AnsweredAssumed Answered

Is there a standard approach to building a policy on accessing an external web service, hiding the WS security aspects for the internal client application?

Question asked by svvoorn on Oct 12, 2017
Latest reply on Oct 18, 2017 by Stephen_Hughes

A provider exposes a webservice which (of course) has ws-security included on it. I want to build a policy to give acces to an internal clientapplication, but without the fuzz of the WS-Security.

What approach should I use to build this policy?

I could imagine that I import the wsdl from that external webservice (publish webservice). 

And then I build a new policy which applies WS-Security and requests the WebSservice policy.

Is this logical?