Before you begin
You must install a Web service before you can associate a WS-Policy file with it. See Install a Web service.
A Web service can have zero or more WS-Policy files associated with it. WS-Policy files follow the guidelines of the WS-Policy specification. WebLogic Server uses WS-Policy files to specify the details of the message-level security (digital signatures and encryption) and reliable messaging capabilities of a Web service.
You can attach a WS-Policy file to a Web service endpoint, which means that the policy assertions apply to all the operations of a Web service endpoint. You can also attach a WS-Policy file to an operation, which means that the policy assertions apply only to the specific operation.
In addition, you can attach a WS-Policy file to the inbound or outbound SOAP message, or both. For example, if a WS-Policy file that specifies encryption for the body of a SOAP message is attached to just the inbound message of a particular operation, only the SOAP request needs to be encrypted.
Programmers, when creating the Web service, can use the Java Web
service (JWS) annotation @Policy
inside the
implementation Java file of the Web service to attach a WS-Policy file.
Administrators modify or attach additional WS-Policy files at runtime
using the Administration Console, as described in this procedure.
After you have attached a WS-Policy file to a Web service endpoint or operation, the assistant updates the application's deployment plan. If the application does not currently have a configured deployment plan, the assistant creates one for you in the location you specify.
Types of Policies
You can attach two types of policies to WebLogic Web Services, as summarized in the following table.
Policy Type | Description |
---|---|
Oracle Web Services Manager (Oracle WSM) | Provided by Oracle WSM. For more information about the Oracle WSM and predefined policies, see Understanding Oracle WSM Policy Framework in Security and Administrator's Guide for Web Services. |
WebLogic Web Service Policy | Provided by Oracle WebLogic Server. For more information about the WebLogic Web service policies, see Securing WebLogic Web Services for Oracle WebLogic Server. |
Pre-packaged WebLogic Web Service Policies
WebLogic Server includes pre-packaged WS-Policy files that you can use for configuring message-level security and reliable messaging, including the following. These files are static and you cannot change them. Predefined policies are available in the following categories:
xs:base64Binary
using MIME attachments over HTTP to
carry that data while at the same time allowing both the sender and
the receiver direct access to the XML data without having to be aware
that any MIME artifacts were used to marshal the
xs:base64Binary
data.Pre-packaged Oracle WSM Policies
Oracle WSM includes a set of predefined policies in the following categories: security, WS-Addressing, MTOM, reliable messaging, and management. For specific details, see Predefined Policies in Security and Administrator's Guide for Web Services.
Using Custom Policies
If the Web service programmer includes additional WS-Policy files in the J2EE module or application in which the service is packaged, or a shared J2EE library has been deployed that contains additional WS-Policy files, then you can attach them to your Web service also. To make available the custom WebLogic Web service policies, perform one of the following steps:
weblogic.wsee.policy.LoadFromClassPathEnabled
to
true
.WEB-INF/policies
(Web application) or META-INF/policies
(EJB).WEB-INF
(Web
application) or META-INF
(EJB).Note:
The Administration Console allows you to associate as many WS-Policy files as you want to a Web service and its operations, even if the policy assertions in the files contradict each other. It is up to you to ensure that mulitple associated WS-Policy files work together. If any contradictions do exist, WebLogic Server will return a runtime error when a client application invokes the Web service.
To associate a WS-Policy file with a Web service:
Note: Web services are deployed as part of an Enterprise application, Web application, or EJB. To understand how Web services are displayed in the Administration Console, see View installed Web services.
The table lists the WS-Policy files that are currently associated
with the Web service. The top level lists all the ports of the Web
service. Click the +
next to a Web service port to
see its operations and associated WS-Policy files.
If your Web service already has a deployment plan associated to it, then the newly attached WS-Policy files are displayed in the Policies column in the table.
If the J2EE module of which the Web service is a part does not currently have a deployment plan associated with it, the assistant asks you for the directory that should contain the deployment plan. Use the navigation tree to specify a directory, then click Finish.
If your Web service already has a deployment plan associated with it, the attached WS-Policy files are displayed in the Policies column in the table.
If the J2EE module of which the Web service is a part does not currently have a deployment plan associated with it, the assistant asks you for the directory that should contain the deployment plan. Use the navigation tree to specify a directory, then click Finish.