The Reliable Asynchronous Message Profile (WS-I RSP) default policy
sets are based on the Reliable Asynchronous Message Profile specification.
The WS-I RSP default policy sets include the WS-I RSP default policy set,
the Lightweight Third-Party Authentication (LTPA) WS-I RSP default policy
set and the Username WS-I RSP default policy set. You can use these policy
sets to simplify your web services configuration.
The WS-I RSP default policy sets are composed of a set of policies to
provide reliable and secure web services. The WS-I RSP default policy sets
use the WS-Addressing, WS-ReliableMessaging, and WS-Security specifications.
Use the WS-I RSP default policy set, the LTPA WS-I RSP default policy set,
or the Username WS-Security WS-I RSP default policy set as provided with the
application server. To customize the policy sets, you must first copy the
policy set, and then configure custom policy settings and bindings to meet
your needs.
The WS-I RSP default policy sets include the following policies:
- WS-Addressing policy
- You can use the WS-Addressing policy to enable the addressing capability
of the WS-Addressing specification.
- WS-ReliableMessaging policy
- You can use the WS-ReliableMessaging policy to specify the quality of
service for reliable delivery.
- WS-Security policy
- The WS-Security policy in the WS-I RSP default policy set provides the
following security:
- Message integrity through digital signature that includes signing the
body, time stamp, WS-Addressing headers and WS-ReliableMessaging headers using
the WS-SecureConversation and WS-Security specifications.
- Confidentiality through encryption that includes encrypting the body,
signature elements, using the WS-SecureConversation and WS-Security specifications.
- Traditional RSA cryptography is used to secure a request to a Trust Server
to obtain a Secure Context Token (SCT). Thereafter, the conversation is secured
using symmetric keys derived from the SCT.
The application server provides additional policy sets that you can use
or customize. To use the following default policy sets, you must import the
policy sets from the default repository. Read about importing policy sets
using the administrative console for more information.
The following WS-I RSP default policy sets exist:
- WS-I RSP default
- This policy set provides:
- Reliable message delivery to the intended receiver by enabling WS-ReliableMessaging.
- Message integrity through digital signature that includes signing the
body, time stamp, WS-Addressing headers and WS-ReliableMessaging headers using
the WS-SecureConversation and WS-Security specifications.
- Confidentiality through encryption that includes encrypting the body,
signature elements, using the WS-SecureConversation and WS-Security specifications.
- LTPA WS-I RSP default
- This policy set provides the WS-I RSP default policy set and adds a Lightweight
Third Party Authentication (LTPA) token included in the request message to
authenticate the client to the service.
- Username WS-I RSP default
- This policy set provides the WS-I RSP default policy set and adds a username
token included in the request message to authenticate the client to the service.
The username token is encrypted in the request.