Configuration Guides › Federation Security Services Guide › Federation Web Services Application Setup › Protect the Federation Web Services Application › Enforce Policies that Protect Federation Web Services

Enforce Policies that Protect Federation Web Services

The SOA Security Manager policies application protects the Federation Web Services (FWS).

When you install the [set to your product name], SOA Security Manager creates the necessary policies and the related policy objects automatically. Each service has one policy that makes up the Federation Web Services application.

The following table lists the objects and policies that protect FWS.

You must enforce protection of the Federation Web Services policies

To enforce policies to protect the Federation Web Services application

1. Add the Web Agent that protects the Federation Web Services application to the Agent group FederationWebServicesAgentGroup.

   For ServletExec, this Agent is on the web server where the Web Agent Option Pack is installed. For any application server, such as WebLogic or JBOSS, this Web Agent is installed where the application server proxy is installed. The Web Agent Option Pack can be on a different system.

2. Specify the affiliates who are permitted to access the Federation Web Services application. This action requires adding affiliates, Services Providers, or Resource Partners as users to the appropriate policies in the FederationWebServicesDomain.

   Note: Establish affiliate domains and add affiliates to the domains before you give permission to the affiliates.

All other aspects of configuring the policies, such as the Basic authentication scheme, realms and rules are set up automatically.