Child pages
  • JAX-WS - WS-Security Sample on Signature and Encryption

Versions Compared


  • This line was added.
  • This line was removed.
  • Formatting was changed.
Comment: Migrated to Confluence 5.3

Introducing the Sample

This sample shows how WS-Security support can be enabled in JAX-WS.
WS-Security can be configured to the Client and Server endpoints by adding WSS4JInterceptors. Both Server and Client can be configured for outgoing and incoming interceptors. Various actions like, Timestamp, UsernameToken, Signature, Encryption, etc., can be applied to the interceptors by passing appropriate configuration properties.
The logging feature is used to log the inbound and outbound SOAP messages and display these to the console. In all other respects, this sample is based on the basic hello_world sample.

The samples in this directory use STRONG encryption. The default encryption algorithms included in a JRE are not adequate for these samples.


For the sample, the Java Cryptography Extension (JCE), Unlimited Strength Jurisdiction Policy Files available on Oracle's JDK download page must be installed from here: ( Else, there will be errors on invalid key lengths.

Building and Running the Sample 

Using Maven

1. Install and run the WSO2 Application Server. Refer to the  Installation Guide for instructions.

2. From the base directory of this sample (<CARBON_HOME>\samples\Jaxws-Jaxrs\ws_security\sign_encrypt), the maven pom.xml file can be used to build and run the sample using either UNIX or Windows.

3. To build the sample and create a WAR file, run mvn clean install command.

4. Start the Application Server (run bin/

  • mvn -Pdeploy (deploys the generated WAR file on WSO2 AS with related logs on the console) 

Using Apache Ant 

1. Run "ant" on <CARBON_HOME>\samples\Jaxws-Jaxrs\ws_security\sign_encrypt directory to deploy the "sign_encrypt_jaxws" service on the server.

2. Start the application server and access its Management Console at https://localhost:9443/carbon.

3. Go to "Services -> List" menu to find the "sign_encrypt_jaxws" service listed on the "Deployed Services" window.

4. Execute "sh" or "run-client.bat" to run the client.

5. Try the sample with different QoS options which appear on its dashboard. Run "sh -help" for different options.


WS-Security Sample on Signature and Encryption in the WSO2 Application Server.