ActiveVOS Designer User’s Guide

Previous | Next

Adding Policy Assertions

The WS-Policy specification allows Web service providers and clients to express a broad range of capabilities, requirements, and preferences in a standard way through policy assertions. If desired, you can add one or more policy assertions to the partner link’s endpoint reference section of a process deployment descriptor file.

As a simpler alternative to adding individual policy assertions to partner links, you can add a policy reference. The policy reference is a pointer to policies defined in the process’s WSDL file. For details, see User-Defined Policy Assertion.

You can add a policy assertion to both the Partner Role partner link and the My Role partner link in the Deployment Descriptor wizard.

Many policy assertions specify both an inbound and outbound direction. An inbound assertion governs messages received by the BPEL process, such as messages for receives and replies from invoked services. An outbound assertion governs messages sent by the process, such as requests to an invoked service and replies matching receives.

Note: Policy assertions apply to static endpoint references for partner roles in the PDD wizard. To add a policy assertion to a principal, add the details to the partner definition file. For a dynamic endpoint reference, you can manually add the details to the appropriate copy operation in an assign activity.

The supported policy assertions are described in the following table:

Policy

Description

WS-Security Policy Assertions:

Authentication

Credentials required for access to a service

Encryption

Describes the parts of a SOAP message to encrypt

Signature

Describes the parts of a SOAP message to sign with an XML Signature, using an X.509 Certificate token

Timestamp

Adds a <Timestamp> element to the SOAP header of a message

Other Policy Assertions:

Retry

Describes when and how many times to retry an invoked service that does not reply

User-Defined Policy Assertion

Placeholder for a custom solution you provide for handling messages from a particular service provider. Place where you can add WS-Policy Reference.

Engine-Managed Correlation

A My Role policy assertion that directs the ActiveVOS server to use WS-Addressing to transmit replyTo endpoint references during transmissions to the Partner Role partner link

WS-Reliable Messaging

Specifies that a partner link participates in an industry-standard protocol that supports guaranteed delivery of messages

JMS Delivery Options

For details, see Using a Java Messaging Service Invoke Handler

HTTP Transport

Used for REST-based invocations

REST Enabled

Used for REST-based invocations

SAML

The Security Assertions Markup Language (SAML) is an OASIS standard that enables loosely coupled and federated identity integration.

Message Validation

Provide fine-grained validation of WSDL messages for a partner link to enable faster processing

Web Service Timeout

Set an amount of time to wait for a specific Web service to time out

Invoke Recovery

Select whether to suspend a process with a pending invoke when the recovers from a failed server

Send WS-Addressing Headers

Explicitly add addressing to invokes

WSDL Binding Reference

Applicable for a my role partnerlink to refer to a WSDL binding instead of RPC or Document

Suppress xsi:type

A workaround for suppressing schema validation in SOAP messages, useful for dealing with legacy services that cannot handle xsi:type attributes

To add one or more policies to a partner link:

  1. In the Deployment Descriptor wizard, navigate to the Partner Links page. See Creating a Process Deployment Descriptor File for details on opening the New Deployment Descriptor dialog.
  2. For a partner role partner link, select static as the Endpoint Reference Type.
  3. Select the Dialog button at the end of the Endpoint Reference text box.
  4. Select the Policy Assertions tab, as shown in the example.

    5. Policy Assertions List

  5. Select the Add button to open the Policy Assertion dialog.
  6. From the Policy Template list, select the policy you wish to add, and fill in all the required information. For details, select a name from the supported policies listed at the top of this topic.
  7. Select OK.
  8. Select Add again to add additional policies.
  9. Add My Role policy assertions by doing the following:
    1. Select a My Role partner link.
    2. Select the My Role Policy tab.
    3. Select applicable inbound/outbound policies, as described above, for the My Role service.

The following example shows one policy assertion scenario for the loan approval process described in the ActiveVOS Designer tutorial.

Partner link

Policy Assertion

Direction

Result

My Role:

customer

signature of creditInformation message

inbound

Signed message is received from person requesting a loan

signature of creditInformation message

outbound

Signed message is sent back to person requesting a loan

Partner Role:

assessor

signature of creditInformation message

outbound

Signed request is sent by the process to the Assessor, and signed request is sent to Approver

signature of riskAssessment message

inbound

Signed reply is received by the process

Partner Role:

approver

signature of creditInformation message

outbound

Signed request is sent by the process or by the Assessor to the Approver

signature of approvalMessage

inbound

Signed reply is received by the process

Copyright (c) 2004-2010 Active Endpoints, Inc.