Policies define the type of Web service policy based on the quality
of service type. Policies are initially set with default settings but the
attributes can be edited and changed.
Provided policies include:
- WS-Addressing
- Based on the Worldwide Web Consortium (W3C) WS-Addressing specifications
for Web services. This family of specifications provide transport-neutral
mechanisms to address Web services and to facilitate end-to-end addressing.
This specification provides asynchronous support.
- WS-Security
- Based on the WS-Secure Conversation (WS-SC) and WS-Security specifications
along with the associated token profiles. The WS-Security specification and
its associated token profiles define a way to send security tokens and provide
message integrity and confidentiality. The WS-Secure Conversation specification
establishes a secure context, based on shared keys, for the client and server
to use for a series of messages. This standard provides a framework across
organizations that defines how to secure the entire conversation. Use the
WS-Security policy to define how the SOAP messages are secured. It has options
such as:
- which message parts are signed and encrypted
- the tokens types to be included
- whether to use symmetric or asymmetric cryptography
You can also use WS-Security policies to define the bootstrap policy
that is used to acquire security context tokens. Security context tokens are
used by secure conversation.
- WS-Reliable Messaging (WS-RM)
- This specification enables the sender and receiver to assure the quality
of services in a set of messages. It helps the application developer deal
with latency issues, maintenance interruption, and other problems that prevent
messages from being completed. This quality assurance is critical for stateful
applications.
- WS-Transaction
- This specification provides support for atomic transaction for Web services
applications. You can enable WS-Transaction on both the client (outbound)
and server (inbound) side by attaching a policy set that enables the WS-Transaction
policy as part of the policy set.
- HTTP Transport
- The HTTP transport policy applies the HTTP features and HTTP connections
polices to outbound messages. The response listener policy is enforced on
inbound messages.
- SSL Transport
- Provides SSL transport security for the HTTP protocol with Web services
applications.