Adding OWSM Policies to services ( em & jdev)

Hi,

Many a times it is necessary for us to secure our exposed services/components/external reference with one or more predefined owsm policies.

Here I am demonstrating the same for a exposed rest service.

Example: I have a REST service and I am supposed to add "oracle/multi_token_rest_acces_service_policy"

Steps: Adding policy from EM: 
1. Go to EM Console
2. Go to your deployed composite
3. Policies Tab

4. Click on AttachTo,DetachFrom drop Down and choose service where policy have to be added.

5. This opens up a window with available policies, Choose appropriate and click on attach 

6. This moves the chosen policy to the upper shelf of  "Directly attached policy" ( if you dont want attached policies then click on detach, marked in red)

7. Thats it policy gets attached to our service.

Steps to Configure the same policy for the same service from JDEV:

1. Go to your Jdeveloper, open your composite.xml

2. Choose your service for which you want to configure policies ( here exposed rest service )

3. Right Click on the exposed service 

4. Select Configure WS Policies

5. This opens a window and choose appropriate policy under security tab

6. Once selected below it gets checked, it means it gets added to the service.

7. Go to source of composite.xml and edit the policy name to the exact policy that we attached in the em console for http_client_service

"oracle/multi_token_rest_access_service_policy"

7. Thats all! We can see our exposed service is now Configured with the appropriate policy.

Other general policies that we add:

oracle/wss_username_token_service_policy

Keep exploring owsm policies... 

Cheers! to the next ..

Krithika