Policies based on WS-SecurityPolicy | WS-Security Facility Policies |
The policies work with the WS-SecurityPolicy 1.2 standard. | The policies are a proprietary format. |
You can attach the same policy to both consumer and provider web service descriptors. | A policy is specific to either a consumer web service descriptor or a provider web service descriptor. |
The policies support using SAML authentication by including a standard SAML token. | WS-Security facility does not support SAML authentication. |
The policies enforce signing the Timestamp tokens that are added to the security header. | The policies did not require that the Timestamp tokens be signed. |