Policy Definitions and Concepts

The following definitions and concepts are used to describe policies and policy management.

Policy

A policy is set of constraints that you can define and apply in TIBCO Business Studio™ for BusinessWorks™ to manage and enforce cross-functional requirements within your application such as security, monitoring, and compliance. You can add policies to activities and bindings in a process to influence or alter actions in the process flow.

Policy Types

Policies that are related or perform similar functions are categorized under policy types. Policies that can be applied to the HTTP layer of SOAP, REST, and pure HTTP services are categorized under the HTTP Security policy type. Policies that can be applied to the SOAP layer are categorized under the SOAP Security policy type.

Activities

An activity is the individual unit of work in a process. You can add policies to activities to influence or alter actions in a process flow. For more information about activities, see Application Development in the TIBCO BusinessWorks™ Container Edition Getting Started guide.

Bindings

A binding is used to establish a connection between SOA Services and their consumers. There are two types of binding components:
  • Service Binding, which is used to create and expose a service to the external world. The service can contain one or more operations. Once exposed, the service can be consumed by its clients.
  • Reference Binding, which is used to create a client that can connect and communicate to an external service.

You can add policies to bindings to manage, modify and secure message exchanges on the consumer side and provider side. For more information about the types of bindings offered in the workspace, see Binding in the TIBCO BusinessWorks™ Container Edition Concepts guide.

Policy Association

When you add a policy on an activity or a binding, the relationship you create between the resources is called a policy association. At runtime, policies are enforced on the activities and their associated bindings.

Shared Resources

Policies reference shared resources. You can manage and configure shared resources in your workspace. The following table describes shared resources that each policy might reference.

Policy Shared Resource
Basic Authentication
  • LDAP Authentication
  • XML Authentication
Basic Credential Mapping
  • Identity Provider
WSS Provider
  • Subject Provider
  • Keystore Provider
  • Trust Provider
  • WSS Authenticatation
WSS Consumer
  • Identity Provider
  • Keystore Provider
  • Trust Provider
  • Subject Provider
  • WSS Authenticatation
Tip: You can define a shared resource and then reference it from a single policy or multiple policies. For example, you could use a single Keystore resource in the WSS Provider policy and the WSS Consumer policy.

Governance Agent

The governance agent is a TIBCO BusinessWorks Container Edition run time component that dynamically enforces policies during runtime. A governance agent must be enabled on an appnode to enforce policies applied to BusinessWorks applications. For instructions on enabling the governance agent, see Enabling the Governance Agent in the TIBCO BusinessWorks™ Container Edition Administration guide.