Use policy sets, or assertions, to define system service operations,
for your Web services security configuration. Whenever you create a new policy
set, you must add policy types to the policy set. You can add HTTP Transport,
WS-Addressing, WS-Security, and SSL Transport policy types to the system policy
set collection.
Before you begin
A policy set specifies a set of common message policy assertions
that can be specified within a policy. For example, a policy set can define
general security policy assertions that apply to other protocols such as Web
Services Security (WS-Security), SOAP messages, Web Services Trust (WS-Trust),
and Web Services Secure Conversation (WS-SecureConversation).
Important: Use
system policy sets with the trust service only. The requestor (client) must
utilize Java API for XML-Based Web Services (JAX-WS) only. Requestors which
use Java API for XML-based remote procedure calls (JAX-RPC) are incompatible
with the policy set QOS.
About this task
Use the system policy sets to configure access to the WebSphere
Application Server trust service. You can create and define a custom system
policy set.
Procedure
- Using the administrative console, click Services > Policy sets
> System policy sets .
- To create a system policy set and add a policy type, click New.
- Enter a name for the policy set in the Name field.
The name must be unique for the new system policy set. For example:
EcommerceTrustServiceSecurity
- Enter a brief description of the policy set in the Description field.
This description displays in the System Policy Sets collection. The
description should be descriptive enough for you and other potential users
to identify the policy set.
- Click Apply to apply the name and description information.
- Click Add to add a trust policy by selecting one from the
policies listed. The following policies are available to use for
system policy sets:
- HTTP transport - for HTTP transport policies
- SSL transport - for HTTPS transport policies
- WS-Addressing - for endpoint addressing policies
- WS-Security - for secure SOAP messages policies
- Click Save to save directly to the master configuration.
Results
You have provided the basic information to create or modify a policy
set. You can also create a new or update an existing policy set for the WebSphere
Application Server trust service using the wsadmin tool. The wsadmin tool
examples are written in the Jython scripting language.
What to do next
After creating or modifying a system policy set and adding the policy
types, attach the policy set to an endpoint operation or attach it to one
of the trust service default operations.