Friday, 13 January 2017

Securing SOA Composites/Services With OWSM Policies

Oracle Web Services Manages (OWSM) is an integral component of the SOA Infrastructure in SOA Suite 11g. It provides a policy-based, completely declarative way of implementing secure SOA applications. OWSM supports centrally managed generalized, standards-based policy management, attachment policies by providing policy management functions that are available through the Oracle Enterprise Manager (EM). 

For the SERVICE that needs to be secured:

  1. Right click on the composite client, and  choose select the option Configure WS Policies.
  2. Click the + sign on the security tab and select security policy "wss_username_token_service_policy"
 

3. Press OK and deploy the service. Alternatively, the service can also be secured from EM


 For the CLIENT that needs access the secured service:

The client side policies have to be attached to the client that needs to access the service 
  1. Right click the  secured web. service component in the composite and choose the option to Configure WS Policies.
  2. Click the + sign on the security tab and select security policy "wss_username_token_client_policy".
  3. Create the binding properties  oracle.webservices.auth.username and oracle.webservices.auth.password for the user and password respectively
  4. The source code for the composite after the policy has been added will look like

<wsp:PolicyReference URI="oracle/wss_username_token_client_policy"
                           orawsp:category="security" orawsp:status="enabled"/>
      <property name="weblogic.wsee.wsat.transaction.flowOption"
                type="xs:string" many="false">WSDLDriven</property>
      <property name="oracle.webservices.auth.username" type="xs:string"
                many="false" override="may">username</property>
      <property name="oracle.webservices.auth.password" type="xs:string"
                many="false" override="may">passwd</property>


  5. Deploy the composites to test the services

No comments:

Post a Comment