There are basically 4 main possibilities to define WS-Policy in CXF projects:
- WSDL Policy attachment
- Spring configuration
- In code using WSPolicyFeature
- Dynamically via message context property
Let look into them in detail.
WSDL Policy attachment
WS-Policies can be attached and referenced in WSDL elements. Web Services Policy 1.5 - Attachment standard describes all possible alternatives. WS-Policies can be placed inside the WSDL itself or referenced as external documents. CXF will automatically recognize, read and use policies defined or referenced in WSDL. A sample of an attached policy is shown below:
It is possible to define policies directly in the Spring configuration of the client and service as a jaxws feature. CXF will recognize and use configured WS-Policies:
In code via WSPolicyFeature
Instead of loading the policies via Spring as detailed in the previous section, we can load the policies via code using the WSPolicyFeature, and then set it on a ClientFactoryBean, ServerFactoryBean or ClientProxyFactoryBean instance, for example:
Dynamically via message property
Sometimes policies cannot be configured statically, because they are obtained or calculated dynamically for the concrete message (for example using Policy Server or Service Registry). For such cases CXF provides a possibility to load the policy dynamically and set it into the message context property. It can be done for example in a custom interceptor that fulfills the following:
- Get policy from external location and build it for current message.
- Parse WS-Policy XML using Neethi library.
- Store result Policy object into PolicyConstants.POLICY_OVERRIDE message content property.
It is important that this custom policy interceptor is called before CXF PolicyInInterceptor or PolicyOutInterceptor. Then CXF will automatically recognize Policy stored into this property and use it with the highest priority.