This article describes how the emerging WS-Security standard was used to secure a Web service that was developed and deployed in the fall of 2002. The article will discuss the security-related requirements of the Web service and how they were met using a combination of HTTPS/SSL, digital certificates, and digital signature technologies.
Web services security - ready to do business
Over the past couple of years, Web services has gone from being an overly-hyped technology to one that many organizations are using productively. The early implementations, like all new technology projects, tended to be sandbox-type efforts or projects that were small, inside the firewall, and non-mission-critical in nature.
The WS-Security Standard
Clearly an industry standard way of securing a Web service was required, and IBM, Microsoft, and VeriSign responded to this need in April, 2002.
Come to learn more about: http://javajazzup.com/issue12/page25.shtml