Sun GlassFish Enterprise Server v3 Administration Guide

Application-Specific Web Services Security

Application-specific web services security functionality is configured (at application assembly) by defining the message-security-binding elements in the Sun-specific deployment descriptors of the application. These message-security-binding elements are used to associate a specific security provider or message protection policy with a web service endpoint or service reference, and might be qualified so that they apply to a specific port or method of the corresponding endpoint or referenced service.

For information about defining application-specific message protection policies, see Chapter 5, Securing Applications, in Sun GlassFish Enterprise Server v3 Application Development Guide.