Attaching a policy set to a service artifact

Attach a policy set to a service artifact, such as an application, service, endpoint or operation, to define the quality of services that are supported. Policy sets can define the policies for WS-Addressing, WS-Security, WS-ReliableMessaging, WS-Transaction, HTTP transport, Java™ Messaging Service (JMS) transport, and Secure Sockets Layer (SSL) transport.

Before you begin

Before you can start this task, you must deploy an application containing web services. Also, if none of the default policy sets contain the necessary policy definitions, then you must create a custom policy set with the necessary definitions.

About this task

Develop a web service that contains each of the necessary artifacts, and deploy your web services application into your application server instance. Now you can attach policy sets to your service artifacts, such as an application, service, or endpoint.

Avoid trouble: If you are attaching a WS-Security policy to your provider application, and your SOAP requests do not contain a SOAPAction in the HTTP header or WS-Addressing action in the message, you cannot apply policies at the operation level. You can attach policies only at the Application, Service, or Endpoint level. For provider applications, regardless of any other policy attachments at any level, if you attach a policy to one or more operations, and there is no SOAPAction or WS-Addressing Action in the SOAP request, then you receive the following error in the SOAP response: 
CWWSS7509W: The received SOAP request message is rejected because it does not correctly specify SOAP action and WS-Addressing action while there is at least one PolicySet attachment at operation level of the xyz service.

To attach a policy set to a service artifact, perform the following steps:

Procedure

  1. Open the administrative console.
  2. To attach a policy set to a service provider, click Applications > Application Types > WebSphere enterprise applications > application_name > Service provider policy sets and bindings.

    To attach a policy set to a service client, click Applications > Application Types > WebSphere enterprise applications > application_name > Service client policy sets and bindings.

  3. Select the check box for the service artifact.
    Avoid trouble: Do not select all of the entries on the panel. The artifacts are Service, Endpoint and Operation. Only select the top-level parent of all artifacts that have the same attachment. For example, if all endpoints and operations are attached to the same endpoint, only select the Service entry. If you have more than one endpoint in your service, and the endpoints have different policies and all operations within each endpoint have the same policy, only select the parent endpoint for each set of operations that have the same policy attachment.
  4. Select the check box for the top-level service artifact where the policy set is to be attached. This attaches the policy to all Endpoints and Operations that are children of the service.
  5. Click Save to save your changes to the master configuration.
  6. [Optional] To see what attachments are defined for a specific policy set, select Services > Policy sets > Application policy sets > policy_set_name > Attached applications.

Results

When you finish these steps, a policy set is attached to the service artifact.

Example

If you have the application, app1 and you want to attach the policy set, WSSecurity default, then perform the following steps:
  1. Locate the app1 application in the Applications > Enterprise applications collection.
  2. Click the app1 application.
  3. Click the Service provider policy sets and bindings link or the Service client policy sets and bindings link.
  4. Select the check box for the service artifact where the policy set is to be attached.
  5. Click Attach. Select WSSecurity default policy set.
  6. Click Save to save your changes to the master configuration.

What to do next

You can create custom bindings for policy set attachments. Read about creating custom bindings for policy set attachments.

You can configure the service client or service provider to share their policies. Read about using WS-Policy to exchange policies in a standard format.