The steps below demonstrate how to create a security policy, how to apply security for a service via Developer Studio, and then deploy it in the server.
Creating the security policy
- Open the Developer Studio Dashboard (click Developer Studio > Open Dashboard) and click Registry Resource.
- Select the From existing template option and click Next.
- Enter a resource name and select the WS-Policy template along with the preferred registry path.
- Click Finish.
- Open the created policy by double-clicking on the created policy file.
- The policy file opens in a multi page editor with a Security Form Editor as the design view and an XML editor as the source view.
- Enable security by specifying the required scenario in the Security Form Editor. Click the icon next to each scenario for more information.
- You can provide service information as private store and advanced configuration information as rampart configuration.
- For certain scenarios, you can specify user roles. After you select the scenario, scroll to the right to see the User Roles button. Alternatively, maximize the window.
- Either define the user roles inline or retrieve the user roles from the server.
Get from the server
- Create a Composite Application project including the created policy file and then create a CAR file to deploy to the server.
Applying security for a proxy service
- Once you have configured the policy file, you can apply security for a proxy service by setting the Security Enabled property to true and pointing to the policy key under Service Policies in the proxy properties.
- Specify the policy path inline or browse from the registry or workspace. You can also create and point to a new resource.
By default, the role names are not case sensitive. If you want to make them case sensitive, add the following property under the
<AuthorizationManager> configuration in the
Applying security for a data service
Once you have configured the policy file, you can apply security for a data service by setting the Enable Security property to true and pointing to the policy key in the Policy property in the data services properties.
Applying security for a BPEL workflow
- Once you have configured the policy file, you can apply security for a BPEL workflow by right-clicking the BPEL project and clicking Apply Security.
- On the wizard that appears, select the process and browse to the policy file from the registry.
- Click Finish.