Guidelines for Creating WS-Policy Files

Integration Server 10.15 | Web Services Developer’s Guide | Defining Policies for Web Services (WS-Policy) | WS-Policy Files | Guidelines for Creating WS-Policy Files

Keep the following points in mind, when creating policy files:

Assign the file extension “.policy” to the policy file.

Ensure that the WS-Policy you specify in the policy file works with the WS-Policy 1.2 standard.

Include the wsu:Id attribute in the policy to provide a policy ID.

You must include a policy ID to uniquely identify the policy. For more information about specifying a policy ID, see Policy ID.

Include a Name attribute to provide a descriptive name for the policy. The Name attribute is optional.

Include only one policy in each policy file.

A policy file can have only one top-level Policy element. If a policy file contains multiple Policy elements, Integration Server uses only the first one and ignores the subsequent Policy elements within the same file. Integration Server will not display any warning messages.

Within the single Policy element, you can use the All and ExactlyOne elements to provide multiple policy alternatives or policy assertions.

Avoid including policy assertions that Integration Server does not support. If you use a WS-Policy that contains unsupported policy assertions, unexpected behavior might occur.

The following table provides information about the policy assertions that Integration Server supports.

Type	Integration Server supports...
WS-Addressing	The wsaw:UsingAddressing assertion, where wsaw refers to the namespace "http://www.w3.org/2006/05/addressing/wsdl".
WS-Security	A subset of the SecurityPolicy 1.2 and WS-SecurityPolicy 1.1 assertions. For information about the supported assertions, see WS-SecurityPolicy Assertions Reference.
WS-ReliableMessaging	A subset of the WS-ReliableMessaging Policy 1.1 assertions. For information about reliable messaging, see Web Services Reliable Messaging (WS-ReliableMessaging).

Place the policy file directly in the Software AG_directory \IntegrationServer\instances\instance_name\config\wss\policies directory. Integration Server will ignore any policy files that are placed in a subfolder of the policies directory.

When you add a policy file to the policies directory, the Integration Server policy manager recognizes the new policy and logs an information message to the server log stating that the policy was added.

The Integration Server policy manager also validates the new policy. If Integration Server determines that the policy is valid, Integration Server makes the policy file immediately available to be attached to web service descriptors. You do not need to restart Integration Server.

If the policy is invalid, for example, if it contains invalid XML syntax or structure, Integration Server does not make the file available. Integration Server moves invalid policy files to the Software AG_directory \IntegrationServer\instances\instance_name\config\wss\policies\invalid subdirectory.