In this lesson you will learn how to secure the web service
with one of the default policy sets packaged with WebSphere Application
Server.
You can use the policy sets that are included with this
product to simplify configuring the qualities of service for your
web services and clients. Several policy sets are included in the
workbench. Alternately you can use the administrative console to create
your own policy sets and import them.
In this tutorial you will
attach the Reliable Secure Profile (RSP) default policy set to the
web service and client. The WS-I RSP default policy set consists of
instances of the WS-Security, WS-Addressing and WS-ReliableMessaging
policy types. This policy set provides the following features:
- Reliable message delivery to the intended receiver by enabling
WS-ReliableMessaging
- Message integrity by digital signature that includes signing the
body, timestamp, WS-Addressing headers and WS-ReliableMessaging headers
using the WS-SecureConversation and WS-Security specifications
- Confidentiality by encryption that includes encrypting the body,
signature and signature confirmation elements, using the WS-SecureConversation
and WS-Security specifications
- In the Java EE perspective Services view expand the JAX-WS
Web Services node. The address book Web service and client should
be under their respective folders.
- Select the address book service, right-click and select Manage
Policy Set Attachment.
- Select the jwsAddressBookEAR as the service EAR project
and click Add.
- You can apply a policy set at the service, port or operation
level. Different policy sets may be applied to various endpoints and
operations within a single web service. However the service and client
must have the same policy set settings. For this tutorial you will
apply the policy set to the entire service, so the Endpoint and Operation
Name fields can be left blank.
- From the Policy Set drop-down list, select WS-I
RSP, and for the Binding ensure Provider Sample is
selected. This is a provider-side general binding packaged with WebSphere
Application Server. Click OK. The
service should now be listed in the Application table and the WS-I
RSP policy. Click Finish.
Once a policy set has been attached to a web service a policyAttachements.xml
file is generated in the EAR META-INF folder. This file will be appended
for each additional policy set setting added to any service within
the EAR.