Defining web service policy via policy attachment

In Liberty, you can define your web service policy (WS-Policy) within either policy attachment or Web Services Description Language (WSDL) file of a web service application.

About this task

When WSDL file is not packaged in your application, you can use the policy attachment to configure the WS-Policy for your web service application. Policy attachment feature is often enabled automatically to your web service application package when you enable Java API for XML Web Services (JAX-WS) 2.2 feature. You only need to configure both web services client and provider sides to define the application's WS-Policy Attachment file.

The WS-Policy support is an implementation of the following specifications on the application server.
  • WS-Policy is a specification that web services can use XML to advertise their policies on security, quality of service, and for web service consumers to specify their policy requirements. For more information, see Web Services Policy 1.5 - Framework.
  • WS-Policy Attachment defines two general-purpose mechanisms for associating policies, as defined in Web Services Policy Framework, with the subjects to which they apply. For more information, see Web Services Policy 1.2 - Attachment.

Procedure

  1. Create policy-attachments-client.xml file or policy-attachments-server.xml file.

    The following example shows you how to define the attributes in policy-attachments-client.xml file or policy-attachments-server.xml file:

    <attachments
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wsp="http://www.w3.org/ns/ws-policy"
    xmlns:wsa="http://www.w3.org/2005/08/addressing"
    xmlns:sp13="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802"
    xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
    <wsp:PolicyAttachment wsdlNamespace="http://tempuri.org/AreaService/">
    	<wsp:AppliesTo>
    	   <wsp:URI>http://tempuri.org/AreaService/#wsdl11.service(AreaService)</wsp:URI>
    	</wsp:AppliesTo>
    	<wsp:Policy wsu:Id="UsernameTokenwithPasswordHashoverSSL">
    	   <wsp:ExactlyOne>
    	       <wsp:All>
    		   <sp:SupportingTokens>
    			<wsp:Policy>
    		          <sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
    			      <wsp:Policy>
    				  <sp:WssUsernameToken10 />
    				  <sp:HashPassword />
    			      </wsp:Policy>
    			   </sp:UsernameToken>
    			</wsp:Policy>
    		   </sp:SupportingTokens>
    		</wsp:All>
    	   </wsp:ExactlyOne>
    	</wsp:Policy>
    </wsp:PolicyAttachment>
    </attachments>
    There are two ways of binding policy:
    • Define web service URL directly by using Endpoint DomainExpression <wsa:EndpointReference> as follows.
      <wsp:AppliesTo>
         <wsa:EndpointReference>
             <wsa:Address>http://localhost:8091/wsatApp/HelloImplService</wsa:Address>
         </wsa:EndpointReference>
      </wsp:AppliesTo>
    • Bind policy by using URI DomainExpression <wsp:URI> as follows.
      <wsp:AppliesTo>
          <wsp:URI>http://server.test.ws.ibm.com/#wsdl11.service(HelloImplService)</wsp:URI>
      </wsp:AppliesTo>
        

      The following table shows you the WSDL elements and their identifier expressions in the policy attachment file:

      Table 1. <wsp:URI> Expression list
      WSDL Element Identifier Expression (Omit targetNamespace)
      Definitions wsdl11.definitions()
      Message wsdl11.message(message)
      Message/part wsdl11.messagePart(message / part)
      portType wsdl11.portType(portType)
      portType/operation wsdl11.portTypeOperation(portType/operation)
      portType/operation/input wsdl11.portTypeOperation.input(portType/operation)
      portType/operation/output wsdl11.portTypeOperation.output(portType/operation)
      portType/operation/fault wsdl11.portTypeOperation.fault(portType/operation/fault)
      Binding wsdl11.binding(binding)
      Binding/operation wsdl11.bindingOperation(binding/operation)
      Binding/operation/input wsdl11.bindingOperation.input(binding/operation)
      Binding/operation/output wsdl11.bindingOperation.output(binding/operation)
      Binding/operation/fault wsdl11.bindingOperation.fault(binding/operation/fault)
      Service wsdl11.service(service)
      port wsdl11.port(service/port)
  2. Put the policy-attachments-client.xml file or policy-attachments-server.xml file into your application’s WEB-INF or META-INF folder.
    • Put policy-attachments-client.xml into your application’s WEB-INF or META-INF folder for web service client’s WS-Policy.
    • Put policy-attachments-server.xml into your application’s WEB-INF or META-INF folder for web service provider’s WS-Policy.

Results

You complete to define the WS-Policy via policy attachment without WSDL file packaged in your application.

Icono que indica el tipo de tema Tema de tarea



Icono de indicación de fecha y hora Última actualización: Tuesday, 6 December 2016
http://www14.software.ibm.com/webapp/wsbroker/redirect?version=cord&product=was-nd-mp&topic=twlp_dep_policyattach
Nombre de archivo:twlp_dep_policyattach.html