WS-SecureConversation support in CXF builds apon the WS-SecurityPolicy implementation to handle the SecureConverstationToken policy assertions that could be found in the WS-SecurityPolicy fragment.
Note: Because the WS-SecureConversation support builds on the WS-SecurityPolicy support, this is currently only available to "wsdl first" projects.
One of the "problems" of WS-Security is that the use of strong encryption keys for all communication extracts a hefty performance penalty on the communication. WS-SecureConversation helps to aleviate that somewhat by allowing the client and service to use the strong encryption at the start to negotiatate a set of new security keys that will be used for furthur communication. This can be a huge benefit if the client needs to send many requests to the service. However, if the client only needs to send a single request and then is discarded, WS-SecureConversation is actually slower as the key negotiation requires and extra request/response to the server.