Overview of Policies

Policies are categorized under the following policy types:

HTTP Security

  • Basic Authentication

    The Basic Authentication policy secures the HTTP layer of REST, SOAP, and pure HTTP services by validating user name and password credentials stored in HTTP headers. User name and password credentials can be authenticated against an XML File Authentication provider.

  • Basic Credential Mapping

    The Basic Credential Mapping policy enables authentication for specified users by automatically attaching appropriate credentials to request messages before they reach services. You can choose to enforce Fixed or Conditional credential mapping.

SOAP Security
  • WSS Provider

    Configure the WSS Provider policy to enforce authentication, confidentiality, integrity, and time stamping of service-side messages.

  • WSS Consumer

    Configure the WSS Consumer policy to enforce confidentiality, integrity, time stamping, and credential mapping of response messages.