WAS v8.5 > End-to-end paths > Web services - Policy (WS-Policy) > Use WS-Policy to exchange policies in a standard formatWS-Policy
WS-Policy is an interoperability standard used to describe and communicate the policies of a web service so that service providers can export policy requirements in a standard format. Clients can combine the service provider requirements with their own capabilities to establish the policies required for a specific interaction.
WebSphere Application Server conforms to the web services Policy Framework (WS-Policy) specification. We can use the WS-Policy protocol to exchange policies in standard format. A policy represents the capabilities and requirements of a web service, for example whether a message is secure and how to secure it, and whether a message is delivered reliably and how this is achieved. We can communicate the policy configuration to any other client, service registry, or service that supports the WS-Policy specification, including non-WAS products in a heterogeneous environment.
For a service provider, the policy configuration can be shared in published WSDL, in WSDL that is obtained by a client using an HTTP GET request, or using the Web Services Metadata Exchange (WS-MetadataExchange) protocol. The WSDL is in the standard WS-PolicyAttachments format.
For a client, the client can obtain the policy of the service provider in the standard WS-PolicyAttachments format and use this information to establish a configuration that is acceptable to both the client and the service provider. In other words, the client can be configured dynamically, based on the policies supported by its service provider. The provider policy can be attached at the application or service or service reference level.
The following features were introduced in the JAX-WS 2.2 specification, which WAS supports from v8:
- We can specify transport level security on client WSDL acquisition. We can attach a system policy set to either an HTTP GET request or a WS-MetadataExchange request when obtaining provider policy. See the "Configuring the client policy to use a service provider policy" topic for further information.
- We can specify a policy set and binding for a service reference that is different from the policy set attachment for the service. By default, service references inherit their policy set and WS-Policy configuration from their parent service, however, if desired, the policy set and WS-Policy configuration can be overwritten. See the "Using WS-Policy to exchange policies in a standard format" topic and its child topics for further details.
- We can enable and configure WS-Addressing support on a client or service provider by adding WS-Policy assertions into the WSDL document. WAS will now process WS-Addressing information held within the WS-Policy aspect of an application's WSDL document and use it in the configuration of that application. See the "Enabling Web Services Addressing support for JAX-WS applications using WS-Policy" topic for further information.
- We can publish policy configuration relating to WS-Addressing based on JSR109 deployment descriptors or JAX-WS 2.2 features or annotations, as well as information based on policy sets. This ensures the policy information published matches the run time behavior of the service. See the "Web service providers and policy configuration sharing" topic for further information.
The WS-Policy assertion specifications that are supported in this version of WAS are:
- WS-Policy. See Web Services Policy 1.5
- WS-Addressing. See Web Services Addressing 1.0 - Metadata.
- WS-AtomicTransaction. See Web Services Atomic Transaction v1.0, Web Services Atomic Transaction v1.1 and Web Services Atomic Transaction v1.2.
- WS-ReliableMessaging. See Web Services Reliable Messaging Policy Assertion v1.0 and Web Services Reliable Messaging Policy Assertion v1.1.
- WS-SecurityPolicy. See WS-SecurityPolicy 1.2.
For details of the WS-Policy domains that are supported, see the following topics:
- WS-Addressing policy settings
- WS-ReliableMessaging settings
- WS-Security policy settings
- WS-Transaction policy settings
Subtopics
- Web service providers and policy configuration sharing
A WAS service provider can share its current policy configuration through its Web Service Description Language (WSDL). The policy configuration is in standard WSDL WS-PolicyAttachment format so that it can be shared with other clients, service registries, or services that support the Web Services Policy (WS-Policy) specification.- Web service clients and policy configuration to use the service provider policy
If a service provider publishes its policy in its WSDL, the policy configuration of a WAS service client can be configured dynamically, based on the policies supported by its service provider.- WS-MetadataExchange requests
We can use the Web Services Metadata Exchange (WS-MetadataExchange) GetMetadata request to exchange Web Services Description Language (WSDL) that is annotated with WS-Policy information. A service provider can use a WS-MetadataExchange request to share its policies, and a service client can use a WS-MetadataExchange request to apply the policies of a provider. We can secure WS-MetadataExchange requests using transport-level or message-level security.
Reference:
WS-Addressing policy settings
WS-ReliableMessaging settings
WS-Security policy settings
WS-Transaction policy settings
Related information:
Web Services Policy 1.5 - Attachment
Web Services Addressing 1.0 - Metadata
Web Services Atomic Transaction v1.0
Web Services Atomic Transaction v1.1
Web Services Atomic Transaction v1.2
Web Services Reliable Messaging Policy Assertion v1.0
Web Services Reliable Messaging Policy Assertion v1.1