You can use the XML schema in this appendix as a reference when creating a WS-Policy file that contains custom web service assertions.
This appendix includes the following topics:
The following figure illustrates the element hierarchy of the custom assertions in the WS-Policy file.
Figure A-1 Element Hierarchy of Custom Assertion
A custom assertion contains the following elements:
The <wsp:Policy> element groups nested policy assertions.
The following table summarizes the Oracle extensions to the WS-Policy attributes.
Table A-1 Oracle Extensions to WS-Policy Attributes
Attribute | Description |
---|---|
attachTo |
Policy subjects to which the policy can be attached. Valid values include:binding.client, binding.server, binding.any. |
category |
Category of the policy. Valid values include: security and management. |
description |
Description of the policy. |
status |
Status of the policy reference. Valid values include: enabled and disabled. |
The following example illustrates the <wsp:Policy> element:
<wsp:Policy xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:orasp="http://schemas.oracle.com/ws/2006/01/securitypolicy" orawsp:status="enabled" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-util ity-1.0.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" orawsp:category="security" orawsp:attachTo="binding.server" wsu:Id="ip_assertion_policy" xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" wsp:Name="oracle/ip_assertion_policy">
The <orasp:Assertion> element is the main element of the custom assertion.
The following table summarizes the attributes of the <orasp:Assertion> element.
Table A-2 Attributes of <orasp:Assertion> Element
Attribute | Description |
---|---|
Optional |
Flag that specifies whether the assertion is optional or required. |
Silent |
Flag that specifies whether the assertion is advertised. If set to true, the assertion is not advertised. |
Enforced |
Flag that specifies whether the assertion is currently enabled. |
name |
Name of the assertion. |
description |
Description of the assertion. |
category |
Category to which the assertion applies. Valid values include: security/authentication, security/msg-protection, security/authorization, security/logging and management. |
provides |
Web service endpoint type to which this policy can be attached. Note: This attribute is required for RESTful endpoints. For example, to specify RESTful web services: orawsp:provides="{http://schemas.oracle.com/ws/2006/01/policy}REST_HTTP" |
The following example illustrates the <orasp:Assertion> element:
<orasp:ipAssertion orawsp:Silent="true" orawsp:Enforced="true" orawsp:name="WSSecurity IpAssertion Validator" orawsp:category="security/authentication" orawsp:provides="{http://schemas.oracle.com/ws/2006/01/policy}REST_HTTP"> ... </orasp:ipAssertion>
The <oraswsp:bindings> element defines the bindings in the custom assertion.
The <oraswsp:Implementation> element defines the custom assertion implementation class.
The <oraswsp:Config> element defines the configuration for the custom assertion.
The following table summarizes the attributes of the <orawsp:Config> element.
Table A-3 Attributes of <orawsp:Config> Element
Attribute | Description |
---|---|
name |
Name of the configuration. |
type |
Category to which the configuration applies. |
configType |
Configuration type. Valid values include: declarative and programmatic.
|
The <oraswsp:PropertySet> element groups nested properties.
The following table summarizes the attributes of the <orawsp:PropertySet> element.
The <oraswsp:Property> element defines a single property.
The following table summarizes the attributes of the <orawsp:Property> element.
Table A-5 Attributes of <orawsp:Property> Element
Attribute | Description |
---|---|
name |
Name of the property. |
type |
Type of the property. For example, string. |
contentType |
Specifies whether the property is required and can be overridden. Valid values include:
For information about overriding policies, see "Overriding Policy Configuration Overrides" in Administering Web Services. |
The <oraswsp:Description> element provides a description of the property.