Configure the client policy to use a service provider policy using wsadmin scripting
An application that is a web service client can obtain the policy configuration of a web service provider and use this information to establish a policy configuration that is acceptable to both the client and the service provider.
We have developed a web service client containing all the necessary artifacts, and deployed the web services application into the application server instance. If we require them, we have attached the policy sets and managed the associated bindings.
The service provider must publish its policy in its WSDL and that policy must contain its policy configuration at run time in WS-PolicyAttachments format. The client must be able to support those provider policies.
For a list of WS-Policy assertion specifications and WS-Policy domains supported, see the WS-Policy topic.
We can administer the client to configure itself dynamically at run time, based on the policy of the service provider in the standard WS-PolicyAttachments format. We can administer the client to dynamically apply the provider policy at the application or service or service reference level.
If we specify client dynamic policy control at the service reference level, use the new name-value paired list format of the resource string. If we are not specifying client dynamic policy control at service reference level, we can use either format.
Level String format Name-value pair list format (NEW) Behavior Type "WebService:/" "type=WebService:/" Indicates all artifacts in the application Service "WebService:/myModule:{namespace}myService" "type=WebService:/,module=myModule,service={namespace}myService" Indicates all artifacts within the web service Endpoint (under this service) "WebService:/myModule:{namespace}myService/endpointA" "type=WebService:/,module=myModule,service={namespace}myService,endpoint=endpointA" Indicates all operations for this endpoint (under the service) Operation (under this service) "WebService:/myModule:{namespace}myService/endpointA/operation1" "type=WebService:/,module=myModule,service={namespace}myService,endpoint=endpointA, operation=operation1" Indicates a specific single operation (under the service) Service reference [Not possible] "type=WebService:/,module=myModule,service={namespace}myService,serviceRef=myServiceRef" Indicates all artifacts within the web service reference Endpoint (under this service reference) [Not possible] "type=WebService:/,module=myModule,service={namespace}myService,serviceRef=myServiceRef, endpoint=endpointA" Indicates all operations for this endpoint (under the service reference) Operation (under this service reference) [Not possible] "type=WebService:/,module=myModule,service={namespace}myService,serviceRef=myServiceRef, endpoint=endpointA,operation=operation1" Indicates a specific single operation (under the service reference) If the provider policy uses multipart WSDL, we can use an HTTP GET request to obtain the policy of the provider, but we cannot use the WS-MetadataExchange protocol. For more information about multipart WSDL, see the topic about WSDL.
Policy intersection is the comparison of a client policy and a provider policy to determine whether they are compatible, and the calculation of a new policy, known as the effective policy, that complies with both their requirements and capabilities.
This topic describes how to configure the client policy to use a service provider policy using wsadmin commands. We can also configure the client policy to use a service provider policy using the administrative console.
Tasks
- Start the wsadmin scripting client if it is not already running.
- Use the SetClientDynamicPolicyControl command. For example:
AdminTask.setClientDynamicPolicyControl('[-applicationName WebServiceClientApplication -resource WebService:/ClientApplication.war:{http://example_path/}Service1 -acquireProviderPolicyMethod [httpGet ] -httpGetProperties [httpGetTargetURI http://example_path]]')- Save changes to the master configuration.
To save the configuration changes, enter:
AdminConfig.save()
The web application client-side policy is calculated when it is required at run time, based either on the policy of the service provider, or on the client policy set and the policy of the service provider, depending on which option we selected. This calculated policy is known as the "effective policy" and is cached as a runtime configuration. The effective policy is used for subsequent outbound web service requests to the endpoint or operation for which the dynamic policy calculation was performed. The policy set configuration of the client does not change.
The provider policy that the client holds for a service is refreshed the first time that the web service is invoked after the application is loaded. After that, the provider policy is refreshed when the application restarts, or if the application explicitly invokes a refresh. When the provider policy is refreshed, the effective policy is recalculated.
Related:
WS-Policy WS-MetadataExchange requests WSDL Use WS-Policy to exchange policies in a standard format Deploy web services applications onto application servers Configure a service provider to share its policy configuration Start the wsadmin scripting client Web service clients and policy configuration to use the service provider policy WS-Policy commands for the AdminTask object setClientDynamicPolicyControl command