System policy sets
A policy set is a named collection of Quality of Service (QoS) policies. You can use either the administrative console or the wsadmin commands to manage system policy sets. Policy sets can be created, deleted, copied, imported or exported.
A policy set can be shared by multiple resources, such as applications, services, inbound or outbound service endpoints, and operations. Default policy sets are installed using profile augmentation. A policy set can also be imported. A policy set does not have its own bindings. You must attach a policy set to a resource, and then assign a binding to the attachment.
A client application can dynamically select a policy suite (reference by name from an application-level policy suites list). Options shown in the administrative console list are based on the type of template that is selected to create the policy set. For example, the SecureConversation policy type is made up of policies for both WSSecurity and WSAddressing.
- Application policy sets
- System/trust policy sets
- TrustServiceSecurityDefault
This trust policy set specifies the asymmetric algorithm as well as the public and private keys to provide message security. Message integrity is provided by digitally signing the body, time stamp, and WS-Addressing headers using RSA. Message confidentiality is provided by encrypting the body and signature using RSA. This policy set follows the WS-Security specifications for the issue and renew trust operation requests.
- TrustServiceSymmetricDefault
This policy set specifies the symmetric algorithm as well as the derived keys to provide message security. Message integrity is provided by digitally signing the body, time stamp, and WS-Addressing headers using HMAC-SHA1. Message confidentiality is provided by encrypting the body and signature using AES. This policy set follows the WS-Security and Secure Conversation specifications for validate and cancel trust operation requests.
- SystemWSSecurityDefault
This policy set specifies the asymmetric algorithm and both the public and private keys to provide message security. Message integrity is provided by digitally signing the body, time stamp, and WS-Addressing headers using RSA encryption. Message confidentiality is provided by encrypting the body and signature using RSA encryption
- Custom properties
- HTTP transport
- JMS transport
- SSL Transport
- WS-Addressing
- WS-Security