Policy Files Used by the WS-Security Facility
To use the WS-Security facility you create policy files. A policy file is equivalent to a complete XML Header component of a web service descriptor. When configuring the WS-Security facility, you map a policy file to a web service descriptor file. Each time a message is sent or received by the web service, the authentication, signing, and encryption settings specified in the SOAP header are enabled.
Important:
The policy files that the WS-Security facility uses are
not standard WS-Policy files. They are a unique format used only by the
Integration Server WS-Security facility.
Integration Server version 8.2 now provides WS-Security support using standard WS-Policies. For more information, see
Securing Web Services Using
WS-SecurityPolicy.
Security options that you can specify depend the message direction, that is, either inbound or outbound. You specify the message direction using XML components in the policy file. Rules for inbound messages are specified within an <InboundSecurity> section, and rules for outbound messages are specified within an <OutboundSecurity> section. Security elements specifying username/password, signing, encryption, and all other properties, are contained within these sections. For more information and XML code examples specifying message direction, see
InboundSecurity and OutboundSecurity
Elements.
For a complete listing and description of the XML components and attributes that you can use in an
Integration Server WS-Security facility policy file, see
WS-Security Facility Policy Reference. A description of the authentication settings for a typical policy file is shown in
Sample Policy File.
A number of pre-defined WS-Security facility policy files supplied with
Integration Server are located in the
Software AG_directory \IntegrationServer\instances\
instance_name\config\policy directory. These policy files contain the settings for a number of standard security configurations. You can use these file out of the box, or as templates for creating custom policy files. For more information, see
Policy Files Supplied with the WS-Security
Facility.