The general implementation tasks for message security include some or all of the following:
If you are using a version of the Java SDK prior to version 1.5.0, and using encryption technology, configuring a JCE provider
If you are using a username token, verifying that a user database is configured for an appropriate realm
When using a username/password token, an appropriate realm must be configured and a user database must be configured for the realm.
Managing certificates and private keys, if necessary
Enabling the GlassFish Server default providers
Configuring new message security providers