You can use policy sets, or assertions that define services,
to simplify your web services configuration because policy sets group
security and other web services settings into reusable units. You
can use the administrative console to create, modify, and delete custom
policy sets.
Before you begin
Before creating policy sets, first identify the security and
other requirements of the web service.
Note: You
can only use policy sets with JAX-WS applications that run on the
Axis2 web service engine. You cannot use policy sets for JAX-RPC applications.
About this task
You can use the administrative console to view and manage
policy sets. From the administrative console, click or . The Application policy
sets collection displays a listing of the custom (if you have created
custom policy sets) and default policy sets. Use the Application or
System policy sets collection page to create, copy, delete, export,
and import policy sets.
The
following policy sets are ready for you to use as is.
- LTPA WSSecurity Default
- Kerberos V5 HTTPS default
- SSL WSTransaction
- Username SecureConversation
- Username WSSecurity default
- WS-Addressing default
- WSHTTPS default
- WS-I RSP ND
- WS-ReliableMessaging persistent
Depending on your assigned security role
when security is enabled, you might not have access to text entry
fields or buttons to create or edit configuration data. Review the
administrative roles documentation to learn more about the valid roles
for the application server.
Procedure
Results
Using these tasks, you can determine how to create a new policy
set and verify whether you can reuse an existing policy set. You can
configure a policy set, and define policies for that policy set.
What to do next
Depending on how you are using policy sets, you might want
to revisit some of the tasks listed in this topic to tweak the configuration
for your policy set. You can also proceed to configure bindings for
your policy set. See Defining binding information for policy sets.