Details of the second step in the process of creating a Web application in WSO2 App Manager are shown below.
...
| Global policy | Description |
|---|---|
| Allow Anonymous Access | Select if you are allowing anonymous users to access apps in the App store through the Gateway Endpoint URL without logging in. |
| Skip Creating Proxying Web App | Select if you are configuring an external app (e.g. Salesforce), which does not get routed through the App Manger gateway. For more information on skip creating proxying Web app, see Outbound Provisioning for External Apps. |
| Publish Statistics | Select if you are enabling the app to publish usage statistics to WSO2 BAM for viewing and analyzing the statistics. For more information on viewing published runtime statistics, see Publishing App Manager Runtime Statistics. |
| Restrict Visibility | Select if you are restricting the visibility of the app in the App store to a specific role(s). For more information on restricting visibility, see Controlling Visibility of Web Apps. |
| Enable Single Logout | Select if you are enabling the single logout option on the app that you are creating, so that users will be automatically logged out from the app and will be redirected to the given Logout URL. |
Adding resource policies
You can add XACML-based resource policies XACML is a widely used authorization mechanism for Web resources. When resource policies in this step of creating the Web application , you can define by defining the conditions, which should be included in the policy. Follow the steps below to add a new resource policy condition.
- In the XACML Resource Policies section, click Add New Resource Policy as shown below.
You can define the following details in the resource policy as shown below.
The above details you define when adding a resource policy are described below.XACML policy condition in the XACML policy editor (entitlement policy editor) as shown below.Resource policy condition Description Resource policy name Enter a name for the 
- Edit the content under the
<Condition>property, or replace the default content template. - Select Share this checkbox if you want to share the policy with others. When a policy is shared, it will be available in the XACML policy list of other new Web applications.
- Click Validate to check the validity of the policy. It checks for syntax errors and verifies whether the condition adheres with XACML policy language specifications.
- Click Save to save the policy condition details, or click Save & Close to save the changes, and close the policy editor. When the policy is saved, it gets listed under XACML policies.
You can edit and delete defined XACML policies using the provided buttons.
Info new resource policy. Description Enter a description for the new resource policy. Apply Throttling Tier Select the throttling tier. According to the tier you select, you are granted a maximum number of requests to the app. For information on throttling tiers, see Managing Throttling Tiers.
Allow Anonymous Access Select
Trueif you want to allow anonymous access on a specific Web app resource.Note You can define Accessible User Roles and XACML Policies only if you select
Falsefor Allow Anonymous Access.Accessible User Roles To add the user roles, which you want to allow to access a specific Web app resource, type the name of the user role and press the Enter key. For information on defining accessible user roles, see Web Application Resource Authorization. XACML Policies Select a XACML policy out of the list of the defined policies. For more information on defining XACML policies, see Web Application Resource Authorization. Click Save & Close. The new policy is added to the list of available resource policies as shown below.
Info You can edit or delete the added resource policy by clicking on the provided options under the Action column.
For instructions on step 3 of the process of creating a Web app in App Manager, see Step 3 - Web Application Resources.