Policies are defined using the Web Services Manager console. A policy can be thought of as a pipeline of steps to be performed on an inbound request and outbound response. Note that OWSM also has pre-request and post-response policy pipelines but these do nothing and will be removed from the product. The request pipeline is the steps executed after the gateway or agent receives the request but before it forwards it on to the service. Similarly the response pipeline is the steps executed by the gateway or agent before forwarding it on to the requestor.
Policies may be used to partially or fully encrypt payloads, provide logging information, transform data, authenticate users, authorize access, or any number of other functions. The table below shows the list of functions supported out of the box by the Web Services Manager. Note that it is also possible to create custom steps written in Java and register them with OWSM. All steps are available by default in the gateway, but...