Enabling WS-Security using JDeveloper

In this post i will be talking about some easy techniques to implement WS-Security in our applications. WS-Security is used to enable applications and services for a secured message level communication. WS-Security standards came into picture because of the inherent drawbacks of HTTPS/Transport layer security like provides only point to point security and is not useful if my destination service calls another and that inturn calls yet another. Similarly if i want to encrypt some specific parts of my message than also SSL is of no use.

We can add WS Security features in our Web Services using jdeveloper. Right click on the port name and select Secure web Service.

A popup is displayed that gives us a facility to add WS Security features:-

Click on Authentication to select and configure the authentication based settings for our web service:-












Similarly you can configure other features of WS Security as per your requirements.

Now, once you have enabled the Service to expect wsse security tokens then the client also needs to be configured with the same features. These can be configured on the client proxy by right clicking on the proxy and selecting Secure Proxy.










A configuration popup is shown that allows us to configure WS Security features on the Client proxy.