In this chapter, we have seen how WS-Security can be used in both .NET and Java to securely access Web services on either platform. In terms of interoperability, we've seen how a .NET client can sign and encrypt a request to a Java Web serviceand vice versaallowing a common method of Web services security regardless of the platform.
WS-Security is one of the most compelling specifications to be written. For the first time, the requirement for the transport to be responsible for the security of a message between a client and service has been removed. This change is highly significant because it allows the transport to be changed or replaced at any time without compromising the security of the overall system. I believe this will be one of the most widely adopted WS-* specifications.
This concludes our chapter on WS-Security. We'll continue looking at advanced interoperability with Web services in the next chapter by investigating how binary attachments can be exchanged between clients in both .NET and Java.