4.4. Enable WS-Security

Procedure 4.1. Enable WS-Security

1. Define a Policy within your WSDL and reference it with a PolicyReference inside your binding.
2. Configure your <soap.binding> with <securityAction>.
   This is so that JBossWS-CXF knows which tokens to respect within incoming SOAP requests.
3. Include a WEB-INF/jboss-web.xml file in your application with a <security-domain> specified.
   This is so that JBossWS-CXF knows which modules to use for authentication and rolemapping.