Before you begin
You must install a Web Service before you can associate a WS-Policy file with it. See Install a Web Service.
A Web Service can have zero or more WS-Policy files associated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses them to specify the details of the message-level security (digital signatures and encryption) and reliable SOAP messaging capabilities of a Web Service.
Caution: You can perform this task only on a JAX-RPC 1.1 Web Service. In other words, you cannot associate a WS-Policy file with a JAX-WS 2.0 Web Service.
You can associate a WS-Policy file at the Web Service endpoint-level, which means that the policy assertions apply to all the operations of a Web Service port. You can also associate a WS-Policy file at the operation-level, which means that the policy assertions apply only to the specific operation with which you associate it.
In addition, you can associate a WS-Policy file with either the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies encryption for the body of a SOAP message is associated with just the inbound message of a particular operation, only the SOAP request needs to be encrypted.
Programmers, when creating the Web Service, can use the Java Web
Service (JWS) annotation
@Policy inside the
implementation Java file of the Web Service to specify an associated
WS-Policy file; administrators cannot change this association
using the Administration Console. Administrators can, however, associate
additional WS-Policy files at runtime using the Administration Console,
as described in the this procedure.
WebLogic Server includes the following pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging; these files are static and you cannot change them:
DefaultReliability.xml: Configures reliable SOAP messaging. Specifies typical values for the reliable SOAP messaging policy assertions, such as activity timeout of 10 minutes, acknowledgement interval of 200 milliseconds, and base retransmisstion interval of 3 seconds.
LongRunningReliability.xml: Configures reliable SOAP messaging. Similar to the preceding default reliable messaging WS-Policy file, except that it specifies a much longer activity timeout interval (24 hours.)
Mtom.xml: Used to specify that the Web Service supports MTOM/XOP to transport binary data. MTOM/XOP describes a method for optimizing the transmission of XML data of type
xs:base64Binaryusing MIME attachments over HTTP to carry that data while at the same time allowing both the sender and the receiver direct access to the XML data without having to be aware that any MIME artifacts were used to marshal the
WebLogic Server includes two sets of pre-packaged security policy files that you can use for configuring message-level security. One set of security policy files conforms to the OASIS WS-SecurityPolicy 1.2 specification. These security policy files are described in WS-SecurityPolicy 1.2 Policy Files. The other set of security policy files conforms to a proprietary BEA Web Services security policy schema and are described in BEA Web Services Security Policy Files. You can use security policy files from either set, but the two sets are not mutually compatible; you cannot define both types of policy file in the same Web Service.
If the programmer who created the Web Service included additional WS-Policy files in the J2EE module or application in which the service is packaged, or a shared J2EE library has been deployed that contains additional WS-Policy files, then you can also associate them to your Web Service.
After you have associated a WS-Policy file to a Web Service endpoint or operation, the assistant updates the application's deployment plan. If the application does not currently have a configured deployment plan, the assistant creates one for you in the location you specify.
The Administration Console allows you to associate as many WS-Policy files as you want to a Web Service and its operations, even if the policy assertions in the files contradict each other. It is up to you to ensure that mulitple associated WS-Policy files work together. If any contradictions do exist, WebLogic Server will return a runtime error when a client application invokes the Web Service.
To associate a WS-Policy file with a Web Service:
Note: Web Services are deployed as part of an Enterprise Application, Web Application or EJB. To understand how Web Services are displayed in the Administration Console, see View installed Web Services.
The table lists the WS-Policy files that are currently associated
with the Web service. The top level lists all the ports of the Web
Service. Click the
+ next to a Web Service port to
see its operations and associated WS-Policy files.