cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sergey Beryozkin" <sbery...@progress.com>
Subject RE: WS-Policy configuration steps
Date Fri, 05 Dec 2008 10:23:48 GMT
Excellent and concise overview. I'd add one thing.

A client UI tool or runtime may employ a ws-policy generic policy
intersection algorithm when deciding which, if any, of available
services meets the requirements. These requirements are available on the
client side in the form of a policy expression, either embedded in the
configuration, client side WSDL or in some external repository -
hopefully one day we'll be able to do in CXF too.

Cheers, Sergey


-----Original Message-----
From: Mayank Mishra [mailto:mayankm01@gmail.com] 
Sent: 04 December 2008 19:14
To: users@cxf.apache.org
Subject: Re: WS-Policy configuration steps

Johnbosco, Lawrence wrote:
> Hello,
>  
> Can anyone provide me a working example implementing WS-Policy
embedded within the WSDL in CXF?  So far, I couldn't find any detailed
material regarding this.
>  
>   
Hi,

** WS-Policy provides a way for the provider of a web service to convey 
conditions under which it provides the service. A invoker might use this

policy to decide whether to use or not to use the service.

WS-Policy just gives basic assertion support like, <wsp:All/>, 
<wsp:ExactlyOne/> to express one set of policy or alternatives too. Any 
conditions/requirements as assertions under <wsp:All/> become mandatory,

where as assertions inside <wsp:ExactlyOne/> are considered as 
alternatives to each other.You can read more about various 
combinations/interactions/alternative in OASIS WS-Policy
Specification[1].

You can specify these WS-Poilcy assertions either inside input , output,

fault, operation, port, or in binding wsdl elements. You can either put 
them directly as child elements of them, or else you can refer them 
using <wsp:PolicyReference> element.

WS-Security Policy, WS-RM assertions are build on top of WS-Policy for 
specifying security or reliable messaging requirements/constraints for a

service. For example, specifying security requirements for outgoing 
message, I can write as,

      <wsp:Policy wsu:Id="Output_Policy">
             <wsp:ExactlyOne>
                <wsp:All>
                <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                    <sp:Body/>
                </sp:SignedParts>
                <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                          <wsu:Timestamp/>
                   </sp:EncryptedParts>
                </wsp:All>
             </wsp:ExactlyOne>
       </wsp:Policy>

and I can refer this policy as,

    <wsdl:binding name="WebTransactionServiceSoapBinding" 
type="tns:CreditCard">
        <soap:binding style="document" 
transport="http://schemas.xmlsoap.org/soap/http"/>
        <!--wsp:PolicyReference URI="#Endpoint_Policy"/-->
        <wsdl:operation name="purchase">
            <soap:operation soapAction="" style="document"/>
            <wsdl:input name="purchase">
                <!--wsp:PolicyReference URI="#Input_Policy"/-->
                <soap:body use="literal"/>
            </wsdl:input>
            <wsdl:output name="purchaseResponse">
                <wsp:PolicyReference URI="#Output_Policy"/>
                <soap:body use="literal"/>
            </wsdl:output>
        </wsdl:operation>
    </wsdl:binding>

or specifying RM assertions as Embedded instead of referred can be,

<wsdl:service name="CartSLSBBeanService">
        <wsdl:port binding="ns1:CartSLSBBeanServiceSoapBinding" 
name="CartSLSBBeanPort">
            <wswa:UsingAddressing 
xmlns:wswa="http://www.w3.org/2005/02/addressing/wsdl"/>
            <soap:address location=" http://localhost:8181/cart/cart"/>
        <wsp:Policy xmlns:wsp="http://www.w3.org/2006/07/ws-policy"
                xmlns:wsu=" 
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utili
ty-1.0.xsd" 

                wsu:Id="RM">
            <wsam:Addressing 
xmlns:wsam="http://www.w3.org/2007/02/addressing/metadata"> 
            <wsrmp:RMAssertion 
xmlns:wsrmp="http://schemas.xmlsoap.org/ws/2005/02/rm/policy">
                <wsrmp:BaseRetransmissionInterval Milliseconds="10000"/>
            </wsrmp:RMAssertion>
        </wsp:Policy>
        </wsdl:port>
    </wsdl:service>
 
You can read more about WS-SecurityPolicy[2] and WS RM[3] so as to 
understand what these assertions actually specify.

I hope this helps

[1]. http://www.w3.org/TR/ws-policy/
[2]. 
http://docs.oasis-open.org/ws-sx/ws-securitypolicy/v1.2/ws-securitypolic
y.html
[3].http://docs.oasis-open.org/ws-rx/wsrmp/200608/wsrmp-1.1-spec-cd-04.h
tml


With Regards,
Mayank

> Thanks,
> Lawrence
>
>   


Mime
View raw message