For the service that needs to be secured:
- Right click on the composite client, and choose select the option Configure WS Policies.
- Click the + sign on the security tab and select security policy "wss_username_token_service_policy
3. Press OK and deploy the service. Alternatively, the service can also be secured from EM
For the client that needs access the secured service:
The client side policies have to be attached to the client that needs to access the service
- Right click the secured web. service component in the composite and choose the option to Configure WS Policies.
- Click the + sign on the security tab and select security policy "wss_username_token_client_policy.
- Create the binding properties oracle.webservices.auth.username and oracle.webservices.auth.password for the user and password respectively
- The source code for the composite after the policy has been added will look like
<wsp:PolicyReference URI="oracle/wss_username_token_client_policy"
orawsp:category="security" orawsp:status="enabled"/>
<property name="weblogic.wsee.wsat.transaction.flowOption"
type="xs:string" many="false">WSDLDriven</property>
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">username</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">passwd</property>
5. Deploy the composites to test the services
For questions, comments and feedback please contact:
Harvinder Singh Saluja
