I have developed webservice for my clients who access it over VPN(Mostly Telecom provides access over it for sake of security)
Keeping in view above scenario do i required to implement WSSecurity for my webservice?
if yes then what type of policy should use?
Update:
I want to highlight one point that multiple customers are connected with one server. Different webservices are exposed to different customers. so to restrict one client to access other client webservice we have to implement some username password policy.
Please comment.
Regards, imran