Service client policy set and bindings for enterprise applications collection

Use this page to attach and detach policy sets to an application, a service client, its endpoints or operations. You can select the default bindings, create new application-specific bindings, or use existing bindings for an attached policy set. You can view or change whether the client uses the policy of the service provider.

This panel displays detail information for an application and its associated Web service clients, endpoints and operations. You can view and manage policy set attachments and bindings information using this page.

To view this administrative console page, click Applications > Enterprise Applications > service_client_application_instance > Service client policy sets and bindings.

About policy set bindings

Policy set bindings contain platform specific information, like keystore, authentication information or persistent information, required by a policy set attachment. When you create a policy set attachment, if the server is in a security domain and there is a default binding for the security domain, that default binding is applied; otherwise, the default global security domain bindings are used initially. You can create or customize the bindings.

Application specific bindings enable you to provide platform specific configuration information for specific policy set attachments. When you create an application specific binding, the available binding configuration options are tailored to the definitions in the attached policy set. You can reuse application specific bindings for multiple service resources within an application. When you create an application specific binding for a policy set attachment, the binding begins in a completely unconfigured state. You must add each policy, such as WS-Security or HTTP Transport, that you want to override the default binding and you must fully configure the bindings for each policy that you have added.

In support of multiple security domains, each of the named bindings is scoped to a security domain. With domain scoping, applicable configuration settings in the bindings, such as JAAS logins, is constrained based on the configuration attributes of the assigned domain. The default domain for bindings is the global security domain, and bindings scoped to the global security domain is available for all attachments, regardless of the domain in which the attached resource resides. Each service client or provider always has a binding because the global security default bindings cannot be removed. In fact, a service client or provider might have many layers of bindings because of the product configuration options. Such configuration options are application specific, domain level, global security, and server level.

Important:

The general bindings that are shipped with the product are provider and client sample general bindings. General bindings have two cell level defaults; one for the providers and one for the clients. Do not use these bindings in their current state in a production environment. However, if they were modified to contain non-sample data, they could be used in a production environment.

You cannot assign a binding to a service provider resource that does not have a policy set or has an inherited attachment. To assign a binding to such a service provider resource, you must first attach a policy set to the resource. Also, you cannot assign a binding to a service client resource that does not have an effective policy configuration or has an inherited policy attachment. To assign a binding to such a service client resource, you must first attach a policy set or specify the use of the provider policy.

依啟用安全時所指派的安全角色而定,您可能會有建立或編輯配置資料之文字輸入欄位或按鈕的存取權。 請檢閱管理角色文件,以進一步瞭解應用程式伺服器的有效角色。

Application/Service/Endpoint/Operation

Specifies the name of the application and the associated service client, endpoints or operations.

Client Policy Set

Specifies the policy set that is attached to the application, service clients, endpoints or operations.

The Client Policy Set column can contain the following values:
  • None. No policy set is attached directly, or is attached at an upper level.
  • policy_set_name. The name of the policy set that is directly attached, for example, WS-I RSP.
  • policy_set_name (inherited). A policy set is not directly attached to the resource, but a policy set is attached to a higher level resource.

When the value in the column is a link, click the link to view or change settings about the attached policy set.

Policies Applied

Specifies the policies that are applied to the resource.

The Policies Applied column can contain the following values:
  • None. No policies are applied to the application or service. This is the default setting if there is no policy set attached to the client.
  • Client only. The client policy set is applied to the application or service. This is the default setting if a policy set is attached to the client.
  • Provider only. The policy configuration of the service provider is applied to the application or service, as long as the client can support those policies.
  • Client and provider. A policy that is based on both the client policy set and the policy of the service provider is applied to the application or service.

When the value in the column is a link, click the link to view or change settings about how the policies are applied.

For a service, if the value in the column is a link followed by the word inherited in parentheses, this shows a setting that is inherited from the parent application. You can click the link to change the setting for the service.

For an endpoint or operation, the value is not a link and it is followed by the word inherited in parentheses. The setting is inherited from the parent application or service and you cannot change it.

Binding

Specifies the name of the binding associated with a policy set.

The Binding column can contain the following values:
  • Not applicable. No policy set is attached, either directly or to a higher level service resource.
  • binding_name. The name of the binding, for example, MyBinding1 or Default, if a policy set is attached directly to the resource.
  • binding_name (inherited) or Default (inherited). The name of the binding if a service resource inherits the bindings from an upper level attachment.

When the value in the column is a link, click the link to view or change settings about the binding.

Buttons
Attach Client Policy Set Click this button to view a list of policy sets available for attachment to the selected service, endpoint or operation. Select a policy set from the list and it is attached to the selected service, endpoint or operation. To close the drop down list, click Attach Policy Set.
Detach Client Policy Set Click this button to detach a policy set from a selected service, endpoint, or operation. After the policy set is detached, if there is no policy set attached to an upper level service resource, the Attached policy set column displays None and the Binding column displays Not Applicable.

If there is a policy set attached to an upper level service resource, the Attached Policy Set column displays policy_set_name(inherited) and the binding used for the upper level attachment is applied. The binding name is displayed with (inherited) after it.

Assign Binding Click this button to assign bindings from a list of available bindings for the selected policy set attachment. You can choose the default bindings for the selected service, endpoint or operation.

You can create new general binding or new application specific binding for the policy set attachments. The new binding you create is used for the selected resources. If you select more than one resource, ensure that all selected resources have the same policy set attached. To close the drop down list, click Assign Binding.




標示(線上)的鏈結表示需要存取網際網路。

Related tasks
Related reference
Web services: Client security bindings collection
Application policy sets collection
Application policy set settings
Search attached applications collection
Policies applied settings
管理角色
管理主控台按鈕
管理主控台喜好設定


檔名: uwbs_clientpsbindings.html