The Apache WSS4J™ project provides a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC. WSS4J provides an implementation of the following WS-Security standards:
November 2023 - The Apache WSS4J team are pleased to announce the release of versions 3.0.2 and 2.4.3. These releases contain an upgrade to XML Security to pick up a recent CVE fix.
July 2023 - The Apache WSS4J team are pleased to announce the release of versions 3.0.1, 2.4.2 and 2.3.4. These releases contain a fix for a bug with STR Transform and contain dependency updates.
October 2022 - The Apache WSS4J team are pleased to announce the release of version 3.0.0. This is a major new release of WSS4J. Significant changes:
Please see the 3.0.0 release notes for more information.
February 2022 - The Apache WSS4J team are pleased to announce the release of version 2.4.1. It fixes an issue with the timestamp in the WSS4J jars being invalid.
November 2021 - The Apache WSS4J team are pleased to announce the release of version 2.4.0. This release contains relatively few changes, but picks up a new major version of Apache Santuario - XML Security for Java (2.3.0)
September 2021 - The Apache WSS4J team are pleased to announce the release of versions 2.3.3 and 2.2.7. The main changes for these releases are updates to fix CVE issues in a few dependencies.
December 2020 - The Apache WSS4J team are pleased to announce the release of versions 2.3.1 and 2.2.6. Please see the 2.3.1 release notes and 2.2.6 release notes for more information.
June 2020 - The Apache WSS4J team are pleased to announce the release of version 2.3.0. This is a major new release of WSS4J. Significant changes:
Please see the 2.3.0 release notes for more information.