Hello,

I've got the feeling to ask a dummy question, however, I'm wondering how I could configure a JAX-WS Service implemented with Spring-WS?

I'm using Spring-WS 1.5.7, Spring 2.5.6 and Tomcat 6.

In the Reference (http://static.springsource.org/sprin.../security.html) I've found following note:

Note that WS-Security (especially encryption and signing) requires substantial amounts of memory, and will also decrease performance. If performance is important to you, you might want to consider not using WS-Security, or simply use HTTP-based security.
ok, so how can I configure such HTTP-based security?

1. By configuring Tomcat to do BASIS Auth?
2. By configuring Spring-Security?

What options do I have with Spring-Security if I wanna do authorization on the transport level (similar to webapplications using the springSecurityFilterChain)?

THanks in advance

Kuno