Overview of Policies
Policies are categorized under the following policy types:
HTTP Security
- Basic Authentication
The Basic Authentication policy secures the HTTP layer of REST, SOAP, and pure HTTP services by validating user name and password credentials stored in HTTP headers. User name and password credentials can be authenticated against an XML File Authentication provider or an LDAP Authentication provider.
- Basic Credential Mapping
The Basic Credential Mapping policy enables authentication for specified users by automatically attaching appropriate credentials to request messages before they reach services. You can choose to enforce Fixed or Conditional credential mapping.
- WSS Provider
Configure the WSS Provider policy to enforce and validate authentication, confidentiality, integrity, and time stamping of service-side messages.
- WSS Consumer
Configure the WSS Consumer policy to enforce and validate confidentiality, integrity, time stamping, and credential mapping of response messages.