2. Outline
• What is WS?
• What is WS-Policy?
• Why is WS-Policy needed?
• Conceptual Placement in WS
• Technical Specification
• Vendors / Tools
• Conclusion
• Q&A
3. What is WS (Web Service)?
• XML
▫ SOAP
XML formatted message in order to exchange
information among applications or services.
▫ WSDL
SOAP is a protocol in order to exchange information
through defined services by WSDL
currently the most common language for describing the
'how' and 'where' a Web service exchanges messages
• Web services are being successfully used for
interoperable solutions across various industries
4. WS-Policy
• Extends SOAP, XML Schema, WSDL and offer
mechanisms to represent the capabilities and
requirements of Web services as Policies
▫ representing whether and how a message must be
secured
▫ whether and how a message must be delivered
reliably
▫ whether a message must flow a transaction, etc
5. Why?
• Provider/Requester Security
• SOAP Data Optimization
• Header element
▫ Word of mouth?
▫ Documentation?
▫ WSDL?
• Automated tools will evaluate WSDL and
generate policy-aware client and engages the WS
in the way of how the WS wants.
6. Conceptual Placement in WS
• In WSDL and SOAP
• It can be thought of as choice of wire(s) how they
may speak to each other for security,
optimization, transaction.
7. Technical Specifications
• Simple Language
▫ Four elements
Policy
All
ExactlyOne
PolicyReference
▫ One attribute
wsp:Optional
8. Technical Specifications cont’d
• Cenk(Web service developer) is building a client
application that retrieves real time stock quote
information from IMKB.
• IMKB supplies real time data using Web
services.
11. Technical Specifications cont’d
• Assertion
▫ A piece of service metadata
▫ Identifies a domain specific behavior
(requirement)
Web Services Security Policy
Web Services Reliable Messaging Policy
And so forth
12. Technical Specifications cont’d
• Assertion con’d
▫ 3 policy operators for combining policy assertions:
Policy
All and
ExactlyOne
▫ Policy operator is a synonym for All
<All>
<wsap:UsingAddressing />
<sp:TransportBinding>...</sp:TransportBinding>
</All>
17. Vendors / Tools
• Apache Foundation, Axis2/Java
http://ws.apache.org/axis2/1_2/WS_policy.html
• Java demo based on CXF WS-Policy framework in
Apache CXF
http://www.java2s.com/Code/Java/Web-Services-
SOA/ThisdemoshowshowtheCXFWSPolicyframewo
rkinApacheCXFusesWSDL11Policyattachmentstoen
abletheuseofWSAddressing.htm
• Microsoft is already supporting WS-* technologies
http://msdn.microsoft.com/en-
us/library/ms996940.aspx
18. Conclusion
• Simple language
• Providers represent capabilities and requirements
• Policy-aware tools understand policy expressions
and engage behaviors automatically
• Hides complexity
• Automates Web service interactions
• Enables secure, reliable and transacted Web services
• Need for new policies! Open and new software
market for policies !