WS-Policy - PowerPoint PPT Presentation

About This Presentation
Title:

WS-Policy

Description:

WS-Policy What s the Problem? To use a web service a client needs more information than is provided in WSDL file. Examples: Does service support WS-Security? – PowerPoint PPT presentation

Number of Views:12
Avg rating:3.0/5.0
Slides: 9
Provided by: ComputerS116
Category:
Tags: policy

less

Transcript and Presenter's Notes

Title: WS-Policy


1
WS-Policy
2
Whats the Problem?
  • To use a web service a client needs more
    information than is provided in WSDL file.
    Examples
  • Does service support WS-Security? If so
  • What encryption algorithm does it expect (or
    prefer)?
  • Must messages be signed?
  • What character encoding is used?
  • What version of SOAP is supported?
  • A policy is a set of conditions expected by a
    service.
  • WS-Policy provides an XML based declarative
    mechanism for expressing a policy that can be
  • integrated with WSDL or attached as a tModel in
    UDDI
  • enforced by web services infrastructure

3
Policy Expression
  • A policy expression is a set of policy assertions
  • A policy assertion expresses a specific
    characteristic of a service
  • Standard sets of assertions are defined (as
    schemas)
  • Others will be developed
  • A policy subject is the resource described by a
    policy assertion
  • A policy attachment binds an expression to a
    subject
  • Separate standard WS-PolicyAttachment
  • Defines how to reference WS-Policy expressions
    from XML documents (e.g., WSDL, UDDI)

4
Policy Expression
ltwspPolicy xmlnswsppolicy ns
xmlnswsuutility ns wsuIdURI
Namelocal_name targetNamespacetar
get gt lt! policy assertions go here
--gt lt/wspPolicygt
expression can be referred to with URI or
as targetlocal_name
5
Policy Assertion
attributes defined in WS-Policy
ltAssertion wspUsage wspPreference/gt
tag from a particular (presumably standard)
assertion namespace
  • possible values
  • Required
  • Rejected
  • Optional
  • Others

if several alternatives are allowed, then
preference is expressed as a number between 0 and
100
Extensibility Policies in different areas
will be standardized and introduced through
unique namespaces
6
Example
standard for security policy is WS-SecurityPolicy
ltwspPolicy xmlnswspwspolicy ns
xmlnswssesecurityPolicy ns gt
ltwsseSecurityToken wspUsagewspRequired
gt ltwsseTokenTypegt wsseKerberosv5ST
lt/wsseTokenType gt lt/wsseSecurityTokengt
ltwsseIntegrity wspUsagewspOptional gt
ltwsseAlgorithm TypewsseAlgSignature
URI /gt lt/wsseIntegritygt lt/wspPolicygt
assertions
7
Example
operators All ExactlyOne OneOrMore (nesting
allowed)
ltwspPolicy xmlnswspwspolicy ns
xmlnswssesecurityPolicy ns gt
ltwspExactlyOne wspUsageRequiredgt
ltwsseSecurityToken wspPreference10gt
ltwsseTokenTypegt wsseKerberosv5ST
lt/wsseTokenType gt lt/wsseSecurityTokengt
ltwsseSecurityToken wspPreference1gt
ltwsseTokenType TypewsseUserNameToken /gt
lt/wsseSecurityTokengt lt/wspExactlyOnegt lt/wsp
Policygt
8
WS-PolicyAssertions
  • Standard for general policy assertions
  • Character encoding
  • Natural language
  • Specification version
  • Constraint on message structure
  • Default is Xpath expression

one security header block
ltwspMessagePredicategt count(wspGetHeader(.)/
wsseSecurity) 1 lt/wspMessagePredicategt ltwspMe
ssagePredicategt count(wspGetBody(.)/)
1 lt/wspMessagePredicategt
body has 1 child
Write a Comment
User Comments (0)
About PowerShow.com
Home About Us Terms and Conditions Privacy Policy Presentation Removal Request Contact Us
Copyright 2024 CrystalGraphics, Inc. — All rights Reserved. PowerShow.com is a trademark of CrystalGraphics, Inc.
The PowerPoint PPT presentation: "WS-Policy" is the property of its rightful owner.
Do you have PowerPoint slides to share? If so, share your PPT presentation slides online with PowerShow.com. It's FREE!