... provides three layers of security: low-level, XML, and Web Services security. The low-level security consists of many of the security models that we described inChapter 7, as well as Kerberos, ... Traditional J2EE security, as described in Chapter 7 ■■ Emerging Web Services messaging security based on WS -Security and SAMLWe will use our examples to illustrate how J2EE security can be used ... as a token in a WS -Security element, with both contained in the SOAP security header, arrives at the proxy. The proxy calls into the security server, which validates allthe security aspects of...