Policies applied settings
Use this panel to view and change whether the policy configuration of a WebSphere Application Server service client is configured dynamically, based on the policies supported by its service provider. We can view or change how the client obtains the policy of the service provider; the client can use an HTTP GET request or a Web Services Metadata Exchange (WS-MetadataExchange) request. We can specify a policy set and binding to provide message-level security for WS-MetadataExchange requests or to specify HTTP transport and SSL transport configuration for HTTP GET requests.
To view this administrative console page for an application or service. The application must be a web services service client.
- Click Applications > Application Types > WebSphere enterprise applications > service_client_application_name > [Web Services Properties] Service client policy sets and bindings.
- Select the link in the Policies Applied column for the application or service you require.
To view this administrative console page for a service, complete the following steps:
- Click Services > Service clients > service_name.
- Select the link in the Policies Applied column for the service. The link is available if the service or the parent application has a policy set attached.
Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.
Apply the following policies
Specifies whether the client.policy is based on the policy of the service provider, and how that policy is used.
Select from the following options:
- Client policy only. Configure the client based solely on the client policy set. Do not use the policy of the service provider. This option is available when a client policy set is attached to the resource.
- Client and provider policy. Configure the client based on both the client policy set and the policy of the service provider. This option is available when a client policy set is attached to the resource.
- Inherit application attachment. Inherit the setting of the parent application. This option is available for a service when a client policy set is not attached to the service. If there is a policy set attached to the parent application, the inherited properties are displayed on this panel, but we cannot change them. If there is no policy set attached to the parent application, when you return to the Service clients policy sets and bindings panel, the Policies applied column shows a value of None.
- Provider policy only. Configure the client based solely on the policy of the service provider. This option is available when a client policy set is not attached to the resource.
HTTP GET request
Click HTTP GET request to obtain the policy of the service provider using an HTTP GET request. The policy configuration must be in WS-PolicyAttachments format in the WSDL of the service provider.
This option is available when Apply the following policies is set to Client and provider policy or Provider policy only.
By default, the HTTP GET request is targeted at the URL for each service endpoint followed by ?WSDL.
Use the default request target
When we apply a policy to a service, click Use the default request target to target the HTTP GET request at the URL for each service endpoint followed by ?WSDL.
If the attach point is for the service, then we can either select this default request target or we can choose to specify an alternative request target using the Specify request target option.
If the attach point is for the application then the default request target will be used.
Specify request target
When we apply a policy to a service, click Specify request target to change the target for acquiring provider policy using an HTTP GET request. Enter the URL for the location of the provider policy in the field.
This option is available when HTTP GET request is selected and we apply a policy to a service.
When we apply a policy to an application, this option is not available.
Attach a system policy set to the HTTP GET request
Select Attach a system policy set to the HTTP GET request to set HTTP transport and SSL transport configuration for the HTTP GET request. This option is available when HTTP GET request is selected as the method to be used to obtain the provider policy and when Specify request target is selected and completed.
If we do not specify a policy set we will inherit the HTTP transport and SSL transport configuration from the application.
Policy set (for the HTTP GET request)
Select the policy set you require from the list to provide HTTP transport and SSL transport configuration for the HTTP GET request. Select from system policy sets that contain solely HTTP transport policies, solely SSL transport policies, or both; the policy set cannot contain other policy types.
This option is available when Attach a system policy set to the HTTP GET request is selected and the Specify request target is selected and completed.
Binding (for the HTTP GET request)
Select the binding you require from the list for the HTTP GET request. We can select from Global Default Bindings or General client/provider policy set bindings, which are specific to the individual service.
This option is available when Attach a system policy set to the HTTP GET request is selected and the Specify request target is selected and completed.
The value of Default will result in the Global Default Binding being used.
WS-MetadataExchange request
Click WS-MetadataExchange to obtain the policy of the service provider using a WS-MetadataExchange GetMetadata request. The policy configuration must be in WS-PolicyAttachments format in the WSDL of the service provider.
This option is available when Apply the following policies is set to Client and provider policy or Provider policy only.
Attach a system policy set to the WS-MetadataExchange request
Select Attach a system policy set to the WS-MetadataExchange request to set message-level security for the WS-MetadataExchange request. By default, this option is not selected and the transport policy of the application is used. This option is available when WS-MetadataExchange request is selected.
When Attach a system policy set to the WS-MetadataExchange request is selected, the Policy set and Binding lists are available. If we select Attach a system policy set to the WS-MetadataExchange request, we must also select a policy set and a binding.
Policy set (for the WS-MetadataExchange request)
Select the policy set you require from the list to provide message-level security for the WS-MetadataExchange request. We can select from system policy sets that contain only WS-Security policies, only WS-Addressing policies, or both. The default policy set is SystemWSSecurityDefault.
System policy sets are used for system messages that are not business-related, for example, messages that apply qualities of service (QoS), including the messages defined in the WS-MetadataExchange protocol.
any transport policy of the application is always used.
This option is available when Attach a system policy set to the WS-MetadataExchange is selected.
Binding (for the WS-MetadataExchange request)
Select the binding you require from the list to provide message level security for the WS-MetadataExchange request. We can select from Global Default Bindings or General client/provider policy set bindings, which are specific to the individual service.
This option is available when Attach a system policy set to the WS-MetadataExchange is selected.
The value of Default will result in the Global Default Binding being used.
Related:
Web service clients and policy configuration to use the service provider policy Configure system policy sets Define and manage service client or provider bindings Policy sharing settings Administrative console buttons Administrative console preference settings Administrative roles