Service providers policy sets and bindings for enterprise applications collection

Use this administrative console page to attach and detach policy sets to an application, a service provider, its endpoints or operations. You can select the default bindings, create new application specific bindings, or use bindings that you created for an attached policy set.

This panel provides detail information for an application and its associated Web service providers, endpoints and operations. You can view and manage policy set attachments and bindings information using this page.

To view this administrative console page click Applications > Application Types > WebSphere enterprise applications > Service_provider_application_instance > Service provider policy sets and bindings.

About Policy set bindings

Policy set bindings contain platform specific information, like keystore, authentication information or persistent information, required by a policy set attachment. When you create a policy set attachment, if the server is in a security domain and there is a default binding for the security domain, that default binding is applied; otherwise, the default global security domain bindings are used initially. You can create or customize the bindings.

Application specific bindings enable you to provide platform specific configuration information for specific policy set attachments. When you create an application specific binding, the available binding configuration options are tailored to the definitions in the attached policy set. You can reuse application specific bindings for multiple service resources within an application. When you create an application specific binding for a policy set attachment, the binding begins in a completely unconfigured state. You must add each policy, such as WS-Security or HTTP Transport, that you want to override the default binding and you must fully configure the bindings for each policy that you have added.

In support of multiple security domains, each of the named bindings is scoped to a security domain. With domain scoping, applicable configuration settings in the bindings, such as JAAS logins, is constrained based on the configuration attributes of the assigned domain. The default domain for bindings is the global security domain, and bindings scoped to the global security domain is available for all attachments, regardless of the domain in which the attached resource resides. Each service client or provider always has a binding because the global security default bindings cannot be removed. In fact, a service client or provider might have many layers of bindings because of the product configuration options. Such configuration options are application specific, domain level, global security, and server level.

Important:

The general bindings that are shipped with the product are provider and client sample general bindings. General bindings have two cell level defaults; one for the providers and one for the clients. Do not use these bindings in their current state in a production environment. However, if they were modified to contain non-sample data, they could be used in a production environment.

You cannot assign a binding to a service provider resource that does not have a policy set or has an inherited attachment. To assign a binding to such a service provider resource, you must first attach a policy set to the resource. Also, you cannot assign a binding to a service client resource that does not have an effective policy configuration or has an inherited policy attachment. To assign a binding to such a service client resource, you must first attach a policy set or specify the use of the provider policy.

依啟用安全時所指派的安全角色而定,您可能會有建立或編輯配置資料之文字輸入欄位或按鈕的存取權。 請檢閱管理角色文件,以進一步瞭解應用程式伺服器的有效角色。

Application/Service/Endpoint/Operation

Specifies the name of the application and the associated service provider, endpoints or operations.

The Application/Service/Endpoint/Operation column lists the service application and the service providers, endpoints or operations that the application contains.

Attached Policy Set

Specifies the attached policy sets to the service providers, endpoints or operations.

The Attached Policy Set column might show:
  • None, if there is no policy set attached directly nor attached at an upper level.
  • <Policy set name>, for example, WS-I RSP default, if a policy set is attached directly.
  • <Policy Set name>(inherited), if a policy set is not directly attached to that level but a policy set is attached at an upper level.
Bindings

Specifies the binding information available for an application, service provider, endpoint or operation.

The Binding column might show:
  • Not applicable, if there is no policy set attached directly nor attached at an upper level.
  • <Bindings name> or Default. For example, it will display MyBindings1 if a policy set is directly attached and a application specific binding has been assigned. It will display Default if a policy set is directly attached but it is using the default bindings.
  • <Bindings name>(inherited) or Default(inherited), if a service resource inherits the bindings from an upper level attachment.
Policy Sharing

Specifies whether the resource can share its current policy configuration. The policy sharing column can contain the following values:

  • Not applicable. The resource does not have a policy set attached, so there is no policy configuration to share.
  • Disabled. The policy set of the resource cannot be shared. This is the default setting if a policy set is attached to an application or service.
  • Enabled. The policy set of the resource can be shared.

When the value in the column is a link, click the link to view or change settings about how the policy configuration can be shared.

For a service, if the policy set is inherited from the parent application, the policy sharing value is also inherited, and you cannot change it. The value is not a link and it is followed by the word, inherited in parentheses.

For an endpoint or operation, the value is not a link and it is followed by the word, inherited in parentheses. The setting is inherited from the parent application or service and you cannot change it.

「配置」標籤

Buttons
Attach Policy Set Click this button to view a list of policy sets available for attachment to the selected service, endpoint or operation. Select a policy set from the list and it is attached to the selected service, endpoint or operation. To close the drop down list, click Attach Policy Set.
Detach Policy Set Click this button to detach a policy set from a selected service, endpoint, or operation. After the policy set is detached, if there is no policy set attached to an upper level service resource, the Attached policy set column displays None and the Binding column displays Not Applicable.

If there is a policy set attached to an upper level service resource, the Attached policy set column displays policy_set_name(inherited) and the binding used for the upper level attachment is applied. The binding name is displayed with (inherited) after it.

Assign Binding Click this button to assign bindings from a list of available bindings for the selected policy set attachment. You can choose the default bindings for the selected service, endpoint or operation.

You can create new general binding or new application specific binding for the policy set attachments. The new binding you create is used for the selected resources. If you select more than one resource, ensure that all selected resources have the same policy set attached. To close the drop down list, click Assign Binding.




標示(線上)的鏈結表示需要存取網際網路。

Related tasks
Related reference
管理角色


檔名: uwbs_psbindings.html