This appendix describes the web service security and policy annotations that are available to secure and enable advanced features on Oracle web services.
This appendix incudes the following sections:
The Oracle web services programming model uses JDK metadata annotations, as described in the following technical note:
http://docs.oracle.com/javase/7/docs/technotes/guides/language/annotations.html
For additional information, see JSR 175 at:
http://www.jcp.org/en/jsr/detail?id=175
In this programming model, you create an annotated Java file to specify the shape and characteristics of the web service.
For more information about the annotations available, see Java API Reference for Oracle Infrastructure Web Services. For more information about the OWSM predefined policies, see Chapter 17, "Oracle Web Services Manager Predefined Policies."
Table A-1 summarizes the web service security and policy annotations described in this appendix. This table also lists the corresponding web service Feature class that can be used to attach policies to a subset of web service clients, as described in "Attaching Policies to Web Services and Clients at Design Time".
Table A-1 Security and Policy Annotations for Oracle Web Services
Annotation | Description |
---|---|
Specifies the use of WS-Addressing with either the SOAP 1.1/HTTP or SOAP 1.2/HTTP binding. |
|
Enables web services atomic transactions. |
|
Enables and configures binary caching of content. |
|
Attaches a management policy when sending the asynchronous response to the client callback service. |
|
Attaches an MTOM policy when sending the asynchronous response to the client callback service. |
|
Attaches one or more policy sets to the callback client of the asynchronous web service that will connect to the callback service. |
|
Attaches a security policy when sending the asynchronous response to the client callback service. |
|
Enables and configures Fast Infoset on callback client of the asynchronous web service that will connect to the callback service. |
|
Enables Fast Infoset on a web service. |
|
Enables and configures SOAP over JMS transport for JAX-WS web service clients. |
|
Enables and configures SOAP over JMS transport for JAX-WS web services. |
|
Attaches a management policy to the web service. |
|
Configures the maximum size, in bytes, of the request message that can be sent to the web service. |
|
Enables the exchange of metadata. |
|
Enables the use of Message Transmission Optimization Mechanism (MTOM) on the web service. |
|
Enables the creation of MTOM-enabled SOAP fault messages when MTOM is enabled. |
|
Attaches an MTOM policy to the web service. |
|
Configures the secure conversation session persistence mechanism for the web service. |
|
Attaches a single policy to a subject, and optionally overrides configuration property values. |
|
Defines a set of policy references, and optionally overrides unscoped configuration property values. |
|
Enables an endpoint to receive non-SOAP XML messages that are processed by a user defined |
|
Specifies a single property that can be used to override the configuration of one or more policies. |
|
Attaches the |
|
Attaches the |
|
Enables the web service endpoint. |
|
Enables validation of request messages against the schema. |
|
Specifies an array of |
|
Specifies an array of |
|
Attaches a security policy to the request or response SOAP message. |
|
Attaches a security policy to the request or response SOAP message. |
|
Enables the processing of SOAP requests on a web service endpoint. |
|
Enables the Web Service Test Client. |
|
Enables the WSDL for the web service. |
|
Sets the logging level for diagnostic logs for the web service endpoint. |
Oracle web services includes the following security and policy annotations:
The javax.xml.ws.soap.Addressing
annotation specifies the use of WS-Addressing with either the SOAP 1.1/HTTP or SOAP 1.2/HTTP binding.
The following table defines the attributes that can be passed to the javax.xml.ws.soap.Addressing
annotation.
Table A-2 Attributes for javax.xml.ws.soap.Addressing Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether the endpoint supports WS-Addressing. |
|
|
Boolean value that specifies whether WS-Addressing headers are required to be present on the incoming message. |
|
|
Value that specifies whether the endpoint requires the use of anonymous, non-anonymous, or all types of responses. Valid values, defined by
|
|
The com.oracle.webservices.api.tx.at.AtomicTransaction
annotation enables web services atomic transactions. For more information, see "Using Web Services Atomic Transactions" in Developing Oracle Infrastructure Web Services.
Note:
This annotation applies to Oracle Infrastructure web services only.The following table defines the attributes that can be passed to the com.oracle.webservices.api.tx.at.AtomicTransaction
annotation.
Table A-3 Attributes for com.oracle.webservices.api.tx.at.AtomicTransaction Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the feature is enabled. |
|
|
Whether the web services atomic transaction coordination context is passed with the transaction flow. Valid values, defined by
For more information about the valid values, see "Configuring Web Service Atomic Transactions" in Developing Oracle Infrastructure Web Services. |
|
|
Version of the web services atomic transaction coordination context that is supported for the SOA service or reference. For SOA references, it specifies the version used for outbound messages only. The value specified must be consistent across the entire transaction. Valid values, defined by
For more information about the valid values, see "Configuring Web Service Atomic Transactions" in Developing Oracle Infrastructure Web Services. |
|
The com.oracle.webservices.api.CacheBinaryContent
annotation enables and configures binary caching of content.
Note:
This annotation applies to Oracle Infrastructure web services only.The following table defines the attributes that can be passed to the com.oracle.webservices.api.CacheBinaryContent
annotation.
Table A-4 Attributes for com.oracle.webservices.api.CacheBinaryContent Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that defines one of the following values:
|
|
|
Boolean value that specifies whether or not the feature is enabled. |
|
|
Value that specifies the runtime requirements of XTI scalable DOM in OraSAAJ. Valid values, defined by
|
|
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.CallbackPolicySet
annotation, as described in "@CallbackPolicySet".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.CallbackManagementPolicy
annotation attaches a management policy when sending the asynchronous response to the client callback service.
This annotation is applicable to asynchronous web service implementation classes that are annotated with the oracle.webservices.annotations.async.AsyncWebService
annotation, as described in "Developing an Asynchronous Web Service" in Developing Oracle Infrastructure Web Services.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.async.CallbackManagementPolicy
annotation.
Table A-5 Attributes for oracle.webservices.annotations.async.CallbackManagementPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the WS-Policy file. Use the |
"" |
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.CallbackPolicySet
annotation, as described in "@CallbackPolicySet".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.async.CallbackMtomPolicy
annotation attaches an MTOM policy when sending the asynchronous response to the client callback service.
This annotation is applicable to asynchronous web service implementation classes that are annotated with the oracle.webservices.annotations.async.AsyncWebService
annotation, as described in "Developing an Asynchronous Web Service" in Developing Oracle Infrastructure Web Services.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.async.CallbackMtomPolicy
annotation.
Table A-6 Attributes for oracle.webservices.annotations.async.CallbackMtomPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the MTOM policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The oracle.wsm.metadata.annotation.CallbackPolicySet
annotation defines a set of policy references for the callback service, and optionally overrides unscoped configuration property values.
The following table defines the attributes that can be passed to the oracle.wsm.metadata.annotation.CallbackPolicySet
annotation.
Table A-7 Attributes for oracle.wsm.metadata.annotation.CallbackPolicySet Annotation
Attribute | Description | Default |
---|---|---|
|
List of |
"" |
|
List of |
"" |
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.CallbackPolicySet
annotation, as described in "@CallbackPolicySet".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.async.CallbackSecurityPolicy
annotation attaches a security policy when sending the asynchronous response to the client callback service.
This annotation is applicable to asynchronous web service implementation classes that are annotated with the oracle.webservices.annotations.async.AsyncWebService
annotation, as described in "Developing an Asynchronous Web Service" in Developing Oracle Infrastructure Web Services.
The following table summarizes the attributes that you can pass to the oracle.webservices.annotations.async.CallbackSecurityPolicy
annotation.
Table A-8 Attributes for oracle.webservices.annotations.async.CallbackSecurityPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Optional. Boolean value that specifies whether the policy is enabled. |
|
|
Optional. Array of property value-name pairs. |
"" |
|
Location from which to retrieve the WS-Policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.FastInfosetCallbackClient
annotation enables and configures Fast Infoset on the callback client of the asynchronous web service that will connect to the callback service.
For more information about developing asynchronous web services and callback clients, see "Developing Asynchronous Web Services" in Developing Oracle Infrastructure Web Services. For more information about Fast Infoset, see "Optimizing XML Transmission Using Fast Infoset" in Developing Oracle Infrastructure Web Services.
The following table defines the attributes that can be passed to the com.oracle.webservices.api.FastInfosetCallbackClient
annotation.
Table A-9 Attributes for com.oracle.webservices.api.FastInfosetCallbackClient Annotation
Attribute | Description | Default |
---|---|---|
|
Content negotiation strategy. Valid values, defined by
For more information, see:
|
|
|
Boolean value that specifies whether or not the feature is enabled. |
|
The com.oracle.webservices.api.FastInfosetService
annotation enables Fast Infoset on the web service.
For more information about Fast Infoset, see:
JAX-WS Web Services: "Optimizing XML Transmission Using Fast Infoset" in Developing JAX-WS Web Services for Oracle WebLogic Server.
Oracle Infrastructure Web Services: "Optimizing XML Transmission Using Fast Infoset" in Developing Oracle Infrastructure Web Services.
The com.oracle.webservices.api.jms.JMSTransportClient
annotation enables and configures SOAP over JMS transport for Oracle Infrastructure and JAX-WS (Java EE) web service clients.
Using SOAP over JMS transport, web services and clients communicate using JMS destinations instead of HTTP connections, offering the following benefits:
Reliability
Scalability
Quality of service
For more information about using SOAP over JMS transport, see "Using SOAP Over JMS Transport" in Developing JAX-WS Web Services for Oracle WebLogic Server.
Note:
SOAP over JMS transport is not compatible with the following web service features: reliable messaging and HTTP transport-specific security.For Oracle Infrastructure web services, SOAP over JMS transport is not compatible with asynchronous web services.
For information about the attributes that you can configure using the @JMSTransportClient
annotation, see "Configuring JMS Transport Properties" in Developing JAX-WS Web Services for Oracle WebLogic Server.
@JMSTransportClient ( destinationName="myQueue", replyToName="myReplyToQueue", jndiURL="t3://localhost:7001", jndiInitialContextFactory="weblogic.jndi.WLInitialContextFactory", jndiConnectionFactoryName="weblogic.jms.ConnectionFactory", timeToLive=1000, priority=1, messageType=com.oracle.webservices.api.jms.JMSMessageType.TEXT )
The com.oracle.webservices.api.jms.JMSTransportService
annotation enables and configures SOAP over JMS transport for Oracle Infrastructure and JAX-WS (Java EE) web services.
Using SOAP over JMS transport, web services and clients communicate using JMS destinations instead of HTTP connections, offering the following benefits:
Reliability
Scalability
Quality of service
For more information about using SOAP over JMS transport, see "Using SOAP Over JMS Transport" in Developing JAX-WS Web Services for Oracle WebLogic Server.
Note:
SOAP over JMS transport is not compatible with the following web service features: reliable messaging and HTTP transport-specific security.For Oracle Infrastructure web services, SOAP over JMS transport is not compatible with asynchronous web services.
For information about the attributes that you can configure using the @JMSTransportService
annotation, see "Configuring JMS Transport Properties" in Developing JAX-WS Web Services for Oracle WebLogic Server.
@JMSTransportService(destinationName="myQueue", activationConfig = { @ActivationConfigProperty( propertyName = "destinationType", propertyValue = "TOPIC"), @ActivationConfigProperty( propertyName = "subscriptionDurability", propertyValue = "Durable"), @ActivationConfigProperty(propertyName = "topicMessagesDistributionMode", propertyValue = "One-Copy-Per-Application")})
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.PolicyReference
annotation, as described in "@PolicyReference".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.ManagementPolicy
annotation attaches a management policy to the web service.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.ManagementPolicy
annotation.
Table A-11 Attributes for oracle.webservices.annotations.ManagementPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the WS-Policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.MaxRequestSize
annotation enables you to configure the maximum size, in bytes, of the request message that can be sent to the web service.
The following table defines the attributes that can be passed to the com.oracle.webservices.api.MaxRequestSize
annotation.
Table A-12 Attributes for com.oracle.webservices.api.MaxRequestSize Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Maximum size of the request message, in bytes. |
|
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.MEXRequestProcessingService
annotation enables the exchange of web service metadata.
The javax.xml.ws.soap.MTOM
annotation enables the use of Message Transmission Optimization Mechanism (MTOM) on the web service. MTOM defines a method for optimizing the transmission of XML data of type xs:base64Binary
or xs:hexBinary
in SOAP messages.
For more information, see:
"Optimizing Binary Data Transmission" in Developing JAX-WS Web Services for Oracle WebLogic Server
@MTOM
Javadoc at http://docs.oracle.com/javase/7/docs/api/javax/xml/ws/soap/MTOM.html
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.MTOMEncodeFaultService
annotation enables the creation of MTOM-enabled SOAP fault messages when MTOM is enabled.
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.PolicyReference
annotation, as described in "@PolicyReference".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.MtomPolicy
annotation attaches an MTOM policy to the web service.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.MtomPolicy
annotation.
Table A-16 Attributes for oracle.webservices.annotations.MtomPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the MTOM policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The oracle.webservices.annotations.Persistence
annotation configures the secure conversation session persistence mechanism for the web service.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.Persistence
annotation.
Table A-17 Attributes for oracle.webservices.annotations.Persistence Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Identifies the persistence provider registered in the system. Possible values are:
|
|
Note:
This annotation applies to Oracle Infrastructure web services and RESTful web services.The oracle.wsm.metadata.annotation.PolicyReference
annotation attaches a single policy to a subject, and optionally overrides configuration property values.
The following table defines the attributes that can be passed to the oracle.wsm.metadata.annotation.PolicyReference
annotation.
Table A-18 Attributes for oracle.wsm.metadata.annotation.PolicyReference Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
List of |
"" |
|
Location from which to retrieve the MTOM policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The oracle.wsm.metadata.annotation.PolicySet
annotation defines a set of policy references for the web service, and optionally overrides unscoped configuration property values.
The following table defines the attributes that can be passed to the oracle.wsm.metadata.annotation.PolicySet
annotation.
Table A-19 Attributes for oracle.wsm.metadata.annotation.PolicySet Annotation
Attribute | Description | Default |
---|---|---|
|
List of |
"" |
|
List of |
"" |
The com.oracle.webservices.api.POXHttpBindingService
annotation enables an endpoint to receive non-SOAP XML messages that are processed by a user defined javax.xml.ws.Provider<T>.invoke
method.
Note:
This annotation applies to Oracle Infrastructure web services only.Note:
This annotation applies to Oracle Infrastructure web services and RESTful web services.The oracle.wsm.metadata.annotation.Property
annotation defines a single property that can be used to override the configuration of one or more policies.
The following table defines the attributes that can be passed to the oracle.wsm.metadata.annotation.Property
annotation.
Table A-21 Attributes for oracle.wsm.metadata.annotation.Property Annotation
Attribute | Description | Default |
---|---|---|
|
List of |
"" |
|
List of |
"" |
Note:
This annotation has been deprecated. Oracle recommends that you use thecom.oracle.webservices.api.rm.ReliableMessaging
annotation, as described in "@ReliableMessaging".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.ReliabilityPolicy
annotation attaches the oracle/wsrm10_policy
or oracle/wsrm10_policy
reliable messaging policies to the web service.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.ReliabilityPolicy
annotation.
Table A-22 Attributes for oracle.webservices.annotations.ReliabilityPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the reliable messaging policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.rm.ReliableMessaging
annotation attaches the oracle/reliable_messaging_policy
policy to the web service.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.ReliableMessaging
annotation.
Table A-23 Attributes for oracle.webservices.annotations.ReliableMessaging Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Location from which to retrieve the reliable messaging policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.RequestProcessingService
annotation enables the web service endpoint to process incoming requests.
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.SchemaValidation
annotation enables the validation of request messages against the schema.
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.PolicySet
annotation, as described in "@PolicySet".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.SecurityPolicies
annotation specifies an array of oracle.webservices.annotations.SecurityPolicy
annotations. Use this annotation if you want to attach more than one WS-Policy file to a class.
For example:
@SecurityPolicies({ @SecurityPolicy(uri= "policy:oracle/wss10_username_token_with_message_protection_server_policy"), @SecurityPolicy(uri="policy:oracle/authorization_policy")
Note:
This annotation applies to Java EE web services only.The weblogic.wsee.jws.jaxws.owsm.SecurityPolicies
annotation specifies an array of weblogic.wsee.jws.jaxws.owsm.SecurityPolicy
annotations. Use this annotation if you want to attach more than one WS-Policy file to a class.
Note:
This annotation has been deprecated. Oracle recommends that you use theoracle.wsm.metadata.annotation.PolicyReference
annotation, as described in "@PolicyReference".
This annotation applies to Oracle Infrastructure web services only.
The oracle.webservices.annotations.SecurityPolicy
annotation attaches a security policy to the request or response SOAP message. This annotation can be used on its own to apply a single WS-Policy file to a class. If you want to apply more than one WS-Policy file to a class, use the @SecurityPolicies
annotation to group them together.
The following table summarizes the attributes that you can pass to the oracle.webservices.annotations.SecurityPolicy
annotation.
Table A-26 Attributes for oracle.webservices.annotations.SecurityPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Optional. Boolean value that specifies whether the policy is enabled. |
|
|
Optional. Array of property value-name pairs. |
"" |
|
Location from which to retrieve the WS-Policy file. Use the |
"" |
Note:
This annotation applies to Java EE web services only.The weblogic.wsee.jws.jaxws.owsm.SecurityPolicy
annotation attaches a security policy to the request or response SOAP message. This annotation can be used on its own to apply a single WS-Policy file to a class. If you want to apply more than one WS-Policy file to a class, use the @SecurityPolicies
annotation to group them together.
The following table summarizes the attributes that you can pass to the weblogic.wsee.jws.jaxws.owsm.SecurityPolicy
annotation.
Table A-27 Attributes for weblogic.wsee.jws.jaxws.owsm.SecurityPolicy Annotation
Attribute | Description | Default |
---|---|---|
|
Optional. Boolean value that specifies whether the policy is enabled. |
|
|
Location from which to retrieve the WS-Policy file. Use the |
"" |
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.SOAPRequestProcessingService
annotation enables the processing of SOAP requests on a web service endpoint.
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.TestPageProcessingService
annotation enables the Web Service Test Client, as described in "Using the Web Services Test Client" in Administering Web Services.
Note:
The procedures described in this section do not impact the availability of the Web Services Test link on the Web Service Endpoint page, which enables you to access the Fusion Middleware Control Test Web Service page. For more information, see "Using the Test Web Service Page in Fusion Middleware Control" in Administering Web Services.Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.WSDLRequestProcessingService
annotation enables access to the WSDL for the web service.
Note:
This annotation applies to Oracle Infrastructure web services only.The com.oracle.webservices.api.WSLoggingLevel
annotation sets the logging level for diagnostic logs for the web service endpoint.
The following table defines the attributes that can be passed to the oracle.webservices.annotations.WSLoggingLevel
annotation.
Table A-31 Attribute for oracle.webservices.annotations.WSLoggingLevel Annotation
Attribute | Description | Default |
---|---|---|
|
Boolean value that specifies whether or not the policy is enabled. |
|
|
Defines the logging level. Valid values include: SEVERE, WARNING, INFO, CONFIG, FINE, FINER, FINEST, or NULL. |
"" |