Document: | Web Services Policy 1.5 - Framework and Web Services Policy 1.5 - Attachment |
Purpose: | To define a way to express Quality-of-Service requirements and capabilities, as needed at design time or run time. The following example (from a previous version of Web Services Policy Framework) expresses a security requirement for requesters of a service.
<wsp:Policy xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" > <wsp:ExactlyOne> <sp:Basic256Rsa15 /> <sp:TripleDesRsa15 /> </wsp:ExactlyOne> </wsp:Policy> The ExactlyOne element indicates that a requester must use one of two security algorithms (Basic256Rsa15 or TripleDesRsa15). As suggested by the example, WS-Policy provides an XML vocabulary and a way to embed that vocabulary in WSDL, UDDI, and other XML-based definitions. However, WS-Policy does not define the meaning of each policy assertion, which is content (such as Basic256Rsa15) that expresses a requirement or capability. A policy assertion is defined in one or another domain, which is an area of concern such as security, reliability, or transaction control. Many policy assertions are defined in other WS-* specifications. The main purposes of the WS-Policy vocabulary and the embedded policy assertions are as follows:
For further details, see Web Services Policy 1.5 - Primer. |
Sponsor: | W3C |
Link: | http://www.w3.org/2002/ws/policy/#drafts |