CA API Gateway 9.1

9.4 9.1

Configure a Service Policy

In the Policy Manager, you construct a policy for a published service using these four general steps:
gateway83
In the Policy Manager, you construct a policy for a published service using these four general steps:
  1. Select the service for the policy.
  2. Add the assertions to the policy development window and configure as necessary. Refer to the documentation for specific assertions for configuration instructions. You can use policy fragments to help maintain consistency and enforce global rules across different services.
  3. Organize the assertions into a logical tree-structure that conforms to the policy and assertions rules..
  4. Validate the policy.
A logical policy must be in place for each published service in the Policy Manager. In addition to manually constructing a policy, you can also:
  • Import a policy from a local file
  • Import a policy from a UDDI registry
 
When configuring a policy for the first time on a newly published service, you may want to disable the service while constructing the policy. This removes any possibility of unsecured and unauthorized access. A disabled service contains a red "X" through its icon.
 
 
To configure a policy:
  1. Access the policy development window for the target service by one of two methods:
    • Right-click the service name in the Services and Policies list and then select Active Policy Assertions
    • Double-click the service name in the Services and Policies list
    The policy development window appears.
  2. Add assertions to the policy and configure if necessary. Some assertions require configuration immediately, while others have adequate defaults such that additional configuration may not be required. Some assertions do not require configuring at all.
    When you publish a service using the Publish SOAP Web Service Wizard, Create WSDL Wizard, or Publish Web API Wizard, the Policy Manager automatically adds the service URL specified during the publication process as an Route via HTTP(S) assertion in the policy development window.
    Certain assertions in the Policy Manager expect an XML payload and will fail on non-XML messages. If you expect your published service to handle both XML and non-XML messages, then you should structure the policy to branch accordingly. For more information, see Working with Non-XML Messages.
  3. Organize the assertions into a logical structure as follows:
    Action
    Description
    Move an assertion up
    Do any of the following:
    • Select the assertion, then click the Up arrow on the Assertions Tool Bar
    • Right-click the assertion and then select Move Assertion Up
    • Drag and drop the assertion to its new position
    You can move several assertions at once by using [Ctrl]-click to select them first.
    Move an assertion down
    Do any of the following:
    • Select the assertion, then click the Down arrow on the Assertions Tool Bar
    • Right-click the assertion and then select Move Assertion Down
    • Drag and drop the assertion to its new position
    You can move several assertions at once by using [Ctrl]-click to select them first.
    Remove an assertion
    Do any of the following:
    • Select the assertion, then click X on the Assertions Tool Bar. Click
      Yes
       to confirm.
    • Right-click the assertion and then select
      Delete Assertion.
    Add an "All" or "One or more" folder
    Organize the assertions into an "At least one assertion must evaluate to true" or "All assertions must evaluate to true" assertion folder in the policy development window. See Policy Organization for examples.
    Edit an assertion's properties
    This applies only if an assertion has editable properties. Do one of the following:
    • Press [
      Enter
      ] while a single assertion is selected in the policy development window.
    • Double-click an assertion in the policy development window.
    • Right-click the assertion in the policy development window and select "<assertion name> Properties".
    Some additional tips to keep in mind:
    • Use the feedback messages in the Policy Validation Messages window to help you construct your policy. See Validating a Policy for more information.
    • You can also use Copy and Paste in the Edit menu to organize the assertions.
    • Instead of deleting an assertion, consider disabling it instead. Disabling an assertion is useful during testing and troubleshooting.
  4. Validate the policy one more time. If no issues remain, you may now enable the service.

Content feedback and comments