Custom Policy Set

The custom policy set defines the name of an external policy set that the BPM runtime will apply to the outgoing REST request (and if appropriate, to the incoming REST response).

The external policy set:
  • must contain the security information required to construct the outgoing REST request and, if appropriate, to also handle the resultant incoming response.
  • must be defined in an XML file (with the extension .policysets) that is available in the same workspace.
Note: TIBCO Business Studio does not validate whether the external policy set is applicable to and correct for the target service. Using an incorrect policy type or a wrongly configured policy will result in an error, either during DAA configuration or at runtime.

For more information on how to set up the username/password identity provider see the tutorial How to Call a Secured External Web Service From a Process.

The BPM runtime supports a wide range of policies and policy sets that can be used to address different security requirements and scenarios. For more information about external policy sets and how to create them, see the following topics:
  • "Policy Management", in Composite Development.
  • "Security Resource Templates", in SOA Administration. (This guide is not included in the TIBCO Business Studio documentation set. You can access it either from the BPM runtime documentation set, or from the Help in the Administrator interface in the BPM runtime.)