Applying WS-Security to a Web service and client
In this section, we apply the Username WSSecurity default policy set to our Web service and client. This policy set provides the following features:
| Message integrity by digital signature (using RSA public-key cryptography) to sign the body, timestamp, and WS-Addressing headers using the WS-Security specifications. |
|
| Message confidentiality by encryption (using RSA public-key cryptography) to encrypt the body, signature, and signature confirmation elements using the WS-Security specifications. |
|
| A username token included in the request message to authenticate the client to the service. The username token is encrypted in the request. |
|
ibm.com/redbooks |