+

Search Tips   |   Advanced Search

Web services policies


Policies define the type of Web service policy based on the quality of service type. Policies are initially set with default settings but the attributes can be edited and changed.

Provided policies include:

WS-Addressing

Based on the Worldwide Web Consortium (W3C) WS-Addressing specifications for Web services. This family of specifications provide transport-neutral mechanisms to address Web services and to facilitate end-to-end addressing. This spec provides asynchronous support.

WS-Security

Based on the WS-Secure Conversation (WS-SC) and WS-Security specifications along with the associated token profiles. The WS-Security specification and its associated token profiles define a way to send security tokens and provide message integrity and confidentiality. The WS-Secure Conversation specification establishes a secure context, based on shared keys, for the client and server to use for a series of messages. This standard provides a framework across organizations that defines how to secure the entire conversation. Use the WS-Security policy to define how the SOAP messages are secured. It has options such as:

  • which message parts are signed and encrypted

  • the tokens types to be included

  • whether to use symmetric or asymmetric cryptography

We can also use WS-Security policies to define the bootstrap policy used to acquire security context tokens. Security context tokens are used by secure conversation.

WS-Reliable Messaging (WS-RM)

This spec enables the sender and receiver to assure the quality of services in a set of messages. It helps the application developer deal with latency issues, maintenance interruption, and other problems that prevent messages from being completed. This quality assurance is critical for stateful applications.

WS-Transaction

This spec provides support for coordination of atomic transactions or business activities for Web services applications. We can enable WS-Transaction on both the client (outbound) and server (inbound) side by attaching a policy set that enables the WS-Transaction policy as part of the policy set. This policy is based on the WS-AtomicTransaction specification and the WS-BusinessActivity specification, together with the WS-Coordination specification.

HTTP Transport

The HTTP transport policy applies the HTTP features and HTTP connections polices to outbound messages. The response listener policy is enforced on inbound messages.

SSL Transport

Provides SSL transport security for the HTTP protocol with Web services applications.



 

Related tasks


Manage policy sets

 

Related information


WS-Policy working group
OASIS WS-SX Technical Committee