By venu on Feb 28, 2007
In order to take advantage of new Message design provided in JAXWS 2.1 we revamped XWSS in WSIT milestone 3. XWSS 3.0 now has two implementations of WS Security one is based on DOM/SAAJ api's and other is based on JAXB and StAX api's . We have by default enabled JAXB and StAX based implementation. The performance benefits we get from the default implementation is really exciting. The burden of DOM and SAAJ is no longer needed to support most commonly used security scenarios. I will soon publish the performance improvement we have got over XWSS 2.0. Though the default implementation is efficient it has some limitations in this release of WSIT. We do not support XPATH , i,e we do not support SignedElements and EncryptedElements. We do support this under DOM based implementation.
Ability to switch between these two implementation automatically based on the SecurityPolicy will be supported in future releases of WSIT. In this release we can switch to DOM based WS Security implementation by adding DisableStreamingSecurity policy assertion in wsit-client.xml on client side and wsit.xml/ wsdl on the server side.
Client side assertion :
Server side assertion :
powered by performancing firefox