Using the WS-Auditing Message Policy

Learn about the WS-Auditing Message Policy and policy configuration options.

About Policies Managing Policies About Operational Policies

For information about using policies in the context of the developer portal, see Business Policies.

Table of Contents

  1. About the WS-Auditing Message policy
  2. Creating a WS-Auditing Message policy
  3. Configuring a WS-Auditing Message policy
  4. WS-Auditing Message policy options
  5. Attaching the policy

About the WS-Auditing Message policy

You can attach the WS-Auditing Message Policy can be attached to service operations and binding operations to define auditing actions that will be performed on the messages.

back to top

Creating a WS-Auditing Message policy

The first step in creating a policy is to define the basic policy information. Then, you can configure the policy details.

To add an operational policy
  1. Go to Workbench > Browse > Organization, and select Policies > Operational Policies. The Policies Summary is displayed.
  2. Click Add Policy.
  3. Choose the policy type and click Next.
  4. Specify a name (required) and description (optional) and click Finish. At the Completion Summary, Click Close. The Add Policy Wizard creates a draft policy instance that you can then configure on the Policy Details page.

For more information, see Add Policy.

back to top

Configuring a WS-Auditing Message Policy

To configure a WS-Auditing Message policy
  1. Go to Workbench > Browse > Organization and select the Policies > Operational Policies folder. The Policies Summary is displayed.
  2. Find the policy on the list and double-click to go to the Details page for the policy.
  3. In the second panel, click Modify to access the Modify WS-Auditing Message Policy page, as shown below.

  4. Specify values. For information about the fields, refer to WS-Auditing Message policy options below.
  5. When done, click Apply.

Back to top

WS-Auditing Message policy options

The Modify WS-Auditing Policy wizard has only one page. It includes the options listed below.

Audit SOAP Envelope Message Size
A checkbox that enables auditing of the SOAP envelope message size.
Audit Transport Headers
A checkbox that enables the ability to audit transport headers. Options:
  • All Headers—A radio button option that enables the ability to audit all transport headers.
  • Specific Headers—A radio button option that enables the ability to audit a list of transport headers. The Transport Header table stores a list of transport headers to be audited. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.
Audit Wire Formatted Message Content
A checkbox that enables auditing of message content in its wire format. Wire format is encoded for transport using a protocol. For incoming messages auditing occurs before SOAP headers are processed. For outgoing messages auditing occurs after all SOAP headers are applied. Options:
  • Entire Message—Checkbox that enables the auditing of all messages.
  • Specific Elements Identified by XPath—Checkbox that enables the ability to filter a subset of messages based on a defined filter (XPath expression). The XPath Expression table allows you to specify one or more XPath expressions that audited messages must satisfy. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.
Audit Application Formatted Message Content
A checkbox that enables auditing of message content in its application readable format. Application is independent of protocol in the form the application consumes. For incoming messages auditing occurs after all SOAP headers have been processed. In this scenario, the SOAP envelope may remain. For outgoing messages auditing occurs before SOAP headers have been added. Some headers may be present if included by the application, or service, itself. Options:
  • Entire Message—Checkbox that enables the auditing of all messages.
  • Specific Elements Identified by XPath—Checkbox that enables the ability to filter messages based on XPath expressions. You can specify one or more XPath expressions that audited messages must satisfy. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.
Mask Message Content by XPath
A table that allows you to specify mask characters and define one or more XPath expressions to identify message content you would like to hide.
  • Mask—A field display that allows you to specify characters that are used to mask (hide) content that matches the specified XPath Expression. The default mask is ******.
  • XPath Expression—A table that allows you to specify one or more XPath expressions to identify content to be masked. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.
Namespace Prefixes
A table that allows you to specify an XPath expression that audited messages must satisfy. The Namespace Prefixes table allows you to enter one or more Namespace Prefix expressions for filtering messages. The table includes Prefix and Namespace table cells. The table cells are editable. Click Add or Delete to modify the list. You can also sort the list by clicking the table header.

When you're done, save the changes.

back to top

Attaching the policy

To use the policy, go to the Policies folder in the Root Organization and attach the policy to a web service, binding, or binding operation.

Back to top