-->
edocs Home > Oracle WebLogic Server Documentation > Administration Console Online Help > Associate a WS-Policy

Associate a WS-Policy file with a Web Service

Before you begin

You must install a Web Service before you can associate a WS-Policy file with it. See Install a Web Service.


A Web Service can have zero or more WS-Policy files associated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses WS-Policy files to specify the details of the message-level security (digital signatures and encryption) and reliable SOAP messaging capabilities of a Web Service.

You can associate a WS-Policy file at the Web Service endpoint-level, which means that the policy assertions apply to all the operations of a Web Service port. You can also associate a WS-Policy file at the operation-level, which means that the policy assertions apply only to the specific operation with which you associate it.

In addition, you can associate a WS-Policy file with the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies encryption for the body of a SOAP message is associated with just the inbound message of a particular operation, only the SOAP request needs to be encrypted.

Programmers, when creating the Web Service, can use the Java Web Service (JWS) annotation @Policy inside the implementation Java file of the Web Service to specify an associated WS-Policy file. Administrators cannot change this association using the Administration Console. Administrators can, however, associate additional WS-Policy files at runtime using the Administration Console, as described in the this procedure.

WebLogic Server includes pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging, including the following. These files are static and you cannot change them:

  • DefaultReliability1.1.xml: Configures reliable SOAP messaging. Specifies policy assertions related to quality of service. The Web Service reliable messaging assertions are based on WS-Reliable Messaging Policy Assertion 1.1.

  • Reliability1.1_SequenceTransportSecurity: Configures reliable SOAP messaging. Specifies policy assertions related to transport-level security and quality of service. The Web Service reliable messaging assertions are based on WS-Reliable Messaging Policy Assertion 1.1.

  • Reliability1.0_1.1.xml: Configures reliable SOAP messaging. Combines 1.1 and 1.0 WS Reliable Messaging policy assertions. This sample relies on smart policy selection to determine the policy assertion that is applied at runtime.

  • DefaultReliability.xml: Deprecated. The Web Service reliable messaging assertions are based on WS Reliable Messaging Policy Assertion 1.0. In this release, many of the reliable messaging policy assertions are managed through JWS annotations or configuration. Configures reliable SOAP messaging. Specifies typical values for the reliable SOAP messaging policy assertions, such as activity timeout of 10 minutes, acknowledgement interval of 200 milliseconds, and base retransmisstion interval of 3 seconds.

  • LongRunningReliability.xml: Deprecated. The Web Service reliable messaging assertions are based on WS Reliable Messaging Policy Assertion 1.0. In this release, many of the reliable messaging policy assertions are managed through JWS annotations or configuration. Configures reliable SOAP messaging. Similar to the preceding default reliable messaging WS-Policy file, except that it specifies a much longer activity timeout interval (24 hours.)

  • Mtom.xml: Used to specify that the Web Service supports MTOM/XOP to transport binary data. MTOM/XOP describes a method for optimizing the transmission of XML data of type xs:base64Binary using MIME attachments over HTTP to carry that data while at the same time allowing both the sender and the receiver direct access to the XML data without having to be aware that any MIME artifacts were used to marshal the xs:base64Binary data.

WebLogic Server includes two sets of pre-packaged security policy files that you can use for configuring message-level security. One set of security policy files conforms to the OASIS WS-SecurityPolicy 1.2 specification. These security policy files are described in Using WS-SecurityPolicy 1.2 Policy Files. The other set of security policy files conforms to a proprietary Oracle Web Services security policy schema and are described in Proprietary Web Services Security Policy Files. You can use security policy files from either set, but the two sets are not mutually compatible; you cannot define both types of policy file in the same Web Service.

If the Web Service programmer includes additional WS-Policy files in the J2EE module or application in which the service is packaged, or a shared J2EE library has been deployed that contains additional WS-Policy files, then you can associate them to your Web Service also. In this case, the policy files must be included in the WEB-INF/policies directory.

After you have associated a WS-Policy file to a Web Service endpoint or operation, the assistant updates the application's deployment plan. If the application does not currently have a configured deployment plan, the assistant creates one for you in the location you specify.

Note:

The Administration Console allows you to associate as many WS-Policy files as you want to a Web Service and its operations, even if the policy assertions in the files contradict each other. It is up to you to ensure that mulitple associated WS-Policy files work together. If any contradictions do exist, WebLogic Server will return a runtime error when a client application invokes the Web Service.

To associate a WS-Policy file with a Web Service:

  1. If you have not already done so, in the Change Center of the Administration Console, click Lock & Edit (see Use the Change Center).

  2. In the left pane of the Administration Console, select Deployments.

  3. In the right pane, navigate within the Deployments table until you find the Web Service for which you want to configure a WS-Policy file.

    Note: Web Services are deployed as part of an Enterprise Application, Web Application or EJB. To understand how Web Services are displayed in the Administration Console, see View installed Web Services.

  4. In the Deployments table, click the name of the Web Service.

  5. Select Configuration -> WS-Policy.

    The table lists the WS-Policy files that are currently associated with the Web service. The top level lists all the ports of the Web Service. Click the + next to a Web Service port to see its operations and associated WS-Policy files.

  6. If you want to associate a WS-Policy file with a particular Web Service operation, go to the next step. To associate a WS-Policy file with an entire Web Service port (endpoint-level):

    1. Click on the name of the Web Service port. A page appears which includes two windows: one labelled Available Endpoint Policies that lists the names of the WS-Policy files that you can associate with a Web Service endpoint and one labelled Chosen Endpoint Policies that lists the WS-Policy files that are currently configured for this endpoint.

    2. Use the arrows to move WS-Policy files between the available and chosen windows. The WS-Policy files that are in the Chosen window are the ones that are applied to the Web Service endpoint.

    3. Click OK. If your Web Service already has a deployment plan associated to it, then the newly associated WS-Policy files are displayed in the Policies column in the table.

    4. If the J2EE module of which the Web Service is a part does not currently have a deployment plan associated with it, the assistant asks you for the directory that should contain the deployment plan. Use the navigation tree to specify a directory, then click Finish.

  7. To associate a WS-Policy file with one of its operations:

    1. Click on the name of the operation. A page appears which includes two windows: one labelled Available Inbound Message Policies that lists the names of the WS-Policy files that are available to associate with the inbound (request) SOAP message of the operation invoke and one labelled Chosen Inbound Message Policies that lists the WS-Policy files that are currently associated with the inbound (request) SOAP message of the operation invoke.

    2. Use the arrows to move WS-Policy files between the available and chosen windows. The WS-Policy files that are in the Chosen window are the ones that are applied to the inbound (request) SOAP message when this operation is invoked by a client application.

    3. Click Next.

    4. Click on the name of the operation. A page appears which includes two windows: one labelled Available Outbound Message Policies that lists the names of the WS-Policy files that are available to associate with the outbound (response) SOAP message of the operation invoke and one labelled Chosen Outbound Message Policies that lists the WS-Policy files that are currently associated with the outbound (response) SOAP message of the operation invoke.

    5. Use the arrows to move WS-Policy files between the available and chosen windows. The WS-Policy files that are in the Chosen window are the ones that are applied to the outbound (response) SOAP message when this operation is invoked by a client application.

    6. Click Finish. If your Web Service already has a deployment plan associated with it, the newly associated WS-Policy files are displayed in the Policies column in the table.

    7. If the J2EE module of which the Web Service is a part does not currently have a deployment plan associated with it, the assistant asks you for the directory that should contain the deployment plan. Use the navigation tree to specify a directory, then click Finish.

  8. To activate these changes, in the Change Center of the Administration Console, click Activate Changes.
    Not all changes take effect immediately—some require a restart (see Use the Change Center).
} } (document.images){ dcs_imgarray[dcs_ptr] = new Image; dcs_imgarray[dcs_ptr].src = dcs_src; WT[myMeta.name.substring(3)]=myMeta.content; } if DCSext[myMeta.name.substring(7)]=myMeta.content; } } } } for (N in DCS){P+=A( N, DCS[N]);} for (N in WT){P+=A( "WT."+N, WT[N]);} for (N in DCSext){P+=A( N, DCSext[N]);} //} aCrumb=aCookie[i].split("="); if (crumb==aCrumb[0]){ return aCrumb[1]; } } return null; } i=0;i