Hi
On GlassFish, I have a webservice that is implemented by a Java EE EJB endpoint.
I would like to implement message security, in the form of message digital signature.
Basically, what I would like to achieve is the following scenario:
1. WSC sends a signed request to WSP
2. WSP should be able to retrieve WSC consumer to determine how to respond to WSC
3. WSP sends a signed response to WSC
I've been googling for hours without finding a good starting point. I've read that because I'm implementing the WebService using an EJB and not a servlet, I can't use XWSS. So from the Java Web Services Tutorial 2.0, I understand I should use "the Application Server Message Security Implementation" rather than XWSS.
Could someone please provide me with some pointers on where to start from?
Best regards
Jean-Noel Colin
[Message sent by forum member 'jncolin' (jncolin)]
http://forums.java.net/jive/thread.jspa?messageID=209600