Oracle Web Services Manages (OWSM) is an integral component of the SOA Infrastructure in SOA Suite 11g. It provides a policy-based, completely declarative way of implementing secure SOA applications. OWSM supports centrally managed generalized, standards-based policy management, attachment policies by providing policy management functions that are available through the Oracle Enterprise Manager (EM).
For the SERVICE that needs to be secured:
3. Press OK and deploy the service. Alternatively, the service can also be secured from EM
For the CLIENT that needs access the secured service:
The client side policies have to be attached to the client that needs to access the service
<wsp:PolicyReference URI="oracle/wss_username_token_client_policy"
orawsp:category="security" orawsp:status="enabled"/>
<property name="weblogic.wsee.wsat.transaction.flowOption"
type="xs:string" many="false">WSDLDriven</property>
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">username</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">passwd</property>
5. Deploy the composites to test the services
For the SERVICE that needs to be secured:
- Right click on the composite client, and choose select the option Configure WS Policies.
- Click the + sign on the security tab and select security policy "wss_username_token_service_policy"
3. Press OK and deploy the service. Alternatively, the service can also be secured from EM
For the CLIENT that needs access the secured service:
The client side policies have to be attached to the client that needs to access the service
- Right click the secured web. service component in the composite and choose the option to Configure WS Policies.
- Click the + sign on the security tab and select security policy "wss_username_token_client_policy".
- Create the binding properties oracle.webservices.auth.username and oracle.webservices.auth.password for the user and password respectively
- The source code for the composite after the policy has been added will look like
<wsp:PolicyReference URI="oracle/wss_username_token_client_policy"
orawsp:category="security" orawsp:status="enabled"/>
<property name="weblogic.wsee.wsat.transaction.flowOption"
type="xs:string" many="false">WSDLDriven</property>
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">username</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">passwd</property>
5. Deploy the composites to test the services
No comments:
Post a Comment