The package contains WS-Security security provider's high-level runtime API, constants, validation interface and custom security token framework.

The conf subpackage contains low-level runtime API and configuration interfaces. Often required constants (e.g., algorithms and property values) is defined in the Constants.

High-level runtime API (entry point is MessageSecurity) allows application programmer to easily secure SOAP messages with WS-Security.

The IncomingValidator is an interface that must be implemented by application programmer who want to see and/or validate WS-Security configuration of incoming messages.

The SecurityTokenSPI, SecurityTokenHandlerSPI and SecurityContext provides framework for implementation of custom security tokens.