Close

WS-Policy + WS-PolicyAttachment

Looking for how to manage to figure out policies relations to the web services, I’ve found out a paper called “A Practical Introduction to WS-Policy“. Out of that you can simply figure out how to write a web service with a WS-Policy attached to it. The WS-Policy needs WS-PolicyAttachment showing how these policies to attached and how to use.

Both of these are XML based files and are easy to interpret.
The only problem with that is WS-Policy is only giving solutions for security policies, like having a specific token or something like that. What I was looking for it was to somehow check the policy behind a web service in all aspects of business process and not only security requirements.

The ones that WS-Policy can talk about is :

  • Integrity (digital signatures)
  • Confidentiality (encryption)
  • MessagePredicate (specifies message parts that SOAP messages must contain)
  • MessageAge
  • SecurityToken

Leave a Reply

Your email address will not be published. Required fields are marked *