Related Tasks Related Topics
Use this page to configure the WS-Policy file for an the outbound (response) SOAP message resulting from the invoke of the operation.
The Available Outbound Message Policies window lists the WS-Policy files that are available for you to associate; use the arrows to move a file to the Chosen Outbound Message Policies table, then click Finish to activate your changes.
A Web Service can have zero or more WS-Policy files assoicated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses them to specify the details of the message-level security (digital signatures and encryption) and reliable SOAP messaging capabilities of a Web Service.
The WS-Policy file can be specified at the Web Service endpoint-level, which means that the policy assertions apply to the entire Web Serivce, or a WS-Policy file can be specified at the operation-level, which means that the policy assertions apply only to the specific operation. This asstant helps you configure a WS-Policy file with the Web Service operation.
In addition, a WS-Policy file can be associated with either the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies that the body of a SOAP message should be encrypted is associated with just the inbound message of a particular operation, only the SOAP request needs to be encrypted.
Programmers, when programming the Web Service, use the Java Web Service (JWS) annotation @Policy inside the implementation of the Web Service to specify an associated WS-Policy file; administrators cannot override this association using the Administration Console. Administrators can, however, associate additional WS-Policy files using assistants such as this one.
WebLogic Server includes the following pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging:
DefaultReliability.xml: Used to configure reliable SOAP messaging. Specifies typical values for the reliable messaging policy assertions, such as activity timeout of 10 minutes, acknowledgement interval of 200 milliseconds, and base retransmisstion interval of 3 seconds.
LongRunningReliability.xml: Used to configure reliable SOAP messaging. Similar to the preceding default reliable messaging WS-Policy file, except that it specifies a much longer activity timeout interval (24 hours.)
Auth.xml : Used to configure message-level security. Specifies that the client application invoking the Web Service must authenticate itself with a username and password.
Encrypt.xml: Used to configure message-level security. Specifies that the entire body of the SOAP message be encrypted.
Sign.xml : Used to configure message-level security. Specifies that the body and WebLogic-specific system headers of the SOAP message be digitally signed. Also specifies that the SOAP message include a Timestamp, which is also digitally signed.
After you have associated a WS-Policy file to a Web Service endpoint or operation, the assistant updates the application's deployment plan. If the application does not currently have a configured deployment plan, the assistant creates one for you in the location you specify.