One important aspect of Service Oriented Architecture that is often challenging to address and implement is Security. Providing robust and scalable security solutions throughout highly distributed applications is a difficult problem to solve. For traditional WebServices, standards like WS-Security, WS-Trust, WS-SecureConversation, and WS-SecurityPolicy have emerged to ease some of those problems. However, those standards don't always provide the best solutions for modern distributed applications that may include REST based services in addition to traditional SOAP based applications.

This session will cover various options for providing security to your services and will demonstrate how Apache projects such as CXF, WSS4J, Camel, and Karaf can work together to provide a complete security solution.