Home

 

Policy set

You can use policy sets to simplify configuring the qualities of service for Web services and clients. Policy sets are assertions about how Web services are defined. Using policy sets, you can combine configurations for different policies. You can use policy sets with JAX-WS applications, but not with JAX-RPC applications.

A policy set is identified by a unique name. An instance of a policy set consists of a collection of policy types. An empty policy set has no policy instance defined.

Policies are defined on the basis of a quality of service. Policy definitions are typically based on WS-Policy standards language. For example, the WS-Security policy is based on the current WS-SecurityPolicy language from the Organization for the Advancement of Structured Information Standards (OASIS) standards.

Policy sets omit application or user-specific information, such as keys for signing, key store information, or persistent store information. Instead, application and user-specific information is defined in the bindings. Typically, bindings are specific to the application or the user, and bindings are not normally shared. On the server side, if you do not specify a binding for a policy set, a default binding will be used for that policy set. On the client side, specify a binding for each policy set.

A policy set attachment defines which policy set is attached to service resources, and which bindings are used for the attachment. The bindings define how the policy set is attached to the resources. An attachment is defined outside of the policy set, as metadata associated with the application. To enable a policy set to work with an application, a binding is required.

ibm.com/redbooks