1. REST API for Oracle Web Services ManagerREST API for Oracle Web Services Manager
  2. Use Cases
  3. Create and Manage Policy Sets

Create and Manage Policy Sets

Policy sets provide a means to attach policies globally to a range of endpoints of the same type. You can use the Policy Set REST APIs to create and manage available policy sets.

The cURL command examples use the URL structure: 
http(s)://host:port/wsm-pmrest/v2/policyset

The following use case shows you how to:

  • Create a policy set

  • Modify the a policy set

  • View the policy set

  • Delete the policy set

To manage the policy set:

  1. Specify the headers on the cURL command line: 
    -H Accept:application/json
  2. Create two new empty policy sets myPolicySet1 and myPolicySet2 by running the following command: 
    curl -i -X POST -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X POST -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset

    See Create PolicySet(s).

    The following shows an example of the request body.

    [
  {
    "name": "myPolicySet1",
    "type": "ws-service",
    "scope": "Domain('*')"
  },
  {
    "name": "myPolicySet2",
    "type": "ws-service",
    "scope": "Domain('*')"
  }
]

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20001",
  "MESSAGE": "PolicySets \"[myPolicySet1, myPolicySet2]\" are successfully created."
}
  3. Create a policy set myPolicySet3 with policy attachment and configuration override by running the following command: 
    curl -i -X POST -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X POST -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset

    See Create PolicySet(s).

    The following shows an example of the request body.

    [
  {
    "name": "myPolicySet3",
    "type": "WS-Service",
    "scope": "Domain('*')",
    "description": "Global policy attachments for SOAP Web Service resources.",
    "status": "enabled",
    "configOverrides": [
      {
        "name": "keystore.enc.csf.key",
        "value": "myKey1"
      },
      {
        "name": "reference.priority",
        "value": "1"
      }
    ],
    "policyReferences": [
      {
        "uri": "oracle/wss_username_token_service_policy",
        "status": "enabled",
        "configOverrides": [
          {
            "name": "keystore.enc.csf.key",
            "value": "myKey2"
          },
          {
            "name": "myprop",
            "value": "myval"
          }
        ]
      }
    ]
  }
]

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20001",
  "MESSAGE": "PolicySets \"[myPolicySet3]\" are successfully created."
}
  4. Enable the policy sets myPolicySet1 and myPolicySet2 by running the following command: 
    curl -i -X PATCH -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X PATCH -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset

    The following shows an example of the request body.

    [
  {
    "name": "myPolicySet1",
    "status": "enabled"
  },
  {
    "name": "myPolicySet2",
    "status": "enabled"
  }
]

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20002",
  "MESSAGE": "PolicySets \"[myPolicySet1, myPolicySet2]\" are successfully updated."
}

    See Update PolicySet(s).

  5. Specify a run-time constraint value for the policy set myPolicySet1 by running the following command: 
    curl -i -X PATCH -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X PATCH -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset/myPolicySet1

    See Update a Specific Named PolicySet.

    The following shows an example of the request body.

    {
  "constraint": "HTTPHeader('VIRTUAL_HOST_TYPE','external')"
}

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20002",
  "MESSAGE": "PolicySets \"myPolicySet1\" are successfully updated."
}
  6. View the configuration of a specified policy set myPolicySet3 by running the following command: 
    curl -i -X GET -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X GET -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset/myPolicySet3

    See Get PolicySet(s) by Type.

    The following shows an example of the response body:

    [
  {
    "name": "myPolicySet3",
    "type": "WS-Service",
    "scope": "Domain('*')",
    "description": "Global policy attachments for SOAP Web Service resources.",
    "status": "enabled",
    "configOverrides": [
      {
        "name": "keystore.enc.csf.key",
        "value": "myKey1"
      },
      {
        "name": "reference.priority",
        "value": "1"
      }
    ],
    "policyReferences": [
      {
        "uri": "oracle/wss_username_token_service_policy",
        "status": "enabled",
        "configOverrides": [
          {
            "name": "keystore.enc.csf.key",
            "value": "myKey2"
          },
          {
            "name": "myprop",
            "value": "myval"
          }
        ]
      }
    ]
  }
]
  7. View the policy sets based on the type of policy subject ws-service by running the following command: 
    curl -i -X GET -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset?type={value}

    Example

    curl -i -X GET -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset?type=ws-service

    See Get PolicySet(s) by Type.

    The following shows an example of the response body:

    [
  {
    "name": "myPolicySet1"
  },
  {
    "name": "myPolicySet2"
  },
  {
    "name": "myPolicySet3"
  }
]
  8. Optionally, delete the policy set myPolicySet3 by running the following command: 
    curl -i -X DELETE -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset

    Example

    curl -i -X DELETE -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset/myPolicySet3

    See Delete a PolicySet by Name.

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20004",
  "MESSAGE": "Following policy set(s) are successfully deleted: [myPolicySet3]"
}
  9. Optionally, delete the policy sets based on the type of policy subject ws-service by running the following command: 
    curl -i -X DELETE -u username:password -H Content-type:application/json http://host:port/wsm-pmrest/v2/policyset?type={value}

    Example

    curl -i -X DELETE -u Smith:Password -H Content-type:application/json http://myhost:7001/wsm-pmrest/v2/policyset?type=ws-service

    See Delete PolicySet(s) by Type.

    The following shows an example of the response indicating the request succeeded.

    {
  "STATUSCODE": "20004",
  "MESSAGE": "Following policy set(s) are successfully deleted: [myPolicySet1, myPolicySet2]"
}