Creating and Managing Policy Sets 9-15 Alternately, you can choose to cancel any changes by using the abortRepositorySession command, which discards any changes that were made to the repository during the session. For more information about the WLST commands and their arguments, see Web Services Custom WLST Commands in WebLogic Scripting Tool Command Reference. Disabling a Globally Attached Policy To explicitly disable a globally attached policy for specific endpoints, predefined policies that do not enforce any behavior are included with your Fusion Middleware installation. You can disable a globally, or externally, attached policy by attaching one of these predefined policies that contains the same category of assertions as the policy to be disabled. You can attach the no behavior policy either directly to an endpoint, or globally at a lower scope, such as at the application or module level. A policy that is directly attached takes precedence over a policy that is globally attached and a policy that is globally attached at a lower scope takes precedence over a policy that is globally attached at a higher scope. For more information, see Calculating the Effective Set of Policies on page 9-22. For example, if an authentication policy is globally attached to all service endpoints in a domain, you can disable it for a specific Web service endpoint by directly attaching the oracleno_authentication_service_policy to the endpoint. Alternatively, to disable the authentication policy for only an application in the domain, you can create a policy set that attaches the oracleno_authentication_ service_policy only to the service endpoints in the application. For details about directly attaching a policy to an endpoint, see Attaching a Policy to a Single Subject on page 8-3. For more information about the no behavior policies, see No Behavior Policies on page B-30. Enabling and Disabling a Policy Set The following sections describe how to enable or disable a policy set using either Fusion Middleware Control or the command line interface WebLogic Scripting Tool, WLST. Note: If the globally attached policy that you are disabling contains any other assertions, those assertions are disabled also. For example, if the global policy to be disabled is oraclewss10_saml_token_with_ message_protection_client_policy and you attach the no behavior oracleno_authentication_service_policy to an endpoint at lower scope or directly, both the authentication and the message protection assertions of the globally attached policy are disabled. Note: Do not delete these no behavior policies. All of the policies use the same no_behavior assertion. An assertion template is not provided, therefore if you delete the policies, there is no way to recreate them manually. If they are deleted by mistake, the only way to restore them is to rebuild the repository. For more information, see Rebuilding the Oracle WSM Repository on page 17-8.