Security Policy Association

Shared Configuration

The Security Policy Association shared configuration resource associates a Security Policy with a particular Service operation or SOAP resource in your project. This allows you to specify security policies for inbound or outbound SOAP messages on a per-operation or per-activity basis.

When a security policy is attached to a resource that receives SOAP messages (for example, SOAP Event Source, or the reply message of a SOAP Request Reply activity), the associated security policy is used for the incoming message. For example, if authentication is specified in the security policy, then the identity of the sender of incoming messages is checked against a list of trusted identities.

When a security policy is attached to a resource that sends SOAP messages (for example, SOAP Request Reply , SOAP Send Fault, or SOAP Send Reply), the security the associated security policy is used for the outgoing message. For example, if encryption is specified in the security policy, the outgoing message is encrypted before it is sent.

Note: Security Policy Association shared configuration resources are not referenced by resources in process definitions. Therefore, they are not automatically included in Enterprise Archive files. You must manually add Security Policy Association resources to the Shared Archive within an Enterprise Archive for the associations to work properly in a deployed project. For more about adding resources to the Shared Archieve, see TIBCO ActiveMatrix BusinessWorks™ Administration.
Warning: To run a project with security policy associations successfully, ensure that all the policy associations in the project are valid. Any invalid associations must be removed from the project before running the project.