Managing Web Service Policies 7-25 5. For ADF and WebCenter applications, restart the Web service application. You do not need to restart a SOA composite. For more information about these WLST commands and their arguments, see Web Services Custom WLST Commands in WebLogic Scripting Tool Command Reference. Enabling or Disabling a Policy for All Subjects When a policy is created, it is enabled by default unless it has validation errors. A policy can be globally enabled or disabled from the Edit Policy page. You can enable or disable the policy from one central location, and it will be enabled or disabled for any policy subject to which it is attached. When you disable a policy from the Edit Policy page, the policy continues to be attached to the policy subjects, but the policy is not enforced. You may want to temporarily disable a policy if you discover that there is a problem with the policy that is causing all requests to a Web service to fail. Once the problem is corrected, you can globally enable the policy. Before disabling a policy, you may want to click Usage Analysis Link see Analyzing Policy Usage on page 7-26 to see the policy subjects to which the policy is attached. The change to the policy takes effect at the next polling interval for policy changes. You may also selectively enable or disable a policy for a specific policy subject rather than for all policy subjects. See Enabling or Disabling a Policy for a Single Policy Subject on page 7-23 for more information. To enable or disable a Web service policy for all policy subjects: 1. Navigate to the Web Services Policy page, as described in Navigating to the Web Services Policies Page in Fusion Middleware Control on page 7-2.

2. Select a policy from the Policies table and click Edit.

3. In the Policy Information section of the Edit Policy page, select or deselect the Enabled box to enable or disable the policy, respectively see Figure 7–16 . Figure 7–16 Enabled Box on the Edit Policy Page

4. Click Save.

Enabling or Disabling Assertions Within a Policy Rather than enable or disable an entire policy, you may wish to enable or disable one or more of the assertions that are contained within a policy. This provides a more fine-grained level of control over the assertions that are executed. 7-26 Oracle Fusion Middleware Security and Administrators Guide for Web Services For example, all predefined Web service security policies contain an instance of the logging assertion template, oraclesecurity_log_template, to capture the entire SOAP message before and after the primary security assertion is executed. By default, the log assertion is not enforced. You must enable it in order for the SOAP message to be logged in message logs. It is recommended that the logging assertion be enabled for debugging and auditing purposes only. For more information about logging, see Diagnosing Problems Using Logs on page 16-15. To enable or disable one or more assertions within a policy: 1. Navigate to the Web Services Policy page, as described in Navigating to the Web Services Policies Page in Fusion Middleware Control on page 7-2.

2. Select a policy from the Policies table and click Edit.

3. In the Assertions section of the Edit Policy page, select or deselect the Enforced

box to enable or disable the assertion within the policy, respectively see Figure 7–17 . Figure 7–17 Enable or Disable an Assertion Within a Policy

4. Click Save.

Analyzing Policy Usage Policies are created and managed at the domain level. The central management of policies gives you the ability to reuse policies and attach them to multiple policy subjects. Any change to a policy for example, editing a policy or deleting a policy Note: The policy usage feature described in this section requires that you use a database-based Oracle WSM Repository. If you are not using a database-based repository, policy usage information is not available.