2>\n<h3>2.1 Deploying web service under tomcat<\/h3>\n<p>To understand this let us first create a &#8216;Dynamic Web Project&#8217; in eclipse.<\/p>\n<p><figure id=\"attachment_31061\" aria-describedby=\"caption-attachment-31061\" style=\"width: 599px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/NewDynamicWebProject.jpg\"><img decoding=\"async\" class=\"size-full wp-image-31061\" src=\"http:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/NewDynamicWebProject.jpg\" alt=\"New Dynamic Web Project\" width=\"599\" height=\"719\" srcset=\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/NewDynamicWebProject.jpg 599w, https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/NewDynamicWebProject-250x300.jpg 250w\" sizes=\"(max-width: 599px) 100vw, 599px\" \/><\/a><figcaption id=\"caption-attachment-31061\" class=\"wp-caption-text\">New Dynamic Web Project<\/figcaption><\/figure><\/p>\n<p>Now we shall implement Service Endpoint Interface as follows:<\/p>\n<p><span style=\"text-decoration: underline;\"><em>CalculatorI.java<\/em><\/span><\/p>\n<pre class=\"brush:java\">package com.javacodegeeks.jaxws.example;\r\n\r\nimport javax.jws.WebMethod;\r\nimport javax.jws.WebService;\r\nimport javax.jws.soap.SOAPBinding;\r\nimport javax.jws.soap.SOAPBinding.Style;\r\n\r\n@WebService\r\n@SOAPBinding(style = Style.RPC)\r\npublic interface CalculatorI {\r\n\t@WebMethod\r\n\tint add(int a, int b);\r\n\r\n\t@WebMethod\r\n\tint subtract(int a, int b);\r\n\r\n\t@WebMethod\r\n\tint multiply(int a, int b);\r\n\r\n\t@WebMethod\r\n\tint divide(int a, int b);\r\n}\r\n<\/pre>\n<p>After this we shall implement Service Implementation Bean as follows:<\/p>\n<p><span style=\"text-decoration: underline;\"><em>CalculatorImpl.java<\/em><\/span><\/p>\n<pre class=\"brush:java\">package com.javacodegeeks.jaxws.example;\r\n\r\nimport javax.jws.WebService;\r\n\r\n@WebService(endpointInterface = \"com.javacodegeeks.jaxws.example.CalculatorI\")\r\npublic class CalculatorImpl implements CalculatorI {\r\n\r\n\t@Override\r\n\tpublic int add(int a, int b) {\r\n\t\treturn a + b;\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int subtract(int a, int b) {\r\n\t\treturn a - b;\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int multiply(int a, int b) {\r\n\t\treturn a * b;\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int divide(int a, int b) {\r\n\t\treturn a \/ b;\r\n\t}\r\n\r\n}\r\n<\/pre>\n<p>To configure a container like tomcat to host a web service, we need to add configuration of JAX-WS&#8217;s <code>WSServlet<\/code> and <code>WSServletContainerListener<\/code> in <code>web.xml<\/code>. <code>web.xml<\/code> on configuration shall be like:<\/p>\n<p><span style=\"text-decoration: underline;\"><em>web.xml<\/em><\/span><\/p>\n<pre class=\"brush:xml\">&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\r\n&lt;web-app xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\"\r\n\txmlns=\"http:\/\/java.sun.com\/xml\/ns\/javaee\"\r\n\txsi:schemaLocation=\"http:\/\/java.sun.com\/xml\/ns\/javaee http:\/\/java.sun.com\/xml\/ns\/javaee\/web-app_3_0.xsd\"\r\n\tid=\"WebApp_ID\" version=\"3.0\"&gt;\r\n\t&lt;display-name&gt;JaxWSSecurityExample&lt;\/display-name&gt;\r\n\t&lt;welcome-file-list&gt;\r\n\t\t&lt;welcome-file&gt;index.html&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;index.htm&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;index.jsp&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.html&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.htm&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.jsp&lt;\/welcome-file&gt;\r\n\t&lt;\/welcome-file-list&gt;\r\n\r\n\t&lt;servlet&gt;\r\n\t\t&lt;servlet-name&gt;CalculatorWS&lt;\/servlet-name&gt;\r\n\t\t&lt;servlet-class&gt;com.sun.xml.ws.transport.http.servlet.WSServlet&lt;\/servlet-class&gt;\r\n\t&lt;\/servlet&gt;\r\n\t&lt;servlet-mapping&gt;\r\n\t\t&lt;servlet-name&gt;CalculatorWS&lt;\/servlet-name&gt;\r\n\t\t&lt;url-pattern&gt;\/calc&lt;\/url-pattern&gt;\r\n\t&lt;\/servlet-mapping&gt;\r\n\r\n\t&lt;listener&gt;\r\n\t\t&lt;listener-class&gt;com.sun.xml.ws.transport.http.servlet.WSServletContextListener&lt;\/listener-class&gt;\r\n\t&lt;\/listener&gt;\r\n&lt;\/web-app&gt;\r\n<\/pre>\n<p>Now to add the endpoint that we created to be hosted by tomcat, we will create <code>sun-jaxws.xml<\/code> in WEB-INF directory as follows:<div style=\"display:inline-block; margin: 15px 0;\"> <div id=\"adngin-JavaCodeGeeks_incontent_video-0\" style=\"display:inline-block;\"><\/div> <\/div><\/p>\n<p><span style=\"text-decoration: underline;\"><em>sun-jaxws.xml<\/em><\/span><\/p>\n<pre class=\"brush:xml\">&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\r\n&lt;endpoints xmlns=\"http:\/\/java.sun.com\/xml\/ns\/jax-ws\/ri\/runtime\"\r\n\tversion=\"2.0\"&gt;\r\n\t&lt;endpoint name=\"CalcWS\"\r\n\t\timplementation=\"com.javacodegeeks.jaxws.example.CalculatorImpl\" \/&gt;\r\n&lt;\/endpoints&gt;\r\n<\/pre>\n<h3>2.2 Securing web service under tomcat<\/h3>\n<p>Next step is to secure the web service or to enable https. To do this, go to Tomcat&#8217;s conf directory and edit <code>server.xml<\/code> file.<br \/>\nBut first things first, we will need to create a digital certificate. We can use Java&#8217;s keytool utility to generate the same. The command would be like: <code>keytool -genkey -alias tomcat -keyalg RSA<\/code><\/p>\n<p>By default a digital certificate file with name <code>.keystore<\/code> shall be created in the user&#8217;s home directory. Now to configure this file to enable https, we shall edit connector configuration in <code>server.xml<\/code> as mentioned above. The new configuration shall be like:<\/p>\n<p><span style=\"text-decoration: underline;\"><em>server.xml (partial)<\/em><\/span><\/p>\n<pre class=\"brush:xml\">&lt;Connector port=\"8443\" protocol=\"HTTP\/1.1\" SSLEnabled=\"true\"\r\n\tmaxThreads=\"150\" scheme=\"https\" secure=\"true\" clientAuth=\"false\"\r\n\tsslProtocol=\"TLS\" keystoreFile=\"\/home\/saurabharora123\/.keystore\" \/&gt;\r\n<\/pre>\n<h3>2.3 Implementing authentication and authentication<\/h3>\n<p>Next step in securing our web service is to implement authentication and authorization. This can be done at at either application level or container level. We will look at each of these methods.<\/p>\n<h4>2.3.1 Authentication at application level<\/h4>\n<p>Authentication if done at application level is easy but creates clumsy and un-readable code. The change to web service would be minor.<\/p>\n<p><span style=\"text-decoration: underline;\"><em>CalculatorImplAppManagedAuth.java<\/em><\/span><\/p>\n<pre class=\"brush:java\">package com.javacodegeeks.jaxws.example;\r\n\r\nimport java.util.List;\r\nimport java.util.Map;\r\n\r\nimport javax.annotation.Resource;\r\nimport javax.jws.WebService;\r\nimport javax.xml.ws.WebServiceContext;\r\nimport javax.xml.ws.handler.MessageContext;\r\nimport javax.xml.ws.http.HTTPException;\r\n\r\n@WebService(endpointInterface = \"com.javacodegeeks.jaxws.example.CalculatorI\")\r\npublic class CalculatorImplAppManagedAuth implements CalculatorI {\r\n\t@Resource\r\n\tWebServiceContext context;\r\n\r\n\t@Override\r\n\tpublic int add(int a, int b) {\r\n\t\tif (isAuthenticated())\r\n\t\t\treturn a + b;\r\n\t\telse\r\n\t\t\tthrow new HTTPException(401);\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int subtract(int a, int b) {\r\n\t\tif (isAuthenticated())\r\n\t\t\treturn a - b;\r\n\t\telse\r\n\t\t\tthrow new HTTPException(401);\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int multiply(int a, int b) {\r\n\t\tif (isAuthenticated())\r\n\t\t\treturn a * b;\r\n\t\telse\r\n\t\t\tthrow new HTTPException(401);\r\n\t}\r\n\r\n\t@Override\r\n\tpublic int divide(int a, int b) {\r\n\t\tif (isAuthenticated())\r\n\t\t\treturn a \/ b;\r\n\t\telse\r\n\t\t\tthrow new HTTPException(401);\r\n\t}\r\n\r\n\tprivate boolean isAuthenticated() {\r\n\t\tMessageContext messageContext = context.getMessageContext();\r\n\t\tMap httpHeaders = (Map) messageContext.get(MessageContext.HTTP_REQUEST_HEADERS);\r\n\t\tList userNameList = (List) httpHeaders.get(\"uname\");\r\n\t\tList passwordList = (List) httpHeaders.get(\"pass\");\r\n\r\n\t\tif (userNameList.contains(\"saurabh\") &amp;&amp; passwordList.contains(\"java\"))\r\n\t\t\treturn true;\r\n\t\telse\r\n\t\t\treturn false;\r\n\t}\r\n}\r\n<\/pre>\n<p>In the above program, username and password are expected in http headers which are then authenticated. In case request is not authenticated <code>HTTPException<\/code> with code <code>401<\/code> shall be thrown which is for unauthorized access. The above program is just a sample, in the real-world scenario this kind of authentication can be done form databases or LDAP or other such repositories. On similar pattern authorization can be implemented.<\/p>\n<p>The downside of the above approach is that the logic is now a mix of application logic and security implementation.<\/p>\n<p>To compliment this web service client shall have to do some additional line of code to put username and password in the HTTP headers.<\/p>\n<h4>2.3.2 Authentication and authorization managed by container<\/h4>\n<p>Implementing authentication and authorization managed by container like Tomcat is just a matter of some configuration.<br \/>\nFirst step is to edit the web.xml to implement security constraints.<\/p>\n<p><span style=\"text-decoration: underline;\"><em>web.xml<\/em><\/span><\/p>\n<pre class=\"brush:xml\">&lt;?xml version=\"1.0\" encoding=\"UTF-8\"?&gt;\r\n&lt;web-app xmlns:xsi=\"http:\/\/www.w3.org\/2001\/XMLSchema-instance\"\r\n\txmlns=\"http:\/\/java.sun.com\/xml\/ns\/javaee\"\r\n\txsi:schemaLocation=\"http:\/\/java.sun.com\/xml\/ns\/javaee http:\/\/java.sun.com\/xml\/ns\/javaee\/web-app_3_0.xsd\"\r\n\tid=\"WebApp_ID\" version=\"3.0\"&gt;\r\n\t&lt;display-name&gt;JaxWSSecurityExample&lt;\/display-name&gt;\r\n\t&lt;welcome-file-list&gt;\r\n\t\t&lt;welcome-file&gt;index.html&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;index.htm&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;index.jsp&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.html&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.htm&lt;\/welcome-file&gt;\r\n\t\t&lt;welcome-file&gt;default.jsp&lt;\/welcome-file&gt;\r\n\t&lt;\/welcome-file-list&gt;\r\n\r\n\t&lt;servlet&gt;\r\n\t\t&lt;servlet-name&gt;CalculatorWS&lt;\/servlet-name&gt;\r\n\t\t&lt;servlet-class&gt;com.sun.xml.ws.transport.http.servlet.WSServlet&lt;\/servlet-class&gt;\r\n\t&lt;\/servlet&gt;\r\n\t&lt;servlet-mapping&gt;\r\n\t\t&lt;servlet-name&gt;CalculatorWS&lt;\/servlet-name&gt;\r\n\t\t&lt;url-pattern&gt;\/calc&lt;\/url-pattern&gt;\r\n\t&lt;\/servlet-mapping&gt;\r\n\r\n\t&lt;listener&gt;\r\n\t\t&lt;listener-class&gt;com.sun.xml.ws.transport.http.servlet.WSServletContextListener&lt;\/listener-class&gt;\r\n\t&lt;\/listener&gt;\r\n\r\n\t&lt;security-role&gt;\r\n\t\t&lt;description&gt;Admin role&lt;\/description&gt;\r\n\t\t&lt;role-name&gt;admin&lt;\/role-name&gt;\r\n\t&lt;\/security-role&gt;\r\n\r\n\t&lt;security-constraint&gt;\r\n\t\t&lt;web-resource-collection&gt;\r\n\t\t\t&lt;web-resource-name&gt;UserRoleSecurity&lt;\/web-resource-name&gt;\r\n\t\t\t&lt;url-pattern&gt;\/calc&lt;\/url-pattern&gt;\r\n\t\t&lt;\/web-resource-collection&gt;\r\n\t\t&lt;auth-constraint&gt;\r\n\t\t\t&lt;role-name&gt;admin&lt;\/role-name&gt;\r\n\t\t&lt;\/auth-constraint&gt;\r\n\t\t&lt;user-data-constraint&gt;\r\n\t\t\t&lt;transport-guarantee&gt;CONFIDENTIAL&lt;\/transport-guarantee&gt;\r\n\t\t&lt;\/user-data-constraint&gt;\r\n\t&lt;\/security-constraint&gt;\r\n\r\n\t&lt;login-config&gt;\r\n\t\t&lt;auth-method&gt;BASIC&lt;\/auth-method&gt;\r\n\t&lt;\/login-config&gt;\r\n&lt;\/web-app&gt;\r\n<\/pre>\n<p>In this updated <code>web.xml<\/code> resources to be updated are mentioned in <code>web-resource-collection<\/code> tag. <code>role-name<\/code> tag describes the role which authenticated user should have. Here we are using <code>BASIC<\/code> authentication. Transport is guaranteed to be <code>CONFIDENTIAL<\/code> which covers services of authentication, encryption and message integrity.<\/p>\n<p>When tomcat receives request, it will know that request needs to be authenticated and authorized. For verification of username, password and role, it shall look into <code>MemoryRealm<\/code> by default which is configured in file <code>conf\/tomcat-users.xml<\/code>.<\/p>\n<p><span style=\"text-decoration: underline;\"><em>tomcat-users.xml<\/em><\/span><\/p>\n<pre class=\"brush:xml\">&lt;tomcat-users&gt;\r\n  &lt;role rolename=\"admin\"\/&gt;\r\n  &lt;role rolename=\"normalUser\"\/&gt;\r\n  &lt;user username=\"saurabh\" password=\"java\" roles=\"admin\"\/&gt;\r\n  &lt;user username=\"both\" password=\"tomcat\" roles=\"tomcat,role1\"\/&gt;\r\n  &lt;user username=\"role1\" password=\"tomcat\" roles=\"role1\"\/&gt;\r\n&lt;\/tomcat-users&gt;\r\n<\/pre>\n<p>To use digested password <code>auth-method<\/code> in <code>web.xml<\/code> shall have to be changed to <code>DIGEST<\/code>. The digested password can be generated using <code>digest.sh<\/code> utility in tomcat&#8217;s bin directory. And then this digested password shall be replaced in <code>tomcat-users.xml<\/code>.<\/p>\n<h2>3. Directory structure of this example<\/h2>\n<p>The directory structure of the above example in eclipse shall look like:<\/p>\n<p><figure id=\"attachment_31062\" aria-describedby=\"caption-attachment-31062\" style=\"width: 400px\" class=\"wp-caption aligncenter\"><a href=\"http:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure.jpg\"><img decoding=\"async\" class=\"size-full wp-image-31062\" src=\"http:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure.jpg\" alt=\"Directory Structure\" width=\"400\" height=\"399\" srcset=\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure.jpg 400w, https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure-150x150.jpg 150w, https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure-300x300.jpg 300w, https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/DirectoryStructure-70x70.jpg 70w\" sizes=\"(max-width: 400px) 100vw, 400px\" \/><\/a><figcaption id=\"caption-attachment-31062\" class=\"wp-caption-text\">Directory Structure<\/figcaption><\/figure><\/p>\n<h2>4. Download the source code<\/h2>\n<p>This was an example of JAX-WS security.<\/p>\n<div class=\"download\"><strong>Download<\/strong><br \/>\nYou can download the full source code of this example here: <strong><a href=\"http:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/12\/JaxWSSecurityExample.zip\">JaxWSSecurityExample<\/a><\/strong><\/div>\n","protected":false},"excerpt":{"rendered":"<p>In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web services security here, following security issues are considered: Wire-level security Assurance between client and web service that they are the only one communicating. Data encryption. Assurance that received message &hellip;<\/p>\n","protected":false},"author":75,"featured_media":1240,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[461],"tags":[1264,1302,1051],"class_list":["post-30525","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-jws","tag-jax-ws","tag-jax-ws-security","tag-security"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v26.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>JAX-WS Security Example - Java Code Geeks<\/title>\n<meta name=\"description\" content=\"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"JAX-WS Security Example - Java Code Geeks\" \/>\n<meta property=\"og:description\" content=\"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web\" \/>\n<meta property=\"og:url\" content=\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\" \/>\n<meta property=\"og:site_name\" content=\"Examples Java Code Geeks\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/javacodegeeks\" \/>\n<meta property=\"article:published_time\" content=\"2015-12-30T09:00:36+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"150\" \/>\n\t<meta property=\"og:image:height\" content=\"150\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Saurabh Arora\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@javacodegeeks\" \/>\n<meta name=\"twitter:site\" content=\"@javacodegeeks\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Saurabh Arora\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"8 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\"},\"author\":{\"name\":\"Saurabh Arora\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/5bf4e0274824642c44536b83ddbfaf6c\"},\"headline\":\"JAX-WS Security Example\",\"datePublished\":\"2015-12-30T09:00:36+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\"},\"wordCount\":698,\"commentCount\":2,\"publisher\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/#organization\"},\"image\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg\",\"keywords\":[\"JAX-WS\",\"jax-ws security\",\"security\"],\"articleSection\":[\"jws\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\",\"url\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\",\"name\":\"JAX-WS Security Example - Java Code Geeks\",\"isPartOf\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg\",\"datePublished\":\"2015-12-30T09:00:36+00:00\",\"description\":\"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web\",\"breadcrumb\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage\",\"url\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg\",\"contentUrl\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg\",\"width\":150,\"height\":150},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/examples.javacodegeeks.com\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Java Development\",\"item\":\"https:\/\/examples.javacodegeeks.com\/category\/java-development\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Enterprise Java\",\"item\":\"https:\/\/examples.javacodegeeks.com\/category\/java-development\/enterprise-java\/\"},{\"@type\":\"ListItem\",\"position\":4,\"name\":\"jws\",\"item\":\"https:\/\/examples.javacodegeeks.com\/category\/java-development\/enterprise-java\/jws\/\"},{\"@type\":\"ListItem\",\"position\":5,\"name\":\"JAX-WS Security Example\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#website\",\"url\":\"https:\/\/examples.javacodegeeks.com\/\",\"name\":\"Java Code Geeks\",\"description\":\"Java Examples and Code Snippets\",\"publisher\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/#organization\"},\"alternateName\":\"JCG\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/examples.javacodegeeks.com\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#organization\",\"name\":\"Exelixis Media P.C.\",\"url\":\"https:\/\/examples.javacodegeeks.com\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"contentUrl\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png\",\"width\":864,\"height\":246,\"caption\":\"Exelixis Media P.C.\"},\"image\":{\"@id\":\"https:\/\/examples.javacodegeeks.com\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/javacodegeeks\",\"https:\/\/x.com\/javacodegeeks\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/5bf4e0274824642c44536b83ddbfaf6c\",\"name\":\"Saurabh Arora\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/11\/Saurabh-Arora-96x96.jpg\",\"contentUrl\":\"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/11\/Saurabh-Arora-96x96.jpg\",\"caption\":\"Saurabh Arora\"},\"description\":\"Saurabh graduated with an engineering degree in Information Technology from YMCA Institute of Engineering, India. He is SCJP, OCWCD certified and currently working as Technical Lead with one of the biggest service based firms and is involved in projects extensively using Java and JEE technologies. He has worked in E-Commerce, Banking and Telecom domain.\",\"sameAs\":[\"http:\/\/www.javacodegeeks.com\/\",\"https:\/\/in.linkedin.com\/in\/saurabh-arora-78674b18\"],\"url\":\"https:\/\/examples.javacodegeeks.com\/author\/saurabh-arora\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"JAX-WS Security Example - Java Code Geeks","description":"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/","og_locale":"en_US","og_type":"article","og_title":"JAX-WS Security Example - Java Code Geeks","og_description":"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web","og_url":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/","og_site_name":"Examples Java Code Geeks","article_publisher":"https:\/\/www.facebook.com\/javacodegeeks","article_published_time":"2015-12-30T09:00:36+00:00","og_image":[{"width":150,"height":150,"url":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg","type":"image\/jpeg"}],"author":"Saurabh Arora","twitter_card":"summary_large_image","twitter_creator":"@javacodegeeks","twitter_site":"@javacodegeeks","twitter_misc":{"Written by":"Saurabh Arora","Est. reading time":"8 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#article","isPartOf":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/"},"author":{"name":"Saurabh Arora","@id":"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/5bf4e0274824642c44536b83ddbfaf6c"},"headline":"JAX-WS Security Example","datePublished":"2015-12-30T09:00:36+00:00","mainEntityOfPage":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/"},"wordCount":698,"commentCount":2,"publisher":{"@id":"https:\/\/examples.javacodegeeks.com\/#organization"},"image":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage"},"thumbnailUrl":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg","keywords":["JAX-WS","jax-ws security","security"],"articleSection":["jws"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/","url":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/","name":"JAX-WS Security Example - Java Code Geeks","isPartOf":{"@id":"https:\/\/examples.javacodegeeks.com\/#website"},"primaryImageOfPage":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage"},"image":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage"},"thumbnailUrl":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg","datePublished":"2015-12-30T09:00:36+00:00","description":"In this example we shall learn, how to implement JAX-WS security to SOAP web services. Security is always critical to web services. When talking about web","breadcrumb":{"@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#primaryimage","url":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg","contentUrl":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2012\/12\/enterprise-java-logo.jpg","width":150,"height":150},{"@type":"BreadcrumbList","@id":"https:\/\/examples.javacodegeeks.com\/java-development\/enterprise-java\/jws\/jax-ws-security-example\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/examples.javacodegeeks.com\/"},{"@type":"ListItem","position":2,"name":"Java Development","item":"https:\/\/examples.javacodegeeks.com\/category\/java-development\/"},{"@type":"ListItem","position":3,"name":"Enterprise Java","item":"https:\/\/examples.javacodegeeks.com\/category\/java-development\/enterprise-java\/"},{"@type":"ListItem","position":4,"name":"jws","item":"https:\/\/examples.javacodegeeks.com\/category\/java-development\/enterprise-java\/jws\/"},{"@type":"ListItem","position":5,"name":"JAX-WS Security Example"}]},{"@type":"WebSite","@id":"https:\/\/examples.javacodegeeks.com\/#website","url":"https:\/\/examples.javacodegeeks.com\/","name":"Java Code Geeks","description":"Java Examples and Code Snippets","publisher":{"@id":"https:\/\/examples.javacodegeeks.com\/#organization"},"alternateName":"JCG","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/examples.javacodegeeks.com\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/examples.javacodegeeks.com\/#organization","name":"Exelixis Media P.C.","url":"https:\/\/examples.javacodegeeks.com\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/examples.javacodegeeks.com\/#\/schema\/logo\/image\/","url":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","contentUrl":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2022\/06\/exelixis-logo.png","width":864,"height":246,"caption":"Exelixis Media P.C."},"image":{"@id":"https:\/\/examples.javacodegeeks.com\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/javacodegeeks","https:\/\/x.com\/javacodegeeks"]},{"@type":"Person","@id":"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/5bf4e0274824642c44536b83ddbfaf6c","name":"Saurabh Arora","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/examples.javacodegeeks.com\/#\/schema\/person\/image\/","url":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/11\/Saurabh-Arora-96x96.jpg","contentUrl":"https:\/\/examples.javacodegeeks.com\/wp-content\/uploads\/2015\/11\/Saurabh-Arora-96x96.jpg","caption":"Saurabh Arora"},"description":"Saurabh graduated with an engineering degree in Information Technology from YMCA Institute of Engineering, India. He is SCJP, OCWCD certified and currently working as Technical Lead with one of the biggest service based firms and is involved in projects extensively using Java and JEE technologies. He has worked in E-Commerce, Banking and Telecom domain.","sameAs":["http:\/\/www.javacodegeeks.com\/","https:\/\/in.linkedin.com\/in\/saurabh-arora-78674b18"],"url":"https:\/\/examples.javacodegeeks.com\/author\/saurabh-arora\/"}]}},"_links":{"self":[{"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/30525","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/users\/75"}],"replies":[{"embeddable":true,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/comments?post=30525"}],"version-history":[{"count":0,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/posts\/30525\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/media\/1240"}],"wp:attachment":[{"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/media?parent=30525"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/categories?post=30525"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/examples.javacodegeeks.com\/wp-json\/wp\/v2\/tags?post=30525"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}