In Manual Web Service Configuration In From Java Case you saw how to manually configure Java web service endpoint. This entry describes how to use external policies for endpoint configuration instead of including policy assertions directly into WSIT config file. The scenario enables you to store and maintain all your policies at one central place...

Preparation

To be able to reproduce following steps you will need an installation of glassfish v2. (I was using gf v2 b46)
I presume, your GlassFish instance is running and has $AS_HOME base directory.

Step 1. Create And Publish Your "Policy Repository"

The easiest way how to do that is to publish them as a static XML file:

$ vim $AS_HOME/domains/domain1/docroot/policies.xml

Content of your newly created "policy repository" could be as follows:

<?xml version="1.0" encoding="UTF-8"?>

<policies

    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" 

    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 

    xmlns:wsaws="http://www.w3.org/2006/05/addressing/wsdl" 

    xmlns:wsrm="http://schemas.xmlsoap.org/ws/2005/02/rm/policy">

  <wsp:Policy wsu:Id="Class1BindingPolicy">

    <wsp:ExactlyOne>

      <wsp:All>

        <wsrm:RMAssertion/>

        <wsaws:UsingAddressing/>

      </wsp:All>

    </wsp:ExactlyOne>

  </wsp:Policy>

</policies>

This way your "policy repository" should be available at http://localhost:8080/policies.xml and you have defined just one policy Class1BindingPolicy which could be referenced as http://localhost:8080/policies.xml#Class1BindingPolicy

Step 2. Create Your Endpoint

The endpoint is created the same way as in Manual Web Service Configuration In From Java Case

For sake of clarity I will repeat the steps here:

Creating the endpoint implementation class:

$ mkdir work-wspol ; cd work-wspol ; vim Stock.java

package org.example;



import javax.jws.WebMethod;

import javax.jws.WebService;


@WebService(serviceName="StockSvc", portName="StockPort", targetNamespace="http://example.org")


public class Stock {



  @WebMethod()

    public boolean itemAvaiable (String itemId, int amount) {

        return Math.random() > 0.6;

    }

}

Compiling it:

$ mkdir -p WEB-INF/classes; javac -cp $AS_HOME/lib/javaee.jar -d WEB-INF/classes Stock.java

And creating a wsit config file skeleton:

$ $AS_HOME/bin/wsgen -wsdl -cp WEB-INF/classes org.example.Stock ; mv StockSvc.wsdl WEB-INF/wsit-org.example.Stock.xml

Now remove useless lines from the skeleton:

$ vim WEB-INF/wsit-org.example.Stock.xml

Lines to remove:

 <types>

    <xsd:schema>

      <xsd:import namespace="http://example.org" schemaLocation="StockSvc_schema1.xsd"/>

    </xsd:schema>

  </types>

And:

<soap:address location="REPLACE_WITH_ACTUAL_URL"/>

Step 3. Attach The External Policy

Attaching an external policy simply means adding a PolicyReference to the config file.
In our case, we will only add the following line to our wsit config file:

<wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"

                  URI="http://localhost:8080/policies.xml#Class1BindingPolicy"/>

So that our config file will look like:

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>

<definitions targetNamespace="http://example.org" name="StockSvc" 

xmlns:tns="http://example.org" 

xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" 

xmlns:xsd="http://www.w3.org/2001/XMLSchema" 

xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" 

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"

xmlns="http://schemas.xmlsoap.org/wsdl/">

  <message name="itemAvaiable">

    <part name="parameters" element="tns:itemAvaiable"/>

  </message>

  <message name="itemAvaiableResponse">

    <part name="parameters" element="tns:itemAvaiableResponse"/>

  </message>

  <portType name="Stock">

    <operation name="itemAvaiable">

      <input message="tns:itemAvaiable"/>

      <output message="tns:itemAvaiableResponse"/>

    </operation>

  </portType>

  <binding name="StockPortBinding" type="tns:Stock">

<wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"

 URI="http://localhost:8080/policies.xml#Class1BindingPolicy"/>

    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>

    <operation name="itemAvaiable">

      <soap:operation soapAction=""/>

      <input>

        <soap:body use="literal"/>

      </input>

      <output>

        <soap:body use="literal"/>

      </output>

    </operation>

  </binding>

  <service name="StockSvc">

    <port name="StockPort" binding="tns:StockPortBinding">

    </port>

  </service>

</definitions>

Step 4. Deploying The Newly Created And Configured Endpoint

You should now be able to deploy the endpoint in one shot by:

$ jar cvf $AS_HOME/domains/domain1/autodeploy/stock.war WEB-INF

Closer View

If you look at the published WSDL of our endpoint, you will probably notice that
original external reference was replaced by a local one and the policy definition was included into the wsdl.

It means that consumer of your endpoint does not need to have access to original "policy repository". On the other hand, if you forbid access to your "policy repository" from outside, described mechanism will still work! So what? You can store sensitive information in your policy repository (keystore locations, passwords, etc.). Such information will be properly used for configuring your endpoints and safely removed from published WSDLs. It means you can maintain such a sensitive information at just one place and still be able to use it for configuring lots of your endpoints.