How to enable WS-Security (Rampart) in a Axis2 JAX-WS service (provider side)?

Is it possible to specify security policy assertions when deploying a JAX-WS service in Axis2? So far I found only one way which is to configure policy globally (i.e. in axis2.xml). But can it be done inside a 开发者_运维问答JAXWS JAR?

According to the Rampart documentation,

All Rampart builders are listed in the META-INF/services/org.apache.neethi.builders.AssertionBuilder file. When adding a new Policy assertion it requires only a builder, assertion model, and an entry in the file.

and it explicitly names a JAR-based location approach which seems to fit with what you're looking for.

You can add WS-Policy configuration for a service in the service.xml for the specific service.

The Rampart samples shows how this works, take a look here.