+

Search Tips   |   Advanced Search

System policy sets

A policy set is a named collection of Quality of Service (QoS) policies. We can use either the console or the wsadmin commands to manage system policy sets. Policy sets can be created, deleted, copied, imported or exported.

A policy set can be shared by multiple resources, such as applications, services, inbound or outbound service endpoints, and operations. Default policy sets are installed using profile augmentation. A policy set can also be imported. A policy set does not have its own bindings. We must attach a policy set to a resource, and then assign a binding to the attachment.

When attempting to connect to a web service from a thin client, verify that the resources that you are specifying are valid before running the updatePolicySetAttachment command. No configuration changes are made if the requested resource does not match a resource in the attachment file for the application.

A client application can dynamically select a policy suite (reference by name from an application-level policy suites list). Options shown in the console list are based on the type of template that is selected to create the policy set. For example, the SecureConversation policy type is made up of policies for both WSSecurity and WSAddressing.

There are two types of policy sets:

WebSphere Application Server provides predefined system policy sets. For example, WebSphere Application Server provides the following system policy sets by default for the security trust service:

We cannot edit default system policy sets. However, we can create our own custom system policy set, which can be edited later. Copy or export a default or existing custom system policy set to create the new custom policy set. System policy sets can also be imported from a predefined location, or from the default repository. Add one or more policies to each policy set. For example, add any of the following existing policies:

The HTTP transport policy can be used for HTTPS, basic authorization, compression, and binary encoding transport methods.