Manage policy sets using the administrative console

We can use policy sets, or assertions that define services, to simplify the web services configuration because policy sets group security and other web services settings into reusable units. We can use the administrative console to create, modify, and delete custom policy sets.

Before creating policy sets, first identify the security and other requirements of the web service.

We can only use policy sets with JAX-WS applications that run on the Axis2 web service engine. We cannot use policy sets for JAX-RPC applications.

We can use the administrative console to view and manage policy sets. From the administrative console, click Services > Policy sets > Application policy sets or Services > Policy sets > System policy sets. The Application policy sets collection displays a listing of the custom (if we have created custom policy sets) and default policy sets. Use the Application or System policy sets collection page to create, copy, delete, export, and import policy sets.

The following policy sets are ready for you to use as is.

• LTPA WSSecurity Default

• Kerberos V5 HTTPS default

• SSL WSTransaction

• Username SecureConversation

• Username WSSecurity default

• WS-Addressing default

• WSHTTPS default

• WS-I RSP ND

• WS-ReliableMessaging persistent

Depending on the assigned security role when security is enabled, you might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.

• View policy sets using the administrative console.

  Learn about the process of viewing and evaluating policy sets.

• Create policy sets using the administrative console.

  Learn about two ways to create policy sets: creating new policy sets or copying and renaming policy set templates.

• Modify policy sets using the administrative console.

  Learn how to edit custom policy sets we have created.

• Import policy sets using the administrative console.

  Learn how to import policy sets from the default repository or from a selected location.

• Export policy sets using the administrative console.

  Learn how to export policy sets.

• Delete policy sets using the administrative console.

  Learn how to delete custom policy sets. We can delete policy set templates and re-import them if needed.

• Manage policies in a policy set using the administrative console
  

  Learn how we can define policies with policy sets to secure messages.

• Define and manage policy set bindings
  

  Learn about configuring custom binding configurations.

Results

Use these tasks, we can determine how to create a new policy set and verify whether we can reuse an existing policy set. We can configure a policy set, and define policies for that policy set.

What to do next

Depending on how you are using policy sets, you might want to revisit some of the tasks listed in this topic to tweak the configuration for the policy set. We can also proceed to configure bindings for your policy set. See Defining binding information for policy sets.

Subtopics

• View policy sets using the administrative console
  We can use the administrative console to view lists of policy sets. Policy sets can either be default policy sets that we cannot edit or custom policy sets that we have created and can edit. We can use policy sets, or assertions that define services, to simplify the web services configuration because policy sets group security and other web services settings into reusable units.

• Create policy sets using the administrative console
  We can use the administrative console to either create a policy set by specifying all the necessary information or by copying an existing policy set that you rename. We can use policy sets, or assertions that define services, to simplify the web services configuration because policy sets group security and other web services settings into reusable units.

• Import policy sets using the administrative console
  We can import predefined policy sets or import policy sets from a selected location using the administrative console.

• Modify policy sets using the administrative console
  We can use the administrative console to modify existing custom policy sets that we have created. If we have copied an existing default policy set or created a policy set yourself, we can always go back and make changes to them to make them better suit the changing needs of the business.

• Delete policy sets using the administrative console
  We can use the administrative console to delete the default policy sets or the application specific policy sets that we have created.

• Define and manage policy set bindings
  Policy set bindings contain platform specific information, like keystore, authentication information or persistent information, required by a policy set attachment. Use this task to create and manage bindings.

• Attaching a policy set to a service artifact
  Attach a policy set to a service artifact, such as an application, service, endpoint or operation, to define the quality of services that are supported. Policy sets can define the policies for WS-Addressing, WS-Security, WS-ReliableMessaging, WS-Transaction, HTTP transport, Java Messaging Service (JMS) transport, and SSL transport.

• (dist)(zos) Attached deployed assets collection
  Use this page to view assets that are attached to a policy set, detach or replace a policy set.

• Manage policies in a policy set using the administrative console
  When working with policy sets in the administrative console, we can customize the included policies to ensure message security. We can enable, disable, customize, add, or delete policies from a policy set. With the policy sets, we can define policies for WS-Addressing, WS-Security, WS-ReliableMessaging, WS-Transaction, HTTP transport, Java Messaging Service (JMS) transport, and SSL transport. The policies for all but WS-Security are relatively straightforward to define.

• Export policy sets using the administrative console
  We can export policy sets between a client and a provider or between servers using the administrative console.

• Implement policy sets for unmanaged clients
  Policy sets can simplify the quality of service configuration for web services by combining configuration settings for services like addressing, messaging, and security. To use policy sets in an unmanaged client, structure the policy sets in a way that is consumable by the client on the command-line invocation.

• Application policy sets collection
  Use this page to manage policy sets. We can create, copy, export, and import policy sets. We can also view or delete existing policy sets. We can use policy sets, or assertions that define services, to simplify the web services configuration because policy sets group security and other web services settings into reusable units.

• Application policy set settings
  Use this page to view, create, enable or disable the policy sets. We can use policies, or assertions that define services, to simplify the web services configuration.

• Search attached applications collection
  Use this page to search for applications and other resources that are attached to a specific policy set or to search for applications and other resources that have attached service resources.

• (dist)(zos) Mapping SCA abstract intents and managing policy sets
  Use this task topic to specify abstract intents that represent a quality of service (QoS) for a service or reference that uses the Service Component Architecture (SCA) web service binding. Most intents must be mapped to policy sets that can satisfy those intents during deployment to achieve the QoS required.

• Web services policy sets
  Policy sets are assertions about how services are defined. They are used to simplify the quality of service configuration for web services.

• Overview of migrating policy sets and bindings
  Policy sets are migrated during the product migration from Version 6.1 Feature Pack for Web Services or Version 7.0 to Version 8.0. The different rules that apply to migrating policy sets and bindings are described. For information about migrating the version of the product that you are running, see migrating and coexisting.

Related tasks

View service providers at the cell level using the administrative console

View the detail of a service provider and managing policy sets using the administrative console

Use WS-Policy to exchange policies in a standard format

Configure application and system policy sets for web services

Create policy sets

Create policy set attachments

Remove policy set attachments

Manage policy set attachments

System policy set collection

Service providers collection at the cell level

Service provider settings

Administrative roles