WS-Policy is an interoperability
standard that is used to describe and communicate the policies of
a web service so that service providers can export policy requirements
in a standard format. Clients can combine the service provider requirements
with their own capabilities to establish the policies required for
a specific interaction.
WebSphere® Application Server conforms
to the web services Policy Framework (WS-Policy) specification. You
can use the WS-Policy protocol to exchange policies in standard format.
A policy represents the capabilities and requirements of a web service,
for example whether a message is secure and how to secure it, and
whether a message is delivered reliably and how this is achieved.
You can communicate the policy configuration to any other client,
service registry, or service that supports the WS-Policy specification,
including non-WebSphere Application Server products
in a heterogeneous environment.
For a service provider, the
policy configuration can be shared
in published Web Services Description Language (WSDL), in WSDL that
is obtained by a client by using an HTTP GET request, or by using
the Web Services Metadata Exchange (WS-MetadataExchange) protocol.
The WSDL is in the standard WS-PolicyAttachments format.
For a client, the client can obtain the policy of the service provider
in the standard WS-PolicyAttachments format and use this information
to establish a configuration that is acceptable to both the client
and the service provider. In other words, the client can be configured
dynamically, based on the policies supported by its service provider.
The provider policy can be attached at the application or service or service reference level.
New feature: The following
features were introduced in the JAX-WS 2.2 specification, which
WebSphere Application Server Version 8 supports:
- You can specify transport level security on client WSDL acquisition.
You can now attach a system policy set to either an HTTP GET request
or a WS-MetadataExchange request when obtaining provider policy. See
the "Configuring the client policy to use a service provider policy"
topic for further information.
- You can specify a policy set
and binding for a service reference
that is different from the policy set attachment for the service.
By default, service references inherit their policy set and WS-Policy
configuration from their parent service, however, if desired, the
policy set and WS-Policy configuration can be overwritten. See the
"Using WS-Policy to exchange policies in a standard format" topic
and its child topics for further details.
- You can enable and
configure WS-Addressing support on a client
or service provider by adding WS-Policy assertions into the WSDL document. WebSphere Application Server will now process
WS-Addressing information held within the WS-Policy aspect of an application's
WSDL document and use it in the configuration of that application.
See the "Enabling Web Services Addressing support for JAX-WS applications
using WS-Policy" topic for further information.
- You can publish
policy configuration relating to WS-Addressing
based on JSR109 deployment descriptors or JAX-WS 2.2 features or annotations,
as well as information based on policy sets. This ensures that the
policy information published matches the run time behavior of the
service. See the "Web service providers and policy configuration sharing"
topic for further information.
newfeat
The WS-Policy
assertion specifications that are supported in this
version of
WebSphere Application Server are:
For
details of the WS-Policy domains that are supported, see the
following topics:
- WS-Addressing policy settings
- WS-ReliableMessaging
settings
- WS-Security policy settings
- WS-Transaction
policy settings