################################################################################ # # Security Binding descriptor # # [Policy]|[URI]|[Transport]|[FacadeOperation]|[Binding]|[Flow]|[service]|[Partner] # # Policy - Name of the policy as specify in policy mapping configuration file. # uri - the uri of the FacadeOperation that the policy is applied to. # Transport - the transport of the request (HTTP, HTTPS, JMS, or SOAP) # FacadeOperation - the FacadeOperation that the policy is applied to. # FacadeOperation is the opName specified in FacadeOperation.cfg # Binding - the binding component that the policy is applied to - service (northbound) or reference (southbound) # Flow - the flow of the request - in or out. # Service - the service as define in the service configuration file # Service is the serviceId without "service_" specified in TargetOperation.cfg # Optional - if not specified, wll apply to all service with the given FacadeOperation # Partner - the partner of the FacadeOperation # Optional - if not specified, will applied to all partner # ################################################################################ # The following are example of different combination of policySets for various scenarios. # Please refer to the policy for detail policy configuration. # Un-comment binding description in the set to see the policy enforment for that scenario. # UsernameToken Authentication #AuthenticationByUsernameToken|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|in|| #VerifyUsernameToken|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|in||anon # SAML Authentication #AuthenticationBySaml|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|in|http.GetBooksByAuthor|anon # Authorization By Role #AuthenticationByUsernameToken|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|GetBooksByAuthor|service|in|http.GetBooksByAuthor|anon #AuthorizationByRole|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|GetBooksByAuthor|service|in|http.GetBooksByAuthor|anon # Encryption and Decryption #Encryption|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|out|http.GetBooksByAuthor|anon #Decryption|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|in|http.GetBooksByAuthor|anon #Encryption|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|reference|out|http.GetBooksByAuthor|anon #Decryption|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|reference|in|http.GetBooksByAuthor|anon # Sign and Verify signature #Sign|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|reference|out|http.GetBooksByAuthor|anon #Sign|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|out|http.GetBooksByAuthor|tibco #VerifySignature|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|service|in|http.GetBooksByAuthor|anon # Fixed Credential Mapping # Note that the GetBooksByAuthor must be able to verify the UsernameToken from the policy applied. #CredentialMappingByUsernameToken|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|reference|out|http.GetBooksByAuthorX|tibco # SAML Credential Mapping # Note that the GetBooksByAuthor must be able to verify the SAML Token from the policy applied. #CredentialMappingBySaml|/ServerProcesses/GetBooksByAuthorEndpoint|SOAP|queryBookByAuthorBW|reference|out|http.GetBooksByAuthor|anon # OAuth #AuthenticationByOAuth|/facebookPing|HTTP|facebook_ping|service|in|http.Facebook_ping| #CredentialMappingByOAuth|/asg/oauth/me|HTTP|OAuthRedirect|reference|out|http.Facebook_ping| #BasicAuthentication|/PartUpdateRequest/PartUpdateRequestService.asmx|SOAP|PARTUPDATESERVICE|service|in|| BasicAuthentication|/nol-b2bpartinq|HTTP|NAPAONLINE_B2B_PARTINQUIRY|service|in|| BasicAuthentication|/nol-ca-b2bpartinq|HTTP|NAPAONLINE_CA_B2B_PARTINQUIRY|service|in|| BasicAuthentication|/nol-b2bsalesorder|HTTP|NAPAONLINE_B2B_SALESORDER|service|in|| BasicAuthentication|/nol-ca-b2bsalesorder|HTTP|NAPAONLINE_CA_B2B_SALESORDER|service|in|| BasicAuthentication|/ijoei-jdemultipartinq|HTTP|NAPAONLINE_JDE_MULTIPARTINQUIRY|service|in|| BasicAuthentication|/ejoei-jdesalesorder|HTTP|NAPAONLINE_JDE_SALESORDER|service|in|| BasicAuthentication|/tams-loyalty-memberstatus|HTTP|LOYALTY_MEMBERLOOKUP|service|in|| BasicAuthentication|/tams-loyalty-registration|HTTP|LOYALTY_MEMBERREGISTRATION|service|in|| BasicAuthentication|/tams-loyalty-transactions|HTTP|LOYALTY_TRANSACTION|service|in|| BasicAuthentication|/loyalty-memberstatus|HTTP|LOYALTY_MEMBERLOOKUP_GENERIC|service|in|| BasicAuthentication|/loyalty-registration|HTTP|LOYALTY_MEMBERREGISTRATION_GENERIC|service|in|| BasicAuthentication|/loyalty-transactions|HTTP|LOYALTY_TRANSACTION_GENERIC|service|in|| #----------------BEGIN APG_ES_Product--------------# #NXP authentication BasicAuthentication|/DCinventory|HTTP|NSight_dcinventory|service|in||anon BasicAuthentication|/GetProductAvailability|HTTP|NSight_GetProductAvailability|service|in||anon BasicAuthentication|/InventorySyncStatus|HTTP|NSight_inventorysyncstatus|service|in||anon BasicAuthentication|/RPMInventorySyncStatus|HTTP|NSight_rpminventorysyncstatus|service|in||anon BasicAuthentication|/RPMInventorySync|HTTP|NSight_rpminventorysync|service|in||anon BasicAuthentication|/SupplierInventory|HTTP|NSight_supplierinventory|service|in||anon BasicAuthentication|/SupplierInventoryRefresh|HTTP|NSight_SupplierInventoryRefresh|service|in||anon BasicAuthentication|/StoreInventory|HTTP|NSight_storeinventory|service|in||anon BasicAuthentication|/RPMInventoryVerification|HTTP|NSight_rpminventoryverification|service|in||anon #----------------END APG_ES_Product----------------# #----------------BEGIN APG_ES_Site--------------# #NXP authentication BasicAuthentication|/GetShuttleFeed|HTTP|NSight_GetShuttleFeed|service|in||anon BasicAuthentication|/SiteFeed|HTTP|NSight_SiteFeed|service|in||anon BasicAuthentication|/SiteDelivery|HTTP|NSight_SiteDelivery|service|in||anon BasicAuthentication|/SiteRelationShip|HTTP|NSight_SiteRelationShip|service|in||anon BasicAuthentication|/GetSiteRelationShip|HTTP|NSight_GetSiteRelationShip|service|in||anon BasicAuthentication|/SiteToSiteDeliveryFeed|HTTP|NSight_SiteToSiteDeliveryFeed|service|in||anon BasicAuthentication|/SiteDeliveryFeed|HTTP|NSight_SiteDeliveryFeed|service|in||anon BasicAuthentication|/StoreConsoleFeed|HTTP|NSight_StoreConsoleFeed|service|in||anon BasicAuthentication|/DeliveryException|HTTP|NSight_DeliveryException|service|in||anon #----------------END APG_ES_Site----------------# #----------------BEGIN APG_NAPA_XPRESS--------------# #NXP authentication --BasicAuthentication|/GetShippingQuote|HTTP|NXP_GetShippingQuote|service|in||anon BasicAuthentication|/SubmitOrder|HTTP|NXP_SubmitOrder|service|in||anon --BasicAuthentication|/RetrieveOrder|HTTP|NXP_RetrieveOrder|service|in||anon BasicAuthentication|/Order|HTTP|NXP_Order|service|in||anon BasicAuthentication|/ASN|HTTP|NXP_ASN|service|in||anon BasicAuthentication|/OptimizeCart|HTTP|NXP_OptimizeCart|service|in||anon BasicAuthentication|/ReceiveNotification|HTTP|NXP_Notification|service|in||anon --BasicAuthentication|/GetCustomerProfile|HTTP|NXP_GetCustomerProfile|service|in||anon --BasicAuthentication|/RequestForQuote|HTTP|NXP_RequestForQuote|service|in||anon BasicAuthentication|/ReceiveInvoiceFeed|HTTP|TAMS_InvoiceFeed|service|in||anon --BasicAuthentication|/GetUOMConversion|HTTP|NXP_GetUOM|service|in||anon --BasicAuthentication|/Invoice|HTTP|NXP_Invoice|service|in||anon #--BasicAuthentication|/v1/PartsAvailabilityDetails|HTTP|MS_PARTSAVAILDETAIL|service|in||anon #--BasicAuthentication|/v1/PartsAggBySiteRelationship|HTTP|MS_PARTSAGGRELTNSHIP|service|in||anon #----------------END APG_NAPA_XPRESS----------------# #----------------BEGIN APG_ES_GetPartsMS--------------# #NXP authentication #BasicAuthentication|/PartsAggBySiteRelationship|HTTP|NSight_PartsAggBySiteRelationship|service|in||anon #----------------END APG_ES_GetPartsMS----------------# #----------------BEGIN APG_ES_Delivery_Management--------------# #----------------END APG_ES_Delivery_Management----------------# #----------------BEGIN nsight-product-availability--------------# 0 /PartsAvailabilityFreePaid/v3 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV3 HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaid/v3 500 RoundRobin 12500|service|in|| 0 /PartsAvailabilityFreePaid/v4 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV4 HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaid/v4 500 RoundRobin 12500|service|in|| 0 /PartsAvailabilityFreePaidAggNOL/v4 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV4AggNOL HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaidAggNOL/v4 500 RoundRobin 12500|service|in|| 0 /PartsAvailabilityFreePaidAgg/v4 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV4Agg HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaidAgg/v4 500 RoundRobin 12500|service|in|| 0 /PartsAvailabilityFreePaidAggNOL/v4/1 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV41AggNOL HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaidAggNOL/v4/1 500 RoundRobin 12500|service|in|| 0 /PartsAvailabilityFreePaidAggNOL/v4/2 esbms2.genpt.net 443 *||0|PartsAvailabilityFreePaidV42AggNOL HTTPS anon BasicAuthentication 124430 /PartsAvailabilityFreePaidAggNOL/v4/2 500 RoundRobin 12500|service|in|| #----------------END nsight-product-availability----------------#