A WebSphere® Application Server service provider can share its current policy configuration through its Web Service Description Language (WSDL). The policy configuration is in standard WSDL WS-PolicyAttachment format so that it can be shared with other clients, service registries, or services that support the Web Services Policy (WS-Policy) specification.
System administrators can also access a WSDL document through a published compressed file with a .zip file extension, using the administrative console or administrative commands. However, a WSDL document acquired in this way might differ from a WSDL document acquired using an HTTP GET request or through the WS-MetadataExchange protocol, because the static WSDL document published in the compressed file will not have been able to take into account any web service features, annotations or deployment descriptor elements which may exist in the application code, such as WS-Addressing annotations.
By default, policy sharing is off. To include the policy configuration of the service provider in the WSDL, and specify how it is shared, you can use the administrative console or wsadmin commands.
When policy sharing is on, any WS-Policy attachments that were in the WSDL previously are removed. Note that policy configuration information becomes available in the WSDL to publish, but it is not available if you view the WSDL document directly from the administrative console or if you publish the WSDL remotely by using an administrative agent.
A service provider that is configured to use Security Assertion Markup Language (SAML) can share policy for use by a WebSphere Application Server client or a service registry. Note that the SAML tokens are published in a proprietary format.
Application developers can specify that a service provider shares its policy configuration, and how it is shared, by using Rational® Application Developer tools when a web service is generated. For more information, see the Rational Application Developer documentation.
Transport policy information is not included in the policy configuration because transport policies such as HTTP, SSL, and JMS cannot be expressed in WS-PolicyAttachment format.
Bootstrap policy information, for example, the policy to access a WS-Trust service, can be included in the policy configuration if the bootstrap policy is expressed in standard, publishable WS-PolicyAttachment format.
You can configure a service provider to share its policy configuration at application or service level. The policy configuration that is represented by the policy sets attached to any earlier levels will also be shared. Policy sets that are attached at earlier levels override the policy set configuration attached at a later level.