Define and manage service client or provider bindings
Service client or provider bindings are general bindings. Create, copy, and manage general bindings such as the client or provider policy set bindings. These bindings provide system-specific configuration and can be reused across policy set attachments.
We cannot assign a binding to a service provider resource that does not have a policy set or has an inherited attachment. To assign a binding to such a service provider resource, first attach a policy set to the resource. Also, we cannot assign a binding to a service client resource that does not have an effective policy configuration or has an inherited policy attachment. To assign a binding to such a service client resource, first attach a policy set or specify the use of the provider policy. See attaching a policy set to a service artifact.
There are two types of bindings, application specific bindings and general bindings.
- Application specific binding
Create application specific bindings only at a policy set attachment point. These bindings are specific to and defined by the characteristics of the policy. Application specific bindings are capable of providing configuration for advanced policy requirements, such as multiple signatures; however, these bindings are only reusable within an application. Furthermore, application specific bindings have limited reuse across policy sets.
When we create an application specific binding for a policy set attachment, the binding begins in an unconfigured state. We must add each policy, such as WS-Security or HTTP transport, to override the default binding and fully configure the bindings for each policy that we have added. For WS-Security policy, some high level configuration attributes such as TokenConsumer, TokenGenerator, SigningInfo, or EncryptionInfo might be obtained from the default bindings if they are not configured in the application specific bindings.
For service providers, we can only create application specific bindings by selecting...
Assign Binding > New Application Specific Binding for service provider resources that have an attached policy set
Similarly, for service clients, we can only create application specific bindings by selecting...
Assign Binding > New Application Specific Binding for service client resources that have an attached policy set
- General bindings
General bindings can be configured to be used across a range of policy sets and can be reused across applications and for trust service attachments. Though general bindings are highly reusable, they do not provide configuration for advanced policy requirements, such as multiple signatures. There are two types of general bindings:
- General provider policy set bindings
- General client policy set bindings
The general bindings included with the product are provider and client sample bindings. Do not use these bindings in their current state in a production environment. However, if they were modified to contain non-sample data, they could be used in a production environment.
Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.
To create a policy set binding containing a WS-Security binding, copy an existing sample policy set binding. If we create a policy set binding for WS-Security and do not use the copy, the new policy set binding can cause unexpected problems at run time.
After we make a copy of the provider or client sample bindings, customize only the settings of the new copy to suit your purposes. Do not remove anything from your binding copy, such as token generators, token consumers, sign parts, or encrypt parts. We can add to your binding copy if needed, but deleting information can cause unanticipated errors at run time.
Define and manage general client or provider policy set bindings
- To create a new general client or provider policy set binding or to manage the binding configuration from the administrative console, click...
Services > Policy sets > General client policy set bindings > New
We can also access this panel by clicking...
Services > Policy sets > General provider policy set bindings > New
Use the resulting detail panel to create a new client or provider policy set binding. See creating new or configuring existing general binding settings.
- To copy a specific policy set binding, select the binding name from the table and click Copy. See copying a policy set binding settings.
- To import a client or provider policy set binding, click Import. Read about importing policy set bindings using the administrative console to complete the import task.
- To export a client or provider policy set binding, select the binding name from the table, and click Export. See export policy set binding settings.
- To delete a policy set binding, select the binding name from the table, and click Delete. See deleting policy set bindings.
When we finish this task, we have created, copied, exported, imported or deleted a client or provider policy set binding.
Subtopics
- Service client or provider policy set bindings collection
- Create new or configuring existing general binding settings
Attaching a policy set to a service artifact Import policy set bindings Export policy sets bindings settings Copy policy set binding settings Deleting policy set bindings Administrative roles