7.5. Conclusion

This chapter explained the J2EE platform security model as it applies to Web service endpoints and showed how to use the platform security model in different security scenarios. In particular, it described the declarative security approach and mechanisms used in the platform and how the platform handles authentication, authorization, and transport layer security.

The chapter described how to implement a secure environment using the JAX-RPC technology. It discussed the JAX-RPC endpoint and client programming models, and how each model handles authentication, authorization, and transport layer security. The chapter also introduced the message-level Web service security model and provided guidelines for using this approach to security.

The next chapter, about the architecture of an actual Web service application, puts all the conceptual information covered so far into practice.