WS-Security in which way?

[bad_habit]

Hi,

I´m doing some research right now and the topic of my research is:
How do Web Services Frameworks support the actual WS*-Standards (especially WS-Security)?

The Spring Web Services Framework writes this on their welcome-page:

Supports WS-Security: WS-Security allows you to sign SOAP messages, encrypt and decrypt them, or authenticate against them.

In the tutorial I can see the examples for authentication, signature or de/encryption.
But I wonder wheter the Framework really relies on the WS-Security-Standards.
Does anyone know some details on this topic?
I have read also that the Framework relies on XWSS (Metro Project)? Is that true?

A lot of questions, I know. Thanks in advance for some answers.
bad_habit

[tareq]

Spring-ws offers integration with XWSS and WSS4J. Both are WS-Security implementations and offer comparable features.
For more details I suggest you refer to the corresponding chapter in the reference doc.

[bad_habit]

Spring-ws offers integration with XWSS and WSS4J. Both are WS-Security implementations and offer comparable features.

Ok, now I can see that it is written in the documentation. That´s the problem with not to see the wood with the trees.
The programmer is able to choose between XWSS and WSS4J in using either the XwsSecurityInterceptor or the Wss4jSecurityInterceptor and then implements the preferred actions within the created Interceptor.

Thanks a lot for your help!
bad_habit