WS-Policy
WS-Policy is an interoperability standard that is used to describe and communicate the policies of a web service so that service providers can export policy requirements in a standard format. Clients can combine the service provider requirements with their own capabilities to establish the policies required for a specific interaction.
WebSphere® Application Server conforms to the web services Policy Framework (WS-Policy) specification. You can use the WS-Policy protocol to exchange policies in standard format. A policy represents the capabilities and requirements of a web service, for example whether a message is secure and how to secure it, and whether a message is delivered reliably and how this is achieved. You can communicate the policy configuration to any other client, service registry, or service that supports the WS-Policy specification, including non-WebSphere Application Server products in a heterogeneous environment.
For a service provider, the policy configuration can be shared in published Web Services Description Language (WSDL), in WSDL that is obtained by a client by using an HTTP GET request, or by using the Web Services Metadata Exchange (WS-MetadataExchange) protocol. The WSDL is in the standard WS-PolicyAttachments format.
For a client, the client can obtain the policy of the service provider in the standard WS-PolicyAttachments format and use this information to establish a configuration that is acceptable to both the client and the service provider. In other words, the client can be configured dynamically, based on the policies supported by its service provider. The provider policy can be attached at the application or service or service reference level.
- You can specify transport level security on client WSDL acquisition. You can attach a system policy set to either an HTTP GET request or a WS-MetadataExchange request when obtaining provider policy. See the Configuring the client policy to use a service provider policy topic for further information.
- You can specify a policy set and binding for a service reference that is different from the policy set attachment for the service. By default, service references inherit their policy set and WS-Policy configuration from their parent service, however, if desired, the policy set and WS-Policy configuration can be overwritten. See the Using WS-Policy to exchange policies in a standard format topic and its child topics for further details.
- You can enable and configure WS-Addressing support on a client or service provider by adding WS-Policy assertions into the WSDL document. WebSphere Application Server will now process WS-Addressing information held within the WS-Policy aspect of an application's WSDL document and use it in the configuration of that application. See the Enabling Web Services Addressing support for JAX-WS applications using WS-Policy topic for further information.
- You can publish policy configuration relating to WS-Addressing based on JSR109 deployment descriptors or JAX-WS 2.2 features or annotations, as well as information based on policy sets. This ensures that the policy information published matches the run time behavior of the service. See the Web service providers and policy configuration sharing topic for further information.
- WS-Policy. See Web Services Policy 1.5
- WS-Addressing. See Web Services Addressing 1.0 - Metadata.
- WS-AtomicTransaction. See Web Services Atomic Transaction Version 1.0, Web Services Atomic Transaction Version 1.1 and Web Services Atomic Transaction Version 1.2.
- WS-ReliableMessaging. See Web Services Reliable Messaging Policy Assertion Version 1.0 and Web Services Reliable Messaging Policy Assertion Version 1.1.
- WS-SecurityPolicy. See WS-SecurityPolicy 1.2.
- WS-Addressing policy settings
- WS-ReliableMessaging settings
- WS-Security policy settings
- WS-Transaction policy settings