WS-Security Demos ================= These demos shows how WS-Security support in Apache CXF may be enabled. WS-Security can be enabled in CXF in two ways: a) WS-Security can be configured to the Client and Server endpoints by adding WSS4JInterceptors. Both Server and Client can be configured for outgoing and incoming interceptors. Various Actions like, Timestamp, UsernameToken, Signature, Encryption, etc., can be applied to the interceptors by passing appropriate configuration properties. b) WS-Security can be enabled automatically by using WS-SecurityPolicy, and by defining some configuration information (keys, usernames, etc.). In addition, CXF 3.0.0 supports both a DOM-based (in-memory) and StAX-based (streaming) approach to WS-Security. Each demo gives options for running the demo using either approach. The demos show the following functionality: - sign_enc: How to configure the "Action" based approach to WS-Security in CXF. The demo shows how to configure Signature, Encryption, Timestamps and UsernameTokens. - sign_enc_policy: How to configure CXF using WS-SecurityPolicy to sign and encrypt the SOAP Body, to encrypt a UsernameToken and to include a signed Timestamp. - ut: How to simply include a UsernameToken using the "Action" based approach. - ut_policy: How to include a UsernameToken using WS-SecurityPolicy.