Thursday, December 24, 2015


WS-Policy is a specification that allows web services to use XML to advertise their policies (on security, quality of service, etc.) and for web service consumers to specify their policy requirements. WS-Policy is a W3C recommendation as of September 2007. WS-Policy represents a set of specifications that describe the capabilities and constraints of the security (and other business) policies on intermediaries and end points (for example, required security tokens, supported encryption algorithms, and privacy rules) and how to associate policies with services and end points.
  • To integrate software systems with web services
  • Need a way to express web services characteristics
  • Without this standard, developers need docs
  • Provides a flexible and extensible grammar for expressing the capabilities, requirements, and general characteristics of Web Service entities
  • Defines a model to express these properties as policies
  • Provide the mechanisms needed to enable Web Services applications to specify policies
WS-Policy specifies:
  • An XML-based structure called a policy expression containing policy information
  • Grammar elements to indicate how the contained policy assertions apply
  • Policy: refers to the set of information being expressed as policy assertions
  • Policy Assertion: represents an individual preference, requirement, capability, etc.
  • Policy Expression: set of one or more policy assertions
  • Policy Subject: an entity to which a policy expression can be bound
Policy Namespaces:
  • WS-Policy schema defines all constructs that can used in a policy expression
Prefix Description Namespace
wsp WS-Policy, WS-PolicyAssertions, and WS_PolicyAttachment
wsse WS-SecurityPolicy
wsu WS utility schema
msp WSE 2.0 policy schema

No comments:

Post a Comment

Note: Only a member of this blog may post a comment.