WSO2 WSAS – Web Services Security in Practice

Nandana Sampath Mihindukulasooriya

ABSTRACT

“Complexity is the worst enemy of security”. Unfortunately, complexity in Web services security implementations has reached a point where, the learning curve for a Web services developer has become very steep. To use Web services security accurately and efficiently for achieving desired results, one must possess a deep understanding of dozens of WS – Security specifications, in addition to general security knowledge that's needed. WSO2 Web Service Application Server (WSAS),an enterprise ready Web services application server powered by Apache Axis2 together with other Web services projects, tries to address this issue by providing easy to use security configuration settings together with a set of security utilities, allowing Web services authors to configure security in an extremely user friendly and efficient manner. WSO2 WSAS security configuration options mainly focus on making it possible to implement the most commonly used security scenarios with least bit of effort.