Built-in WSS Support for Policies and Policy Attachments
Presto supports the following policy framework and attachment specifications:
Web Services Policy Framework 1.2
Web Services Policy Attachments 1.2
Both specifications have been submitted to the W3C for adoption as standards, a work in progress. For schema information on the 1.2 standards, see
http://schemas.xmlsoap.org/ws/2004/09/policy/. For information on W3C policy drafts based on these specifications, see
http://www.w3.org/2002/ws/policy/.
Out of the box, Presto can generate one SOAP header for policies and attachments in these cases:
Policies must be defined in the primary WSDL for a WSDL web service.
Policies
cannot be defined in imported fragments or referenced by absolute URLs.
A policy
must be defined at the global level in the WSDL for the entire web service, as a direct child of the <definitions> element. Policies for other service components are not supported 'out of the box.'
Only one policy can apply to a WSDL web service component. Policy merges are not supported.
A WSDL for a web service might look something like this:
<?xml version="1.0" encoding="utf-8"?>
<definitions name="SomeServiceDefinition"
targetNamespace="http://someCompany.com/webServices/SomeService"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:s0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-wssecurity-utility-1.0.xsd"
xmlns:s1="http://someCompany.com/webServices/SomeService"
xmlns:s2="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:UsingPolicy n1:Required="true"
xmlns:n1="http://schemas.xmlsoap.org/wsdl/"/>
<wsp:Policy s0:Id="authPolicy">
<wssp:Identity xmlns:wssp="http://www.softwareag.com/presto10/security/policy">
<wssp:SupportedTokens>
<wssp:SecurityToken
TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-
wss-x509-token-profile-1.0#X509v3"/>
</wssp:SupportedTokens>
</wssp:Identity>
</wsp:Policy>
<types>
...