ok.. Thanks for your reply..
and then if i only use EJB3.0 exposed as WebService through JAX-WS, how to secure it?..
and then, whether learn or implement only EJB3.0 exposed as WebService through JAX-WS is enough for developing "Real WebService"?.. or do we still need any implementation again (such as Metro and Axis2)?..
Thanks..