Configure a service provider to share its policy configuration
A WebSphere Application Server service provider can share its policy configuration in published Web Services Description Language (WSDL), or WSDL that is obtained using an HTTP GET request or the Web Services Metadata Exchange (WS-MetadataExchange) GetMetadata request.
We have developed a web services service provider containing all the necessary artifacts and deployed the web services application into the application server instance. We have attached the policy sets and managed the associated bindings.
For a list of WS-Policy assertion specifications and WS-Policy domains supported, see the topic about learning about WS-Policy.
We can make the policy configuration of a JAX-WS service endpoint available to share in the following ways:
- Include the policy configuration of the service provider in the WSDL. The WSDL is then available to publish, or to obtain using an HTTP GET request.
- Enable the Web Services Metadata Exchange (WS-MetadataExchange) protocol so that the policy configuration of the service provider is included in the WSDL and is available to a WS-MetadataExchange GetMetadata request. An advantage of using the WS-MetadataExchange protocol is that we can apply message-level security to WS-MetadataExchange GetMetadata requests using a suitable system policy set.
If the service provider application uses multipart WSDL, all the WSDL must be local to the web service application. For more information about multipart WSDL, see the topic about WSDL.
Configure a service provider to share its policy configuration because by default the policy configuration is not available in its WSDL. We can configure the service provider to include the policy configuration in its WSDL, to use WS-MetadataExchange so that the policy configuration is available, or both. This topic describes how to configure a service provider to share its policy configuration using the administrative console. We can also configure a service provider to share its policy configuration using wsadmin commands or Rational Application Developer tools.
We can configure a service provider to share its policy configuration at application or service level. The policy configuration represented by the policy sets attached to any lower levels will also be shared. Policy sets that are attached at lower levels override the policy set configuration attached at a higher level.
Tasks
- From the navigation pane of the administrative console, click Applications > Application Types > WebSphere enterprise applications > service_provider_application_instance > [Web services properties] Service provider policy sets and bindings.
- In the row for the application or service where the provider policy to share is attached, click the link in the Policy sharing column. The link is either Enabled or Disabled. The Policy Sharing pane is displayed.
- To include the policy configuration of the service provider in its WSDL so that it can be either published or obtained using an HTTP GET request, select Exported WSDL.
- To enable WS-MetadataExchange and make the policy configuration of the service provider available to a WS-MetadataExchange GetMetada request, select WS-MetadataExchange request.
- Optional: If we select WS-MetadataExchange request and we want to use message-level security, select Attach a system policy set to the WS-MetadataExchange, then select a suitable policy set and binding from the drop-down lists. See Configure security for a WS-MetadataExchange request.
- Click OK and save the changes to the master configuration.
The policy configuration of the service provider is available to its clients. The WSDL of the service provider contains the current policy configuration in WS-PolicyAttachments format so that it is available to other clients, service registries, or services that support the Web Services Policy (WS-Policy) specification. The link in the Policy Sharing column on the Service provider policy sets and bindings pane changes to Enabled.
If the policy configuration cannot be shared, an error that describes the problem is written to the service provider error log, and the following policy is attached to the WSDL of the service provider:
<wsp:Policy> <wsp:ExactlyOne> </wsp:ExactlyOne> </wsp:Policy>This policy notifies the client that there is no acceptable policy configuration for the service. Other aspects of the WSDL are unaffected.A service provider might not be able to share its policy configuration because the configuration cannot be expressed in the standard WS-PolicyAttachments format. One reason might be because multiple incompatible policies are defined for a particular attach point. Another reason might be because there is not enough binding information to generate the standard policy. Policy configuration might include bootstrap policy, for example, the policy to access a WS-Trust service, so the bootstrap policy must also be expressed in WS-PolicyAttachments format.
Subtopics
- Configure a service provider to share its policy configuration
A WAS service provider can share its policy configuration in published Web Services Description Language (WSDL), or WSDL that is obtained using an HTTP GET request or the Web Services Metadata Exchange (WS-MetadataExchange) GetMetadata request.- Policy sharing settings
Use this pane to view and change whether the policy configuration of a web services service provider is shared. We can configure the service provider to include the policy configuration in its WSDL so that it can be accessed using an HTTP Get request, or published. We can also make the policy configuration available to a Web Services Metadata Exchange (WS-MetadataExchange) request.
Related:
WS-Policy Web service providers and policy configuration sharing WSDL Configure the client policy to use a service provider policy Publishing WSDL files Deploy web services applications onto application servers Manage policy sets and bindings for service providers at the application level View WSDL documents for service providers Configure security for a WS-MetadataExchange request