Network Deployment (Distributed operating systems), v8.0 > Develop and deploying applications > Develop web services - Addressing (WS-Addressing) > Enable Web Services Addressing support for JAX-WS applications > Enable Web Services Addressing support for JAX-WS applications using policy sets > Create policy sets
WS-I RSP default policy sets
The Reliable Asynchronous Message Profile (WS-I RSP) default policy sets are based on the Reliable Asynchronous Message Profile specification. The WS-I RSP default policy sets include the WS-I RSP default policy set, the Lightweight Third-Party Authentication (LTPA) WS-I RSP default policy set and the Username WS-I RSP default policy set. We can use these policy sets to simplify your web services configuration.
The WS-I RSP default policy sets are composed of a set of policies to provide reliable and secure web services. The WS-I RSP default policy sets use the WS-Addressing, WS-ReliableMessaging, and WS-Security specifications. Use the WS-I RSP default policy set, the LTPA WS-I RSP default policy set, or the Username WS-Security WS-I RSP default policy set as provided with the application server.
To customize the policy sets, first copy the policy set, and then configure custom policy settings and bindings to meet your needs.
The WS-I RSP default policy sets include the following policies:
WS-Addressing policy
We can use the WS-Addressing policy to enable the addressing capability of the WS-Addressing specification.
WS-ReliableMessaging policy
We can use the WS-ReliableMessaging policy to specify the quality of service for reliable delivery.
WS-Security policy
The WS-Security policy in the WS-I RSP default policy set provides the following security:
- Message integrity through digital signature that includes signing the body, time stamp, WS-Addressing headers and WS-ReliableMessaging headers using the WS-SecureConversation and WS-Security specifications.
- Confidentiality through encryption that includes encrypting the body, signature elements, using the WS-SecureConversation and WS-Security specifications.
- Traditional RSA cryptography is used to secure a request to a Trust Server to obtain a Secure Context Token (SCT). Thereafter, the conversation is secured using symmetric keys derived from the SCT.
The application server provides additional policy sets that you can use or customize. To use the following default policy sets, import the policy sets from the default repository. Read about importing policy sets for more information.
The following WS-I RSP default policy sets exist:
WS-I RSP default
This policy set provides:
- Reliable message delivery to the intended receiver by enabling WS-ReliableMessaging.
- Message integrity through digital signature that includes signing the body, time stamp, WS-Addressing headers and WS-ReliableMessaging headers using the WS-SecureConversation and WS-Security specifications.
- Confidentiality through encryption that includes encrypting the body, signature elements, using the WS-SecureConversation and WS-Security specifications.
LTPA WS-I RSP default
This policy set provides the WS-I RSP default policy set and adds a Lightweight Third Party Authentication (LTPA) token included in the request message to authenticate the client to the service.
Username WS-I RSP default
This policy set provides the WS-I RSP default policy set and adds a username token included in the request message to authenticate the client to the service. The username token is encrypted in the request.
Web services policy sets
Import policy sets
Create policy sets