Applying WS-Security Policy for Partner Link Configuration

Endpoint operation of a partner link defined in a Partner Link Configuration resource acts as a security subject and the security policies can be applied to it. There is a unique association between the partner link service endpoint operation security subject and the applied security policies.

The SOAP event source polices are applied at the operation level. The policies applied to a Partner Link Configuration resource are always at the service endpoint operation level.

To apply a policy on a Partner Link Configuration, follow this procedure:

  1. Drag and drop a Partner Link Configuration resource onto the design panel.

  2. Click the + button to add Partner Link with SOAPEndpoint. If necessary, use the X button to delete partner links or the arrow buttons to move partner links up or down the list.

  3. Drag and drop Security Policy Association resourse onto the design panel.

  4. Drag and drop Security Policy resource onto the design panel.

  5. Name the Security Policy, for example, Inbound Security Policy.

  6. From the Policy Type drop-down, select inbound.

    Follow the similar process of outbound, inbound fault and outbound fault.

  7. Click the Select button to the right of the Apply Policy to field. In the Choose Security Subject dialog box, expand Partner Link Configuration resource and select a service endpoint operation.

  8. Click in the Inbound Message Policy field. In the Select a Resource dialog box, expand Policies and select, Inbound Security Policy, in this case.

Follow the same process for Outbound Message Policy, Inbound Fault Message Policy, and Outbound Fault Policy.

Security Policy Association

  • Apply Policy To - for associating the security policy with the PortTypeEndpoint.

  • Inbound Message Policy - for applying security policy to the messages being received.

  • Outbound Message Policy - for applying security policy to the messages being sent.

  • Inbound Fault Message Policy - for applying security policy to the fault messages being received.

  • Outbound Fault Message Policy - for applying security policy to the fault messages being sent.