CloudStreams 10.5 | webMethods CloudStreams | Administering webMethods CloudStreams | Overview | About CloudStreams | Policies for Virtual Services and Connector Virtual Services | Policies for Virtual Services
 
Policies for Virtual Services
You should create policies that apply to one or more virtual services. A policy is a sequence of actions that is carried out by CloudStreams when a consumer requests a particular service through CloudStreams. A policy for a virtual service can include the following kinds of actions:
*WS-SecurityPolicy 1.2 actions:
There are two kinds of WS-SecurityPolicy 1.2 actions:
*Authentication actions, to verify that the requests for virtual services contain a specified WS-SecurityPolicy element. You can authenticate consumers by their WSS X.509 certificates, WSS username tokens, or WSS SAML tokens.
*XML security actions, to provide confidentiality (through encryption) and integrity (through signatures) for request and response messages.
*Monitoring actions:
*The Monitor Service Performance action, which monitors a user-specified set of run-time performance conditions for a virtual service, and sends alerts to a specified destination when these conditions are violated
*The Monitor Service Level Agreement action, which provides the same functionality as Monitor Service Performance, but this action is different because it enables you to monitor a virtual service's run-time performance for particular consumers. You configure this action to define a Service Level Agreement (SLA), which is set of conditions that defines the level of performance that a specified consumer should expect from a service.
*The Throttling Traffic Optimization action, which limits the number of service invocations allowed during a specified time interval.
*Additional actions:
*Identify Consumer, which you use in conjunction with an authentication action. Alternatively, this action can be used alone to identify consumers only by host name or IP address.
*Require HTTP Basic Authentication, which uses HTTP Basic authentication to verify the consumer's authentication credentials contained in the request's Authorization header against the Integration Server's user account. This action supports WS-SecurityPolicy 1.2.
*Authorize User, which authorizes consumers against a list of users and/or a list of groups registered in the Integration Server. You use this action in conjunction with an authentication action.
*Log Invocation, which logs request/response payloads. See Log Invocation for General Data Protection Regulation (GDPR) related information.
*Validate Schema, which validates all XML request and/or response messages against an XML schema referenced in the WSDL.