+

Search Tips   |   Advanced Search

Service client or provider policy set bindings collection

Create, copy, and manage general policy set bindings, such as the service client or provider bindings. These bindings provide system-specific configuration, and can be reused across policy set attachments. We can select the general default bindings, create new general bindings, or use existing bindings for an attached policy set.

From the admin console, click...

We can also view this page by clicking...


About policy set bindings

There are two types of bindings, application specific bindings and general bindings.

Application specific binding

Create application specific bindings only at a policy set attachment point. These bindings are specific to and defined by the characteristics of the defined policy. Application specific bindings can provide configuration for advanced policy requirements, such as multiple signatures; however, these bindings are only reusable within an application. Furthermore, application specific bindings have limited reuse across policy sets.

When we create an application specific binding for a policy set attachment, the binding begins in an unconfigured state. We must add each policy, such as WS-Security or HTTP transport, to override the default binding and fully configure the bindings for each policy that we have added. For WS-Security policy, some high level configuration attributes such as TokenConsumer, TokenGenerator, SigningInfo, or EncryptionInfo might be obtained from the default bindings if they are not configured in the application specific bindings.

For service providers, we can only create application specific bindings by selecting Assign Binding > New Application Specific Binding for service provider resources that have an attached policy set. See service providers policy sets and bindings collection. Similarly, for service clients, we can only create application specific bindings by selecting Assign Binding > New Application Specific Binding for service client resources that have an attached policy set. See service client policy set and bindings collection.

General bindings

General bindings were introduced in WebSphere Application Server v7.0. These bindings can be configured to be used across a range of policy sets and can be reused across applications and for trust service attachments. Though general bindings are highly reusable, they are however not able to provide configuration for advanced policy requirements, such as multiple signatures. There are two types of general bindings:

Create general policy set bindings by copying an existing binding or by creating a new one. For WS-Security bindings, copy an existing sample binding. Creating a new policy set binding from scratch for WS-Security can cause unexpected problems at run time.

To create general provider policy set bindings, in the administrative console, select Services > Policy sets > General provider policy set bindings > New or Copy. To create general client policy set bindings, select Services > Policy sets > General client policy set bindings > New or Copy.

See Define and manage service client or provider bindings. General provider policy set bindings can also be used for trust service attachments.

After we make a copy of the provider or client sample bindings, customize only the settings of our new copy to suit your purposes. Do not remove anything from your binding copy, such as token generators, token consumers, sign parts, or encrypt parts. We can add things to your binding copy if needed, but deleting information can cause unanticipated errors at run time.

The sample general bindings that are shipped with the product are provider and client sample. Do not use these sample bindings in their current state in a production environment. However, if they were modified to contain non-sample data, we can use these sample bindings in a production environment.

We cannot assign a binding to a service provider resource that does not have a policy set or has an inherited attachment. To assign a binding to such a service provider resource, first attach a policy set to the resource. Also, we cannot assign a binding to a service client resource that does not have an effective policy configuration or has an inherited policy attachment. To assign a binding to such a service client resource, first attach a policy set or specify the use of the provider policy.

Depending on the assigned security role when security is enabled, we might not have access to text entry fields or buttons to create or edit configuration data. Review the administrative roles documentation to learn more about the valid roles for the application server.


Name

Name of the service client or provider policy set binding.

The following list of buttons are available to manage service client or provider policy set bindings:

Button Resulting Action
New Creates a new client or provider policy set binding. This option accesses the New binding panel. The binding is empty initially; enter a name and an optional description for a new client or provider policy set binding.
Delete Removes the selected client or provider general policy set binding. The default general bindings are being used as the default for a server or a security domain, including the global security domain. We cannot delete default bindings for global security or other security domains. An attempt to delete such default general binding generates an error message that the selected binding cannot be deleted because it is currently the default binding for a security domain.
Copy Creates a modifiable copy of the selected client or provider policy set binding using a new name that we provide.
Import Import a client or provider policy set binding. This is a menu item with the option of importing a binding with the same name or providing a different name for the import.
Export Export the selected client or provider policy set binding to an archive file.


Security Domain

Indicates which security domain uses the general policy set binding. The default domain is global security. This column in the collection table appears only when there are multiple security domains to which the binding can be scoped.


Description

User-defined description for the client or provider policy set bindings.

  • Define and manage service client or provider bindings
  • Define and manage policy set bindings
  • Import policy set bindings
  • Create new or configuring existing general binding settings
  • Export policy sets bindings settings
  • Copy policy set binding settings
  • Administrative roles