Menu
Home
People
Places
Arts
History
Plants & Animals
Science
Life & Culture
Technology
Reference.org
WS-SecurityPolicy
open-in-new
<h2 id="sample-policies">Sample Policies</h2> <p>Namespaces used by the following XML-snippets: </p> <p:Policy xmlns:p="http://www.w3.org/ns/ws-policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200802"> ... </p:Policy> <p>Include a timestamp: </p> <sp:IncludeTimestamp /> <p>Use either transport layer security (https) or message level security (XML Dsig/XML Enc): </p> <ExactlyOne> <sp:TransportBinding>...</sp:TransportBinding> <sp:AsymmetricBinding>...</sp:AsymmetricBinding > </ExactlyOne> <p>To define a SAML assertion as security token: </p> <sp:IssuedToken> <sp:RequestSecurityTokenTemplate> <wst:TokenType>...#SAMLV2.0</wst:TokenType> </sp:RequestSecurityTokenTemplate> </sp:IssuedToken> <p>Issued token assertion of providers with reference to the STS and required token format: </p> <sp:IssuedToken> <sp:Issuer> <wsa:EndpointReference> <wsa:Address>http://sampleorg.com/sts</wsa:Address> </wsa:EndpointReference> </sp:Issuer> <sp:RequestSecurityTokenTemplate> <wst:TokenType> http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID </wst:TokenType> ... </sp:RequestSecurityTokenTemplate> ... </sp:IssuedToken> <p>Specify that message header and body need to be signed, and attachments are left unsigned: </p> <sp:SignedParts xmlns:sp="..." ... > <sp:Body />? <sp:Header Name="Dx:NCName"? Namespace="Xd:anyURI" ... />* ... </sp:SignedParts> <p>specify that message open source license need to be signed, and hydra security are left unsigned: </p> <sp:signedparts http:np="..."...> <sp:Hydrasecurity />? <sp:Opensourcelicense Name="Hs:NCName"? Namespace="Sh:anyURI" .../>* ... </sp:SignedParts> <h2 id="other-ws-policy-languages">Other WS policy languages</h2> <p>The term <i>Web Services Security Policy Language</i> is used for two different XML-based languages: </p> <ol><li>As described above, based on the WS-Policy framework, as defined in,<a class="footnote-ref" id="fnref:2" href="#fn:2"><sup>2</sup></a> published as version 1.3 in Feb. 2009</li> <li>WSPL, based on <a href="http://xml.coverpages.org/WSPL-draft-xacmlV04-1.pdf">XACML profile for Web-services</a>, but that was not finalized.<a class="footnote-ref" id="fnref:3" href="#fn:3"><sup>3</sup></a></li></ol> <h2 id="see-also">See also</h2> <ul><li><a href="/facts/List_of_Web_service_specifications/x4qDdmTj">List of Web service specifications</a></li></ul> <h2 id="external-links">External links</h2> <ul><li><a href="https://www.oasis-open.org/standards#ws-secpol">WS-Security Policy standards</a> at OASIS</li> <li><a href="http://msdn.microsoft.com/en-us/library/ms977312.aspx">Security in a Web Services World: A Proposed Architecture and Roadmap (IBM/Microsoft Whitepaper, 2002)</a></li></ul> <h2 id="references">References</h2> <ol> <li id="fn:1"><p>http://www.w3.org/TR/ws-policy-attach/ WS-Policy - Attachment <a href="http://www.w3.org/TR/ws-policy-attach/" target="_blank">http://www.w3.org/TR/ws-policy-attach/</a> <a href="#fnref:1" class="footnote-back-ref">↩</a></p></li> <li id="fn:2"><p>http://www.oasis-open.org/specs/index.php#ws-secpol WS-SecurityPolicy <a href="http://www.oasis-open.org/specs/index.php#ws-secpol" target="_blank">http://www.oasis-open.org/specs/index.php#ws-secpol</a> <a href="#fnref:2" class="footnote-back-ref">↩</a></p></li> <li id="fn:3"><p>http://www.oasis-open.org/committees/download.php/1608/wd-xacml-wspl-use-cases-04.pdf Web-services policy language use cases and requirements (draft) <a href="http://www.oasis-open.org/committees/download.php/1608/wd-xacml-wspl-use-cases-04.pdf" target="_blank">http://www.oasis-open.org/committees/download.php/1608/wd-xacml-wspl-use-cases-04.pdf</a> <a href="#fnref:3" class="footnote-back-ref">↩</a></p></li> </ol>