Perform authorization against list of users | Boolean. Authorizes consumers against a list of users who are registered in the Integration Server on which Mediator is running. Specify one or more users in the fields below this option. |
Perform authorization against list of groups | Boolean. Authorizes consumers against a list of groups who are registered in the Integration Server on which Mediator is running. Specify one or more groups in the fields below this option. |
Anonymous Usage Allowed | Boolean. Specifies whether to allow all users to access the asset, without restriction. | |
Value | Description | |
False | Default. Allows only the users specified in the Identify User Using parameter to access the assets. | |
True | Allow all users to access the asset. In this case, do not configure the Identify User Using parameter. | |
Identify User Using | String. Specifies the kind of consumer identifier that the action uses to identify consumer applications. | |
Value | Description | |
IP Address | Identifies one or more consumer applications based on their originating IP addresses. | |
Host Name | Identifies consumer applications based on a host name. | |
HTTP Authentication Token | Uses HTTP Basic authentication to verify the consumer's authentication credentials contained in the request's Authorization header. Mediator authorizes the credentials against the list of consumers available in the Integration Server on which Mediator is running. This type of consumer authentication is referred to as preemptive authentication. If you want to use preemptive authentication, you should also include the action Require HTTP Basic Authentication in the policy. If you select to omit Require HTTP Basic Authentication, the client is presented with a security challenge. If the client successfully responds to the challenge, the user is authenticated. This type of consumer authentication is referred to as non-preemptive authentication. Note: If you select the value HTTP Authentication Token, do not include the Authorize Against Registered Consumers action in the policy. This is an invalid combination. | |
WS-Security Authentication Token | Validate user names and passwords that are transmitted in the SOAP message header in the WSS Username Token. If you select this value, you should also include the action Require WSS Username Token in the policy. | |
Custom Identification | Validates consumer applications based on an XML element (represented by an XPath expression). | |
Consumer Certificate | Identifies consumer applications based on information in a WSS X.509 certificate. If you select this value, you should also include the action Require WSS X.509 Token or the action Require Signing in the policy. | |
Client Certificate for SSL Connectivity | Validates the client's certificate that the consumer application submits to the asset in CentraSite. The client certificate that is used to identify the consumer is supplied by the client to the Mediator during the SSL handshake over the transport layer. In order to identify consumers by transport-level certificates, the run-time communication between the client and the Mediator must be over HTTPS and the client must pass a valid certificate. To use this option, the following prerequisites must be met: In Integration Server, create a keystore and truststore, as described in webMethods Integration Server Administrator’s Guide. In Integration Server, create an HTTPS port, as described in webMethods Integration Server Administrator’s Guide. Configure Mediator by setting the IS Keystore and IS Truststore parameters, as described in t Administering webMethods Mediator. Configure Mediator by setting the HTTPS Ports Configuration parameter, as described in Administering webMethods Mediator. |
Log the Following Payloads | String. Optional. Specifies whether to log all request payloads, all response payloads, or both. | |
Value | Description | |
Request | Log all request payloads. | |
Response | Log all response payloads. | |
Log Generation Frequency | String. Specifies how frequently to log the payload. | |
Value | Description | |
Always | Log all requests and responses. | |
On Success | Log only the successful responses and requests. | |
On Failure | Log only the failed requests and responses. | |
Send Data To | String. Specifies where to log the payload. Important: Ensure that Mediator is configured to log the payloads to the destination(s) you specify here. For details about alerts and transaction logging, see Administering webMethods Mediator. | |
Value | Description | |
CentraSite | Logs the payloads in the virtual service's Events profile in CentraSite. Prerequisite: You must configure Mediator to communicate with CentraSite (in the Integration Server Administrator, go to Solutions > Mediator > Administration > CentraSite Communication). For the procedure, see Administering webMethods Mediator. | |
Local Log | Logs the payloads in the server log of the Integration Server on which Mediator is running. Also select a value in the Log Level field: Info: Logs error-level, warning-level, and informational-level alerts. Warn: Logs error-level and warning-level alerts. Error: Logs only error-level alerts. Important: The Integration Server Administrator's logging level for Mediator should match the logging level specified for this action (go to Settings > Logging > Server Logger). | |
SNMP | Logs the payloads in CentraSite's SNMP server or a third-party SNMP server. Prerequisite: You must configure the SNMP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > SNMP). For the procedure, see Administering webMethods Mediator. | |
Email | Sends the payloads to an SMTP email server, which sends them to the email address(es) you specify here. Mediator sends the payloads as email attachments that are compressed using gzip data compression. To specify multiple addresses, use the plus button to add rows. Prerequisite: You must configure the SMTP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
Audit Log | Logs the payloads in the Integration Server audit logger. For more information about logging, see the webMethods Audit Logging Guide. Note: If you expect a high volume of events in your system, it is recommended that you select the Audit Log destination for this action. | |
EDA/Database | Logs the payloads in an EDA endpoint or Database destination that you configured in Integration Server Administrator: An EDA endpoint (that is, a default endpoint configured in the universal messaging configuration). A Database (that is, a JDBC connection pool is defined in Integration Server and associated with the Mediator functional alias). Prerequisite: You must configure the EDA/Database destination in Integration Server on the Solutions > Mediator > Administration > EDA/Database Configuration page. For details, see Administering webMethods Mediator. |
Action Configuration parameters | Specify one or more conditions to monitor. To do this, specify a metric, operator, and a value for each metric. To specify multiple conditions, use the plus button to add multiple rows. If multiple parameters are used, they are connected by the AND operator. | |
Name | String Array. The metrics to monitor. | |
Value | Description | |
Availability | Indicates whether the service was available to the specified consumers in the current interval. | |
Average Response Time | The average amount of time it took the service to complete all invocations in the current interval. Response time is measured from the moment Mediator receives the request until the moment it returns the response to the caller. You can specify a value to monitor if the response time is within the set limit or take required steps. For example, if you specify 2 seconds, a monitoring alert will be generated if the response time exceeds 2 seconds during the current interval. | |
Fault Count | The number of faults returned in the current interval. You can specify a number exceeding which an alert will be generated indicate that necessary actions to taken to control the fault count. For example, if you specify 5 in this field, a monitoring alert will be generated if the fault count exceeds 5 during the current interval. | |
Maximum Response Time | The maximum amount of time to respond to a request in the current interval. You can specify a value to monitor if the response time does not exceed the time provided. A monitoring alert will be generated if the maximum time taken to respond is exceeded. | |
Minimum Response Time | The minimum amount of time to respond to a request in the current interval. | |
Successful Request Count | The number of successful requests in the current interval. | |
Total Request Count | The total number of requests (successful and unsuccessful) in the current interval. | |
Operator | String Array. Select an appropriate operator. | |
Value | String Array. Specify an appropriate value. | |
Alert parameters | Object. Specify the following parameters for the alerts that reports on the conditions: | |
Alert Interval | Number. The time period (in minutes) in which to monitor performance before sending an alert if a condition is violated. | |
Alert Frequency | String. Specifies how frequently to issue alerts for the counter-based metrics (Total Request Count, Success Count, Fault Count). | |
Value | Description | |
Every Time | Issue an alert every time one of the specified conditions is violated. | |
Only Once | Issue an alert only the first time one of the specified conditions is violated. | |
Reply to Destination | String. Specifies where to send the alerts. Important: Ensure that Mediator is configured to send event notifications to the destination(s) you specify here. For details, see Administering webMethods Mediator | |
Value | Description | |
CentraSite | Sends the alerts to the virtual service's Events profile in CentraSite. Prerequisite: You must configure Mediator to communicate with CentraSite (in the Integration Server Administrator, go to Solutions > Mediator > Administration > CentraSite Communication). For the procedure, see Administering webMethods Mediator. | |
Local Log | Sends the alerts to the server log of the Integration Server on which Mediator is running. Also select a value in the Log Level field: Info: Logs error-level, warning-level, and informational-level alerts. Warn: Logs error-level and warning-level alerts. Error: Logs only error-level alerts. Important: The Integration Server Administrator's logging level for Mediator should match the logging level specified for this action (go to Settings > Logging > Server Logger). | |
SNMP | Sends the alerts to CentraSite's SNMP server or a third-party SNMP server. Prerequisite: You must configure the SNMP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
Email | Sends the alerts to an SMTP email server, which sends them to the email address(es) you specify here. To specify multiple addresses, use the plus button to add rows. Prerequisite: You must configure the SMTP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
EDA/Database | Sends the alerts to an EDA endpoint/Database destination that you configured in Integration Server Administrator: An EDA endpoint (that is, a default endpoint configured in the universal messaging configuration). A Database (that is, a JDBC connection pool is defined in Integration Server and associated with the Mediator functional alias). Prerequisite: You must configure the EDA/Database destination in Integration Server on the Solutions > Mediator > Administration > EDA/Database Configuration page. For details, see Administering webMethods Mediator. | |
Alert Message | String. Optional. Specify a text message to include in the alert. |
Action Configuration parameters | Specify one or more conditions to monitor. To do this, specify a metric, operator, and value for each metric. To specify multiple conditions, use the plus button to add multiple rows. If multiple parameters are used, they are connected by the AND operator. | |
Name | String Array. The metrics to monitor. | |
Value | Description | |
Availability | Indicates whether the service was available to the specified consumers in the current interval. | |
Average Response Time | The average amount of time it took the service to complete all invocations in the current interval. Response time is measured from the moment Mediator receives the request until the moment it returns the response to the caller. You can specify a value to monitor if the response time is within the set limit or take required steps. For example, if you specify 2 seconds, a monitoring alert will be generated if the response time exceeds 2 seconds during the current interval. | |
Fault Count | The number of faults returned in the current interval. You can specify a number exceeding which an alert will be generated indicate that necessary actions to taken to control the fault count. For example, if you specify 5 in this field, a monitoring alert will be generated if the fault count exceeds 5 during the current interval. | |
Maximum Response Time | The maximum amount of time to respond to a request in the current interval. You can specify a value to monitor if the response time does not exceed the time provided. A monitoring alert will be generated if the maximum time taken to respond is exceeded. | |
Minimum Response Time | The minimum amount of time to respond to a request in the current interval. | |
Successful Request Count | The number of successful requests in the current interval. | |
Total Request Count | The total number of requests (successful and unsuccessful) in the current interval. | |
Operator | String Array. Select an appropriate operator. | |
Value | String Array Specify an appropriate value. | |
Alert for Consumer Applications | Object Array. Specify the Application asset(s) to which this Service Level Agreement applies. To specify multiple Application assets, use the plus button to add multiple rows. | |
Alert parameters | Object. Specify the following parameters for the alerts that reports on the Service Level Agreement conditions: | |
Alert Interval | Number. The time period (in minutes) in which to monitor performance before sending an alert if a condition is violated. | |
Alert Frequency | String. Specifies how frequently to issue alerts for the counter-based metrics (Total Request Count, Success Count, Fault Count). | |
Value | Description | |
Every Time | Issue an alert every time one of the specified conditions is violated. | |
Only Once | Issue an alert only the first time one of the specified conditions is violated. | |
Rule Expiration Date | String. Specifies the date on which this Service Monitoring Performance action expires, in format MM/DD/YYYY. | |
Reply to Destination | String. Specifies where to log the alert. Important: Ensure that Mediator is configured to send event notifications to the destination(s) you specify here. For details, see Administering webMethods Mediator. | |
Value | Description | |
CentraSite | Sends the alerts to the virtual service's Events profile in CentraSite. Prerequisite: You must configure Mediator to communicate with CentraSite (in the Integration Server Administrator, go to Solutions > Mediator > Administration > CentraSite Communication). For the procedure, see Administering webMethods Mediator. | |
Local Log | Sends the alerts to the server log of the Integration Server on which Mediator is running. Also select a value in the Log Level field: Info: Logs error-level, warning-level, and informational-level alerts. Warn: Logs error-level and warning-level alerts. Error: Logs only error-level alerts. Important: The Integration Server Administrator's logging level for Mediator should match the logging level specified for this action (go to Settings > Logging > Server Logger). | |
SNMP | Sends the alerts to CentraSite's SNMP server or a third-party SNMP server. Prerequisite: You must configure the SNMP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
Email | Sends the alerts to an SMTP email server, which sends them to the email address(es) you specify here. To specify multiple addresses, use the plus button to add rows. Prerequisite: You must configure the SMTP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
EDA/Database | Sends the alerts to an EDA endpoint/Database destination that you configured in Integration Server Administrator: An EDA endpoint (that is, a default endpoint configured in the universal messaging configuration). A Database (that is, a JDBC connection pool is defined in Integration Server and associated with the Mediator functional alias). Prerequisite: You must configure the EDA/Database destination in Integration Server on the Solutions > Mediator > Administration > EDA/Database Configuration page. For details, see Administering webMethods Mediator. | |
Alert Message | String. Optional. Specify a text message to include in the alert. |
Namespace | String. Optional. Namespace of the element required to be encrypted. Note: Enter the namespace prefix in the following format: xmlns:<prefix-name> . For example: xmlns:soapenv. The generated XPath element in the policy should look similar to this: <sp:SignedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-security policy/200702"> <sp:XPath xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> //soapenv:Body</sp:XPath> </sp:SignedElements> |
Element Required to be Encrypted | String. An XPath expression that represents the XML element that is required to be encrypted. |
Authenticate Credentials | Required. Authorizes consumers against the list of consumers available in the Integration Server on which Mediator is running. |
Namespace | String. Optional. Namespace of the element required to be signed. Note: Enter the namespace prefix in the following format: xmlns:<prefix-name> . For example: xmlns:soapenv. The generated XPath element in the policy should look similar to this: <sp:SignedElements xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-security policy/200702"> <sp:XPath xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> //soapenv:Body</sp:XPath> </sp:SignedElements> |
Element Required to be Signed | String. An XPath expression that represents the XML element that is required to be signed. |
Client Certificate Required | Boolean. Specifies whether client certificates are required for the purposes of: Verifying the signature of signed SOAP requests or decrypting encrypted SOAP requests. Signing SOAP responses or encrypting SOAP responses. | |
Value | Description | |
Yes | Require client certificates. | |
No | Default. Do not require client certificates. |
SAML Subject Confirmation | String. Select one of the following SAML subject confirmation methods: | |
Value | Description | |
Holder of Key | Default. Select this option if consumers use the SAML V1.1 or V2.0 Holder-of-Key Web Browser SSO Profile, which allows for transport of holder-of-key assertions. In this scenario, the consumer presents a holder-of-key SAML assertion acquired from its preferred identity provider to access a web-based resource at a service provider. If you select Holder of Key, Mediator also implicitly selects the timestamp and signing assertions to the virtual service definition (VSD). Thus, you should not add the Require Timestamps and Require Signing policy actions to a virtual service if the Require WSS SAML Token action is already applied. | |
Bearer | Select this option if consumers use SAML V1.1 Bearer token authentication, in which a Bearer token mechanism relies upon bearer semantics as a means by which the consumer conveys to Mediator the sender's identity. If you select Bearer, the timestamp and signing assertions are added to the virtual service definition (VSD). Note: If consumers use SAML 2.0 Sender-Vouches tokens, configure your system as described in Administering webMethods Mediator. | |
SAML Version | String. Specifies the WSS SAML Token version to use: 1.1 or 2.0. |
Soft Limit | Number. Optional. Specifies the maximum number of invocations allowed per Interval before issuing an alert. Reaching the soft limit does not affect further processing of requests (until the Hard Limit is reached). Note: The limit is reached when the total number of invocations coming from all the consumer applications (specified in the Limit Traffic for Applications field) reaches the limit. Soft Limit is computed in an asynchronous manner; thus when multiple requests are made at the same time, it may be possible that the Soft Limit alert does not be strictly accurate. | |
Hard Limit | Number. Required. Specifies the maximum number of invocations allowed per alert interval before stopping the processing of further requests and issuing an alert. Typically, this number should be higher than the soft limit. Note: The limit is reached when the total number of invocations coming from all the consumer applications (specified in the Limit Traffic for Applications field) reaches the limit. Hard Limit is computed in an asynchronous manner; thus when multiple requests are made at the same time, it may be possible that the Hard Limit alert does not be strictly accurate. | |
Limit Traffic for Applications | String. Specifies the consumer application(s) that this action applies to. To specify multiple consumer applications, use the plus button to add rows, or select Any Consumer to apply this action to any consumer application. | |
Interval | Number. Specifies the amount of time for the soft limit and hard limit to be reached. | |
Frequency | String. Specifies how frequently to issue alerts. | |
Value | Description | |
Every Time | Issue an alert every time the specified condition is violated. | |
Only Once | Issue an alert only the first time the specified condition is violated. | |
Reply To Destination | String. Optional. Specifies where to log the alerts. Important: Ensure that Mediator is configured to send event notifications to the destination(s) you specify here. For details, see Administering webMethods Mediator. | |
Value | Description | |
CentraSite | Sends the alerts to the virtual service's Events profile in CentraSite. Prerequisite: You must configure Mediator to communicate with CentraSite (in the Integration Server Administrator, go to Solutions > Mediator > Administration > CentraSite Communication). For the procedure, see Administering webMethods Mediator. | |
Local Log | Sends the alerts to the server log of the Integration Server on which Mediator is running. Also select a value in the Log Level field: Info: Logs error-level, warning-level, and informational-level alerts. Warn: Logs error-level and warning-level alerts. Error: Logs only error-level alerts. Important: The Integration Server Administrator's logging level for Mediator should match the logging level specified for this action (go to Settings > Logging > Server Logger). | |
SNMP | Sends the alerts to CentraSite's SNMP server or a third-party SNMP server. Prerequisite: You must configure the SNMP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
Email | Sends the alerts to an SMTP email server, which sends them to the email address(es) you specify here. To specify multiple addresses, use the plus button to add rows. Prerequisite: You must configure the SMTP server destination (in the Integration Server Administrator, go to Solutions > Mediator > Administration > Email). For the procedure, see Administering webMethods Mediator. | |
EDA/Database | Sends the alerts to an EDA endpoint/Database destination that you configured in Integration Server Administrator: An EDA endpoint (that is, a default endpoint configured in the universal messaging configuration). A Database (that is, a JDBC connection pool is defined in Integration Server and associated with the Mediator functional alias). Prerequisite: You must configure the EDA/Database destination in Integration Server on the Solutions > Mediator > Administration > EDA/Database Configuration page. For details, see Administering webMethods Mediator. | |
Alert Message for Soft Limit | String. Optional. Specify a text message to include in the soft limit alert. | |
Alert Message for Hard Limit | String. Optional. Specify a text message to include in the hard limit alert. |
Validate SOAP Message(s) | Object. Validates request and response messages. You may select both Request and Response. | |
Value | Description | |
Request | Validate all requests. | |
Response | Validate all responses. |