Before you begin
You must install a Web Service before you can associate a WS-Policy file with it. See Install a Web Service.
A Web Service can have zero or more WS-Policy files associated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses them to specify the details of the message-level security (digital signatures and encryption) and reliable SOAP messaging capabilities of a Web Service.
You can associate a WS-Policy file at the Web Service endpoint-level, which means that the policy assertions apply to all the operations of a Web Service port. You can also associate a WS-Policy file at the operation-level, which means that the policy assertions apply only to the specific operation to which you associate it.
In addition, you can associate a WS-Policy file with either the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies encryption for the body of a SOAP message is associated with just the inbound message of a particular operation, only the SOAP request needs to be encrypted.
Programmers, when creating the Web Service, can use the Java Web
Service (JWS) annotation @Policy
inside the
implementation Java file of the Web Service to specify an associated
WS-Policy file; administrators cannot change this association
using the Administration Console. Administrators can, however, associate
additional WS-Policy files at runtime using the Administration Console,
as described in the this procedure.
WebLogic Server includes the following pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging; these files are static and you cannot change them:
DefaultReliability.xml
: Configures reliable SOAP
messaging. Specifies typical values for the reliable SOAP messaging
policy assertions, such as activity timeout of 10 minutes,
acknowledgement interval of 200 milliseconds, and base retransmisstion
interval of 3 seconds.LongRunningReliability.xml
: Configures reliable
SOAP messaging. Similar to the preceding default reliable messaging
WS-Policy file, except that it specifies a much longer activity
timeout interval (24 hours.)Auth.xml
: Configures message-level security.
Specifies that the client application invoking the Web Service must
authenticate itself with a username and password.Encrypt.xml :
Configures message-level security.
Specifies that the entire body of the SOAP message be encrypted.Sign.xml
: Configures message-level security.
Specifies that the body and WebLogic-specific system headers of the
SOAP message be digitally signed. Also specifies that the SOAP message
include a Timestamp, which is also digitally signed.If the programmer who created the Web Service included additional WS-Policy files in the J2EE module or application in which the service is packaged, or a shared J2EE library has been deployed that contains additional WS-Policy files, then you can also associate them to your Web Service.
Caution:
The Administration Console allows you to associate as many WS-Policy files as you want to a Web Service and its operations, even if the policy assertions in the files contradict each other. It is up to you to ensure that mulitple associated WS-Policy files work together. If any contradictions do exist, WebLogic Server will return a runtime error when a client application invokes the Web Service.
To associate a WS-Policy file with a Web Service:
Note: Web Services are deployed as part of an Enterprise Application, Web Application or EJB. To understand how Web Services are displayed in the Administration Console, see View installed Web Services.
The table lists the WS-Policy files that are currently associated
with the Web service. The top level lists all the ports of the Web
Service. Click the +
next to a Web Service port to
see its operations and associated WS-Policy files.