Create policy sets to centrally manage policies that are customized
for your Web services. Use the wsadmin tool, which supports the Jython and
Jacl scripting languages, to create new policy sets or copy existing policy
sets. You can also query for an existing policy set and respective attributes.
About this task
There are two ways to create a new policy set using the wsadmin
tool. You can create a new policy set and its configuration, or you can copy
an existing policy set. If you copy an existing policy set, you can transfer
the policies and attachments that are configured on the existing policy set.
When you create a new policy set, you must add policies. The command examples
in this topic use batch mode syntax. You can use the -interactive option with
all commands in the PolicySetManagement group.
Procedure
- Create a new policy set using the Jython scripting
language.
- Determine the policy requirements for your Web services.
- Enter the command syntax to create a new policy set with a given
name.
Based on your configuration, there are two types of policy
sets to create. You can use both application and system policy
sets with Java API for XML-Based Web Services (JAX-WS) applications. Use the
-policySetType parameter to specify the type of policy set. To create an application
policy set, specify application for the value of the -policySetType
parameter. To create a policy set for the trust service, specify system/trust for
the -policySetType parameter. The -policySetType parameter is optional. The
wsadmin tool creates an application policy set if the -policySetType parameter
is not specified.
Enter the following command to create an application
policy set:
AdminTask.createPolicySet('[-policySet PolicySet1
-description policySet_description]')
Enter the following
command to create a policy set for the trust service:
AdminTask.createPolicySet('[-policySet PolicySet1
-description policySet_description -policySetType system/trust]')
The command returns a success or failure message.
- Add policies for your new policy set. Use this step
to add a policy with default values for the specified policy set.
Enter
the following command to add and enable a policy:
AdminTask.addPolicyType('[-policySet PolicySet1
-policyType policyType_name]')
Enter the following
command to add and disable a policy. Your configuration changes are contained
within the policy set, but will have no effect on the system if the -enabled
parameter is set to
false.
AdminTask.addPolicyType('[-policySet PolicySet1
-policyType policyType_name -enabled false]')
The command returns a success or failure message. Repeat this
step to create additional policies for your configuration.
- Save the configuration changes.
Enter the following
command to save your changes:
AdminConfig.save()
- Copy an existing policy set using the Jython scripting
language.
- Determine the policy requirements for your Web services.
- Enter the command syntax to copy an existing policy set:
Set the -transferAttachments parameter to true to transfer
the attachments from the existing policy set to the new policy set. The default
value for the -transferAttachments parameter is false.
Enter
the following command to create the new policy set and to transfer the attachments
of the existing policy set:
AdminTask.copyPolicySet('[-sourcePolicySet existingPolicySet_name
-newPolicySet PolicySet1 -newDescription PolicySet1_description
-transferAttachments true]')
The
command returns a success or failure message.
- Save the configuration changes.
Enter the following
command to save your changes:
AdminConfig.save()
Results
If you receive a success message after entering the commands, you
can now manage a policy set that is customized for your Web services applications.
You can further configure the policy set and policies.
What to do next
Use the
validatePolicySet command to validate your policy
set configurations after modifying attributes for policies. For example, enter
the following command to validate the
PolicySet1 policy set:
AdminTask.validatePolicySet('-policySet PolicySet1')