The Policy Manager Workbench Policies View is the starting point for defining, configuring, and managing policies used to govern web services that are managed in Policy Manager Workbench. Polices are supported at both the Root and Sub-Organization levels.
Policies are defined in the Policies Object within an Organization and can also be added at the Organization level by selecting Add Policy from the Actions portlet. The Policies Object provides a platform for managing the creation and maintenance of WS-Security and compatibility policies (i.e., Pipeline Policies) that comprise your Policy Manager deployment. In addition, a policy cannot be moved from one Organization to another.
The policy framework supports delegated administration which means that policies can be assigned at the Organization and Service Operation levels. Based on your security requirements, you can configure policies as single entities or you can define a policy group (for example, Aggregate Policy) that includes two or more policies. The Add Policy Wizard is used to create a policy. Policies can be attached to different governable entities in the Policy Manager Workbench including Organizations, Services, Endpoints, Operations, and Messages.
The following list represents all of the supported policy functions. The Policies Summary screen includes a set of general policy actions that are common for all policies. The Modify Policy functions provide configuration options that are unique to each policy type.
You can do the following with policies. For more information, see Managing Policies.
- View Policies Summary
- Add Policy
- View Policy Details
- View Policy Overview
- View Policy References
- Modify Policy Information
- Change Organization
- Delete Policy
- Export Policy
- Use Regular Expressions in Policies
There are three policy categories:
Quality of Service policies allow you to define metrics of requirements for ensuring service availability, performance, integrity, and reliability.
The platform supports the following Quality of Service policies:
- Bandwidth Quota Policy
- Concurrency Quota Policy
- Script Policy
- Service Level Enforcement Policy
- Service Level Policy
- Throughput Quota Policy
- Timeout Policy
For more information, see About QoS Policies.
The platform supports the following operational policies:
The platform supports the following additional operational policies:
- API Consumer Application Security Policy
- API User Security Policy
- Aggregate Policy
- Anti Virus Policy
- Auditing Message Policy
- Auditing Service Policy
- Authentication Policy
- Authorization Policy
- CORS Policy
- Cross-Site Scripting Detection Policy
- HTTP Caching Policy
- HTTP Malicious Pattern Detection Policy
- HTTP Message Validation Policy
- HTTP Security Policy
- JOSE Security Policy (deprecated in 8.4.23)
- JOSE Security Policy v2 (Unencoded Payload Support)
- Message Threat Policy
- Metrics Policy
- OAuth Security Policy
- OAuth 10a Trusted Token Security Policy
- Paging Policy
- Pipeline Policy
- Private Operational Script Policy
- Public Operational Script Policy
- Schema Validation Policy
- SPNEGO Policy
- WS-Addressing Policy
- WS-Auditing Message Policy
- WS-Auditing Service Policy
- WS-Auditing Transaction Tracking Policy
- WS-Malicious Pattern Detection Policy
- WS-Schema Validation Policy
- WS-Security Asymmetric Binding Policy
- WS-Security Message Policy
- WS-Security Supporting Tokens Policy
- WS-Security Symmetric Binding Policy
- WS-Security Transport Binding Policy
- XML Policy
The following information on additional operational policies is applicable only if you have the Envision product installed:
For more information, see About Operational Policies.
The platform supports the following compliance policies:
- Compliance Aggregate Policy
- Compliance Script Policy
- Compliance WSI BP Policy
- Compliance XQuery Policy
For more information, see About Compliance Policies.