CloudStreams 10.15 | webMethods CloudStreams Documentation | Administering webMethods CloudStreams | Deploying Virtual Services and Connector Virtual Services | What Happens When You Deploy a Service? | Policy Conflict Resolution Rules
 
Policy Conflict Resolution Rules
When the combined list of actions is evaluated, policy conflicts can arise due to multiple authentication or authorization actions. Conflicts between these actions are resolved as follows.
Action Type
Resolution
Authentication actions:
*Require HTTP Basic Authentication
*Require WSS Username Token
*Require X.509 Token
*Require SAML Token
One occurrence of each authentication action that appears in the list is chosen.
Authorization actions:
*Authorize User
All occurrences of authorization actions are chosen.
The Policy Conflict Resolution rules evaluate the actions from all policies in the following order. The rules choose the actions for the effective policy as follows:
Order
Action
Result Chosen for Effective Policy
1
Require SSL
One occurrence of the action is chosen if one of the actions has its Client Certificate Required parameter set to Yes.
2
Require HTTP Basic Authentication
One occurrence of the action is chosen.
3
Require WSS Username Token
One occurrence of the action is chosen.
4
Require WSS X.509 Token
One occurrence of the action is chosen.
5
Require WSS SAML Token
One occurrence of the action is chosen.
6
Require Signing
One occurrence of the action is chosen.
7
Require Encryption
One occurrence of the action is chosen.
8
Require Timestamps
One occurrence of the action is chosen.
9
Identify Consumer
One occurrence of the action is chosen. CloudStreams evaluates the consumer identifiers in all the actions and selects the action with the highest-priority consumer identifier, as follows: 1.) IP address 2.) Host name 3.) HTTP Authentication token 4.) WS-Security token 5.) Custom identification token 6.) Consumer certificate 7.) User ID.
10
Authorize User
All occurrences of the action are chosen.
11
Validate Schema
If at least one occurrence of the action is configured to validate requests, and at least one occurrence of the action is configured to validate responses, then an action is constructed to validate both requests and responses.
12
Log Invocations
All occurrences of the action are chosen.
13
Monitor Service Performance
All occurrences of the action are chosen.
14
Monitor Service Level Agreement
All occurrences of the action are chosen.
15
Throttling Traffic Optimization
All occurrences of the action are chosen.