Implement policy sets for unmanaged clients

Policy sets can simplify your quality of service configuration for web services by combining configuration settings for services like addressing, messaging, and security. To use policy sets in an unmanaged client, structure the policy sets in a way that is consumable by the client on the command-line invocation.

Before creating policy sets or changing existing policy sets, first identify the security and other requirements of the web service.

Use policy sets only with JAX-WS applications that run on the Axis2 web service engine. We cannot use policy sets for JAX-RPC applications.

Policy sets are assertions about how services are defined, and we can use them to control web services at the application or system level. Policy sets can be maintained through the application server for deployed services, but if we are using a thin client, which is unmanaged, configure the policy sets manually to take advantage of them.

Tasks

1. Create a policy set, or export an existing policy set from the application server.

   • For a new policy set, create the policy set files through scripting or the administrative console. For more information about managing web services policy sets, see the Manage policy sets topic.

   • To export an existing policy set:

     1. Select Services > Policy sets > policy_set_type

     2. Select the policy set to export from the list.

     3. Click Export...

     4. Click the policy set name to download the archive file.

2. Place the policy set files in the META-INF directory so they can be used by the unmanaged client.

   If we exported a policy set from the application server, we must extract the policy set files from the archive, and place them in the META-INF directory. The following is an example of the file structure of a policy set collection:

     -META-INF
        -PolicySets
           -policy_set1
               policySet.xml
               -PolicyTypes
                  -policy_type1
                     policy.xml 
                  -policy_type2
                     policy.xml
           -policy_set2
            ...
   

3. Create the clientPolicyAttachments.xml file, which references the policy sets to implement, and place it in the META-INF directory.

   1. Create the clientPolicyAttachments.xml file in Rational Application Developer or another development tool. The following sample is an example of a clientPolicyAttachments.xml file:

      <?xml version="1.0" encoding="UTF-8" standalone="yes"?>
      <psa:PolicySetAttachment 
           xmlns:psa="http://www.ibm.com/xmlns/prod/websphere/200605/policysetattachment"
           xmlns:ps="http://www.ibm.com/xmlns/prod/websphere/200605/policyset">
          <psa:PolicySetReference name="policy_set1" id="1342">
              <psa:Resource pattern="WebService:/">
              </psa:Resource>
          </psa:PolicySetReference>
      </psa:PolicySetAttachment>
      

   2. Verify that the clientPolicyAttachments.xml file is in the META-INF directory.

4. Create an application specific or general client.policy set binding that is compatible with the policy set. We can export a general binding from the application server, or use a development tool like Rational Application Developer to create an application-specific binding. For more information about bindings, see Define and manage policy set bindings. To export a binding from the application server:

   1. Select Services > Policy sets > General client policy set bindings

      

   2. Select the binding to export from the list.

   3. Click Export...

   4. Click the binding name to download the archive file.

5. Place the binding files in the META-INF directory so they can be used by the unmanaged client.

   If we exported bindings from the application server, we must extract the files from the archive, and place them in the META-INF directory. The file structure differs if we are using general bindings or application-specific bindings:

   • Here is an example of a set of general bindings, which are in the bindings subdirectory:

     -META-INF
        -bindings
           -binding1
               bindingDefinition.xml
               -PolicyTypes
                  -policy_type1
                      bindings.xml
                  -policy_type2
                      bindings.xml</p><p>
           -binding2
            ...
     

   • Here is an example of an application-specific binding, for which there is no bindings subdirectory:

     -META-INF
        -binding1
           bindingDefinition.xml
             -PolicyTypes
                -policy_type1
                   bindings.xml 
                -policy_type2
                   bindings.xml
        -binding2
          ...
     

6. Verify that the location of the policy set and bindings are in the class path when we start your thin client. For example, we can specify the class path on the command line:

   java -cp policy_set/ my_client
   

Related:

Web services policy sets

Manage policy sets

Define and manage policy set bindings