Before you begin
You must install a Web Service before you can associate a WS-Policy file with it. See Install a Web Service.
A Web Service can have zero or more WS-Policy files associated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses WS-Policy files to specify the details of the message-level security (digital signatures and encryption) and reliable SOAP messaging capabilities of a Web Service.
You can associate a WS-Policy file at the Web Service endpoint-level, which means that the policy assertions apply to all the operations of a Web Service port. You can also associate a WS-Policy file at the operation-level, which means that the policy assertions apply only to the specific operation with which you associate it.
In addition, you can associate a WS-Policy file with the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies encryption for the body of a SOAP message is associated with just the inbound message of a particular operation, only the SOAP request needs to be encrypted.
Programmers, when creating the Web Service, can use the Java Web
Service (JWS) annotation @Policy
inside the
implementation Java file of the Web Service to specify an associated
WS-Policy file. Administrators cannot change this association
using the Administration Console. Administrators can, however, associate
additional WS-Policy files at runtime using the Administration Console,
as described in the this procedure.
WebLogic Server includes pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging, including the following. These files are static and you cannot change them:
xs:base64Binary
using MIME attachments over HTTP to
carry that data while at the same time allowing both the sender and
the receiver direct access to the XML data without having to be aware
that any MIME artifacts were used to marshal the
xs:base64Binary
data.WebLogic Server includes two sets of pre-packaged security policy files that you can use for configuring message-level security. One set of security policy files conforms to the OASIS WS-SecurityPolicy 1.2 specification. These security policy files are described in Using WS-SecurityPolicy 1.2 Policy Files. The other set of security policy files conforms to a proprietary Oracle Web Services security policy schema and are described in Proprietary Web Services Security Policy Files (JAX-RPC Only). You can use security policy files from either set, but the two sets are not mutually compatible; you cannot define both types of policy file in the same Web Service.
If the Web Service programmer includes additional WS-Policy files in
the J2EE module or application in which the service is packaged, or a
shared J2EE library has been deployed that contains additional WS-Policy
files, then you can associate them to your Web Service also. In this
case, the policy files must be included in the
WEB-INF/policies
directory.
After you have associated a WS-Policy file to a Web Service endpoint or operation, the assistant updates the application's deployment plan. If the application does not currently have a configured deployment plan, the assistant creates one for you in the location you specify.
Note:
The Administration Console allows you to associate as many WS-Policy files as you want to a Web Service and its operations, even if the policy assertions in the files contradict each other. It is up to you to ensure that mulitple associated WS-Policy files work together. If any contradictions do exist, WebLogic Server will return a runtime error when a client application invokes the Web Service.
To associate a WS-Policy file with a Web Service:
Note: Web Services are deployed as part of an Enterprise Application, Web Application or EJB. To understand how Web Services are displayed in the Administration Console, see View installed Web Services.
The table lists the WS-Policy files that are currently associated
with the Web service. The top level lists all the ports of the Web
Service. Click the +
next to a Web Service port to
see its operations and associated WS-Policy files.