Heljula SOA

Peak Indicators Limited
Crac|e 8us|ness Inte|||gence 11g

SCA Integranon
Antony ne|[u|a
1echn|ca| Arch|tect
2
Agenda
! Acuon lramework Cvervlew
! lurLher Al Lxamples
! WhaL ls SCA?
! WhaL are Web Servlces?
! C8lLL Web Servlces
! Cracle 8LL
! Web Servlce SLandards
! Cracle Web Servlces Manager (CWSM)
! Securlng Web Servlces
! Ceneraung a key SLore
! Congurlng CWSM
! Congurlng AcuonlrameworkCong.xml

3
! Acnon Iramework Cverv|ew
4
Ana|ync Workows : "Ins|ght to Acnon"
5
1yp|ca| Customer uesnons

!"# %" #& '(')*+& '+,

-.&/& %" #& '(')*+& '+,

-.*+ '0 +.& +&1.("2"34,

5*( 6/*12& 78 %" +.'0,
6
1yp|ca| Customer uesnons

!"# %" #& '(')*+& '+,

-.&/& %" #& '(')*+& '+,

-.*+ '0 +.& +&1.("2"34,

5*( 6/*12& 78 %" +.'0,
1he Answer!

C8ILL 11g
Acnon
Iramework
7
Acnon Iramework
! Acuon lramework ls an exclung new feaLure of C8lLL 11g LhaL provldes Lhe faclllLy
Lo lnvoke a wlde varleLy of acuons or processes dlrecLly wlLhln Lhe ul
! 1hls ls a ma[or enhancemenL, slnce C8lLL 10g ls greaL for analysls buL has llmlLed
capablllLy for performlng acuons once your analysls ls compleLe
! C8lLL 11g Acuon lramework enables you Lo:
" navlgaLe Lo relaLed Cracle 8l conLenL
" lnvoke operauons, funcuons, or processes ln exLernal sysLems
! Acuons can be lnluaLed from:
" Analyses
" uashboard pages
" AgenLs (l8oLs ln 10g)
" 8alanced Scorecard ob[ecuves" and lnluauves"
" kls

8
Creanng Acnons
! Acuons can be creaLed as re-usable ob[ecLs:
! Cr you can creaLe lnllne" acuons:
" lf you only wanL Lo use an Acuon once, you can dene lL dlrecLly wlLhln an analysls,
dashboard page, agenL, scorecard ob[ecuve, scorecard lnluauve, or kl. 1hese
lnllne acuons are noL re-usable
9
Acnons
! 1here are varlous Lhlngs an Acuon can do!
1ypes of Acnon
noLe:
When lnLegraLed wlLh Slebel
C8M lL ls also posslble Lo
navlgaLe Lo Slebel C8M"
10
Lxamp|es
! 1hls supersedes navlgauon" ln C8lLL 10g:
Nav|gate to 8I Content
11
Lxamp|es
! lL ls posslble Lo congure Acuon Llnks Lo appear condluonally
" e.g. vlew Sales Crder ueLalls" only appears lf Lhere are <300 Crders
Cond|nons
vlslon nordlcs has >300 orders so
lL ls only posslble Lo navlgaLe Lo a
summary" analysls
vlslon uk and lreland has <300
orders so lL ls posslble Lo navlgaLe
Lo a deLall" analysls
12
Lxamp|es
! ?ou can also congure Acuon Llnks Lo requesL conrmauon before
lnvoklng Lhe acuon:
Conhrmanon
13
Lxamp|es
! uashboard ages can conslsL of Acuon Llnks" and Acuon Llnk Menus"
Cn Dashboards
14
Lxamp|es
! An Acuon Llnk" dashboard ob[ecL wlll show an lndlvldual Acuon
Cn Dashboards: Acnon L|nks
nC1L: 1he Acuon Llnk can be
dlsplayed condluonally
15
Lxamp|es
! An Acuon Llnk Menu" dashboard ob[ecL allows you Lo dlsplay a menu of
muluple Acuon Llnks:
Cn Dashboards: Acnon L|nk Menus
16
Lxamp|es
! kls can be congured wlLh muluple Acuon Llnks
" 1he kl SLaLus" can be used Lo deLermlne whlch Acuon Llnks appear
Cn kIs
17
! 8alanced Scorecards can also be congured wlLh muluple Acuon Llnks
" 1he Cb[ecuve or kl SLaLus" can be used Lo deLermlne whlch Acuon Llnks
appear
Lxamp|es
Cn 8a|anced Scorecards
18
Lxamp|es
! ?ou can lnluaLe muluple Acuons once a uellvers AgenL has compleLed:
" 1he Acuons can be lnluaLed for every row reLurned by Lhe AgenL!
De||vers Agents
?ou can map Lhe
columns reLurned by
Lhe AgenL Lo each of
Lhe Acuon's
parameLers
19
! Iurther Lxamp|es
20
Lxamp|e 1 : Nav|gate to a Web age
! ln Lhls example, we wlll demonsLraLe how Lo lnluaLe an Acuon Lo navlgaLe
Lo a web page and run a Coogle search for a cusLomer!
" 1hls ume, we wlll creaLe an lnllne" Acuon
21
Lxamp|e 2 : Invoke a Web Serv|ce
! ln Lhls example, we wlll demonsLraLe Lo how Lo creaLe a named" AcLon
LhaL wlll lnvoke a web servlce dlrecLly from a uashboard
" 1he Acuon wlll be called Ad[usL Sales lorecasL" wlll lnvoke a web servlce Lo
modlfy a Sales 8ep's forecasL LargeL:
22
Lxamp|e 2 : Invoke a Web Serv|ce
! ln order Lo lnvoke a web servlce, you Lyplcally need Lhe u8L for lLs Web Servlce
uescrlpuon Language (WSuL)
" 1he owner of Lhe slLe hosung Lhe web servlce should be able Lo provlde you wlLh hls
! 1he WSuL reLurns an xML le provldlng deLalls on all Lhe web servlces LhaL are
avallable, such as Lhe operauons avallable and Lhe parameLers LhaL need Lo be
passed
! lor example, our web servlce has Lhe followlng WSuL:
" hup://oblee11g:7001/Ad[usL_Sales_lorecasL-Ad[usL_Sales_lorecasL-conLexL-rooL/
Ad[usL_Sales_lorecasLorL?WSuL
! NC1L:
" lL ls posslble for Lhe C8lLL admlnlsLraLor Lo seL up a 8eglsLry" conLalnlng a llsL of
avallable web servlces, Lhls means you don'L need Lo provlde Lhe WSuL u8L
" Semng up of Lhls 8eglsLry wlll be dlscussed durlng a laLer Loplc
Notes
23
! ln Lhls example, a CeL ulrecuons" Acuon wlll be used Lo lnvoke a plece of
browser scrlpL (!avascrlpL) LhaL wlll open Coogle Maps and show you Lhe
dlrecuons beLween your chosen locauon and Lhe cusLomer!
Lxamp|e 3 : Invoke a 8rowser Scr|pt
24
! 1he followlng u8L can be generaLed Lo geL dlrecuons uslng Coogle Maps:
" hup://maps.google.co.uk/maps?&saddr={p1}&daddr={p2}
! arameLers p1 and p2 can be anyLhlng such as a posLcode or a seL of Lang/
Long co-ordlnaLes (ln Lhe formaL LaL,Long")
! ln our example, we wlll pass 3 parameLers Lo our [avascrlpL funcuon:
" ?our locauon
" LauLude of cusLomer
" LonglLude of cusLomer
! 1he [avascrlpL funcuon wlll concaLenaLe Lhe LaL/Long coordlnaLes LogeLher
and pass Lhem Lo Coogle Maps as a slngle parameLer
Notes
25
! 1here ls a UserScr|pt.[s" le provlded on Lhe C8lLL server ln whlch you
musL place your cusLom !avascrlpL funcuons
! userScrlpL.[s ls locaLed ln Lhe followlng locauon on Lhe C8lLL server:

" [bl_server1] \bl_server1\Lmp\_WL_user\analyucs_11.1.1\xxxxx\war\res\b_mozllla\acuons

nC1L: Lhe !"#$%&'(&')* paLh ls Lhe followlng locauon:

[Mlddleware Pome]\user_pro[ecLs\domalns\blfoundauon_domaln\servers\bl_server1
Notes
26
! 1here ls a speclal synLax for Lhe userScrlpL.[s le
" lor each Acuon you acLually provlde Lwo separaLe !avascrlpL funcuons!
! 1he 1
sL
funcuon conLalns Lhe acLual code:
Notes
USERSCRIPT.getdirections = function(params)
{
var googleURL = "http://maps.google.co.uk/maps?&saddr="
+ params.your_loc
+ "&daddr="
+ params.dest_lat
+ ","
+ params.dest_long;

window.open(googleURL,"GetDirections");
};
luncuon name musL
be prexed wlLh
uSL8SC8l1."
1he funcuon accepLs a slngle
array of lnpuL parameLers
?our refer Lo lnpuL
parameLers ln Lhe formaL:
array.parameter
27
! 1he 2
nd
funcuon ls used Lo dene your lnpuL parameLers
" C8lLL uses Lhls Lo auLomaucally know whlch parameLers are requlred
! lL has Lhe followlng formaL (ln Lhls case we are denlng 3 lnpuL parameLers):
Notes

USERSCRIPT.getdirections.publish =
{
parameters:[
new USERSCRIPT.parameter("your_loc" , "Your Location" ,""),
new USERSCRIPT.parameter("dest_lat" , "Latitude Destination" ,""),
new USERSCRIPT.parameter("dest_long", "Longitude Destination",""),
]
};
1he funcuon has Lhe same
name as before, buL has
Lhe posulx .publlsh"
Lach parameLer has 3 elemenLs:
1) varlable name
2) uescrlpuon
3) uefaulL value
28
! What |s SCA?
29
Serv|ce Cr|ented Arch|tectures
! lf you read any l1 paper or look aL C1n, you wlll be hlL wlLh many success
sLorles abouL SCA:
Many Success Stor|es
,,,, %-(#./% 01 "&23&&. 456
-.7 846 3#99 .03 "&
-:;#&(&7<
,,,, 846 '&7=:>0. #. >?& 20
?-'@&2 10' .&3 %&'(#:&%<
,,,, 7'#(#./ /'&-2&' A&B#"#9#2CD
&.7E20E&.7 #.2&/'->0. -.7 #.10'?&7
7&:#%#0. ?-@#./<
,,,, F(&' >?& GFH 3#99 %;0'2&.
>?&E20E?-'@&2 -.7 '&7=:& 0I&'->./
&BI&.7#2='&<
,,,, J;& %09=>0. ;-% 903&'&7 :0%2% 10'
I'0:&%%#./ .&3 :=%20?&'%<
,,,, GFH 3#99 I'0(#7& /'&-2&' A&B#"#9#2C
-'0=.7 0=' 2&:;.090/C %C%2&?%<
,,,, K& -'& '0=/;9C
23#:& -% 1-%2 20 ?-'@&2 <
,,,,K& -:;#&(&7 %I&&7E20E?-'@&2
/-#.% 01 ?0'& 2;-. 456<
30
What |s SCA?
! uesplLe all Lhe success sLorles", Lhere sull remalns a loL of confuslon
abouL whaL exacLly SCA ls
! Cne problem ls LhaL SCA ls an -':;#2&:2='&, so lL ls noL necessarlly
someLhlng whlch ls easy Lo demonsLraLe or explaln
! AnoLher problem ls Lhe amounL of [argon - Lhere are so many sLandards
and Lechnologles lnvolved lL ls dlmculL Lo know where Lo begln
" Cracle SCA SulLe 11g comprlses of no less Lhan 13 producLs!
31
What |s SCA?
! A Servlce CrlenLed ArchlLecLure (SCA) ls an enLerprlse archlLecLure
conslsung of modular web based servlces LhaL can be easlly lnLegraLed
and reused, creaung a Lruly exlble and adapLable l1 lnfrasLrucLure
! Lach servlce serves as a bulldlng block formlng an archlLecLure LhaL
supporLs muluple connecLed enLerprlse appllcauons worklng LogeLher Lo
provlde sLreamllned soluuons Lo buslness problems

32
What |s SCA?
! 8ehlnd Lhe scenes, a SCA lmplemenLauon can conslsL of a comblnauon of
Lechnologles, producLs and supporL lnfrasLrucLure elemenLs
! Powever, Lhe key facLor ls LhaL Lhey all lnLegraLe vla a common seL of sLandards -
how each bulldlng block ls lmplemenLed aL Lhe back end ls lrrelevanL

CkM
Crder rocess|ng
nk
Consumer
Intranet ]
Internet
8us|ness Inte|||gence
33
What |s SCA?
! ln a SCA lmplemenLauon Lyplcally:
" Communlcauon wlll be performed over P11 / P11S
" Messages are dellvered ln xML formaL
" 8uslness funcuons/processes are presenLed as Web Servlces

CkM
Crder rocess|ng
nk
Consumer
Intranet ]
Internet
8us|ness Inte|||gence
hup
hup
hup
hup
9 5/&*+& :11";(+
9 5/&*+& <&/='1& >&?;&0+

9 5/&*+& 6/%&/
9 7'22 5;0+"@&/
9 A&# B@C2"4&&
9 !"2'%*4 >&?;&0+
9 D'0+/'E;+& F&/G"/@*(1& >&C"/+
9 8(')*+& :2&/+
34
What |s SCA?
! Pave you nouced LhaL all Acuons avallable wlLh Acuon lramework are
based on P11?
! Acuon lramework puLs C8lLL 11g aL Lhe hearL of a SCA lmplemenLauon
Acnon Iramework Acnons
35
! What are Web Serv|ces?
36
What are Web Serv|ces?
! Web servlces are programs LhaL can be access remoLely uslng xML-based
languages
! WhaL each program can do ls descrlbed ln a sLandard xML formaL called
Web Servlces uescrlpuon Language (WSuL)
! 1he consumer does noL need Lo know how Lhe program ls lmplemenLed and
ls only lnLeresLed ln whaL Lhe program can do (as dened ln Lhe WSuL)
Web Serv|ce rov|der
Intranet ]
Internet
Consumer
WSDL
37
What are Web Serv|ces?
! 1he Consumer sends a requesL ln Lhe form of a Slmple Cb[ecL Access
roLocol (SCA) message (SCA ls an xML messaglng framework deslgned
Lo allow heLerogeneous appllcauons Lo exchange sLrucLured lnformauon)
! 1he web servlce provlder processes Lhe requesL and reLurns Lhe response ln
xML formaL
! 1he Web servlce provlder may requlre some form of credenuals Lo be
passed across, messaglng may be encrypLed
Web Serv|ce rov|der
Intranet ]
Internet
Consumer
SCA
+
Credenna|s
kML
kesponse
WSDL
38
uesnon
! uesnon: Pow do you bulld a Web Servlce?
! Answer: ?ou don'L need Lo know!

L'07=:2% %=:; -% F'-:9&
MN&(&90I&' "=#97 -.7 7&I90C
3&" %&'(#:&% 10' C0=O
39
Demonstranon
! We shall now demonsLraLe how Lo bulld a L/SCL web servlce uslng Cracle
!ueveloper
! !developer has a wlzard Lo qulckly enable you Lo presenL a L/SCL package as a
web servlce
! ln our example, Lhe L/SCL package wlll be used Lo updaLe a Sales lorecasL
amounL for a Sales 8ep
8u||d|ng a Web Serv|ce
1he L/SCL package procedure
pr_updaLe_forecasL" accepLs
6 parameLers
40
Demonstranon
! 1he alm wlll be Lo execuLe Lhe L/SCL web servlce wlLhln C8lLL uslng an
Acuon Llnk!
8u||d|ng a Web Serv|ce
41
! C8I LL Web Serv|ces
42
C8ILL Web Serv|ces
! C8lLL 11g comes equlpped wlLh a wlde range of web servlces
! 1here are Lwo dlerenL Lypes:
" Sesslon based" web servlces
" Web servlces for SCA (new wlLh C8lLL 11g)
! 8efer Lo Lhe C8lLL 11g lnLegraLor's Culde for deLalled lnformauon:
" hup://download.oracle.com/docs/cd/L14371_01/bl.1111/e16364/Loc.hLm
43
Sess|on 8ased C8ILL Web Serv|ces
! 1here are a varleLy of C8lLL sesslon based" web servlces are avallable:
" PLmlvlewServlce - obLaln P1ML Lo render 8l dashboards/reporLs
" l8oLServlce - lnluaLe l8oLs
" MeLadaLaServlce - 8eLrleve lnfo on Sub[ecL Areas, 1ables, Columns
" 8epllcauonServlce - 8epllcauon beLween resenLauon CaLalogues
" 8eporLLdlungServlce - Add lLer and oLher condluons Lo 8l requesLs
" SAWSesslonServlce - Logln, Logo, lmpersonaLe auLhenucauon funcuons
" SecurlLyServlce - ldenufy 8l LL accounLs and prlvlleges
" WebCaLalogServlce - 8rowslng and Managlng Lhe resenLauon CaLalogue
" xMLvlewServlce - 8eLrleve Cracle 8l query resulLs ln xML formaL
! Lach of Lhese web servlces conLaln one or more meLhods
! 1hey are referred Lo as sesslon based" because you have Lo esLabllsh a sesslon
wlLh C8lLL rsL before you can use Lhem (you need Lo pass ln a valld Sesslon ld)
! 1he Web Servlce uenluon Language (WSuL) formaL for Cracle 8l web servlces can
be obLalned uslng Lhe followlng example u8L:
" hup://localhosL:9704/analyucs/saw.dll?WSuL
44
! When reLurnlng resulLs ln xML formaL, Lhe sLrucLure ls as follows:
! lL ls also posslble Lo speclfy a parameLer Lo reLurn Lhe meLa-daLa for each
column of daLa reLurned e.g. name, daLa formaL, lengLh eLc
kML kesu|ts
45
! 1o sausfy a parucular requlremenL, normally a number of 8l LL web
servlces wlll have Lo be called ln sequence e.g.
" Log ln / AuLhenucaLe (SAWSesslonServlce)
" CbLaln resulLs ln xML formaL (xMLvlewServlce)
" Log o (SAWSesslonServlce)
! 1hls means you have Lo programmaucally call Lhe web servlces one aer
Lhe oLher
" ?ou log ln Lo obLaln Lhe Sesslon ld
" ?ou call Lhe nexL web servlce and pass Lhe Sesslon ld ln as a parameLer
" ?ou call Lhe nexL web servlce ..
! 1hese sesslon based web servlces are Lherefore noL Loo compauble wlLh
Acuon lramework on Lhelr own
" Acuon lramework lnluaLes lndlvldual Acuons wlLh no connecuon beLween
Lhem
Lncapsu|anng |nto Workows
46
! lL could be advlsable Lherefore Lo encapsulaLe" Lhe sequence lnLo a
8LL workow:
" 8LL workow wlll orchesLraLe Lhe lnluauon of Lhe 8l LL web servlces
! 1he 8LL workow wlll lLself Lhen be presenLed as a web servlce
" Acuon lramework can Lhen lnluaLe Lhls slngle Acuon"
! 1hls ls where Cracle 8LL and SCA SulLe come lnLo play....we wlll
dlscuss more abouL Lhls laLer..
Lncapsu|anng |nto Workows
47
C8ILL Web Serv|ces for SCA
! C8lLL Web Servlces for SCA" are qulLe dlerenL Lo Lhe Sesslon 8ased"
web servlces. 1here are Lhree acuons avallable:
" LxecuLe AgenL
" LxecuLe Condluon
" LxecuLe Analysls
! ?ou don'L need Lo pass ln a valld Sesslon ld Lo use Lhem
" 1hey are sull secured uslng a username/password ln Lhe credenual sLore
! rompLed lLers and presenLauon varlables lncluded ln Lhe buslness
lnLelllgence ob[ecLs are supporLed
" lor example: lf your Analysls has 3 ls rompLed" lLers Lhen you can pass
values ln for Lhese aL run-ume

! Cnly xML resulLs are reLurned
48
! lnsLead of belng provlded wlLh a WSuL u8L, you are ln facL provlded wlLh a WSlL
(Web Servlce lnspecuon Language) u8L:
" hup://localhosL:9704/blservlces/lnspecuon?wsll
! 1hls allows C8lLL Lo dynamlcally bulld up Lhe seL of web servlces avallable based
upon Lhe ob[ecLs ln Lhe 8l resenLauon CaLalogue. lf you open up Lhe WSlL u8L ln
a browser, you can see LhaL you are able Lo browse Lhrough Lhe caLalogue
sLrucLure and you'll nd a web servlce for each Analysls, Condluon and AgenL!
WSIL...not WSDL
49
! Conslder Lhls example where we have an AgenL called Sales PlsLory AgenL"
! We wanL Lo use Acuon lramework Lo lnvoke lL.
Lxamp|e
50
! CreaLe a new Acuon of Lype lnvoke a Web Servlce"
! ?ou can Lhen browse Lhrough Lhe caLalog and lnvoke Lhe web servlce
assoclaLed wlLh your AgenL!
Create Acnon : Invoke a Web Serv|ce
1he paLh Lo our AgenL ls:
/shared/AgenLs/Sales PlsLory AgenL
Pere ls Lhe web servlce
assoclaLed wlLh Lhe AgenL
51
! 1here are Lwo parameLers Lo congure, you can leave Lhem Cpuonal":
" Sesslon CounLry
" Sesslon Language
Conhgure arameters
52
! LxecuLe Lhe Acuon and see Lhe AlerLs!" llnk appear:
Lxecute the Acnon!
53
! 1here ls some congurauon requlred ln order Lo use C8lLL Web Servlces
for SCA
! llrsLly, you have Lo congure Lhe lMW credenual sLore" wlLh Lhe
username/password LhaL wlll be used Lo browse Lhe web servlces
avallable
" 1hls accounL wlll always be used for browslng Lhe web servlces, so users can
only execuLe Acuons on ob[ecLs sLored ln Shared" folders
! Secondly we wlll congure Lhe AcuonlrameworkCong.xml" le wlLh
deLalls such as:
" 1he WSlL u8L Lo use for browslng Lhe web servlces
" 1he auLhenucauon pollcy Lo deLermlne whaL credenuals eLc are requlred Lo
lnvoke Lhe web servlces
Conhguranon
54
! Cpen up LnLerprlse Manager and navlgaLe Lo:
" WebLoglc uomaln > blfoundauon_domaln
! 1hen choose Lhe menu opuon SecurlLy > CredenLalls"
Conhguranon : Step 1
55
! WlLhln Lhe oracle.bl.enLerprlse" map, creaLe a new credenual key:
" key: wsll.browslng
" username: webloglc } 10' &B-?I9&
" assword: welcome1 }
56
! CreaLe a new le called wss_username_Loken_pollcy.xml" and pasLe ln
Lhe followlng conLenLs:
! Save Lhe le ln Lhe followlng locauon:
" [Mlddleware Pome]\user_pro[ecLs\domalns\blfoundauon_domaln\cong\fmwcong\bllnsLances\coreappllcauon
<?xml version="1.0" encoding="UTF-8"?>
<oracle-webservice-clients>
<webservice-client>
<port-info>
<policy-references>
<policy-reference uri="oracle/log_policy" category="management"/>
<policy-reference uri="oracle/wss_username_token_client_policy" category="security"/>
</policy-references>
</port-info>
</webservice-client>
</oracle-webservice-clients>
57
! WlLhln Lhe same folder, open up Lhe AcuonlrameworkCong.xml" le for
edlung
! Congure Lhe <8eglsLrles>" Lags Lo conLaln Lhe followlng reglsLry:
" ?ou should ensure Lhe ?WSlL paLh ls correcL
<registries>
<registry>
<id>WS4SOA</id>
<name>OBIEE Web Services for SOA</name>
<content-type>webservices</content-type>
<provider-class>oracle.bi.action.registry.wsil.WSILRegistry</provider-class>
<description></description>
<location>
<path>http://localhost:9704/biservices/inspection?wsil</path>
</location>
<service-access>
<account>wsil.browsing</account>
<policy>wss_username_token_policy</policy>
<propagateIdentity>false</propagateIdentity>
</service-access>
</registry>
</registries>
58
! 1hen congure Lhe <AccounLs>" and <ollcles>" Lags Lo conLaln Lhe
followlng congurauon
" ?ou should noL need Lo edlL anyLhlng
Conhguranon : Step S
<accounts>
<account>
<name>wsil.browsing</name>
<description>Account for BI WS for SOA</description>
<adminonly>false</adminonly>
<credentialkey>wsil.browsing</credentialkey>
<credentialmap>oracle.bi.enterprise</credentialmap>
</account>
</accounts>

<policies>
<policy>
<name>wss_username_token_policy</name>
<policyfile>wss_username_token_policy.xml</policyfile>
</policy>
</policies>
59
! Save Lhe AcuonlrameworkCong.xml" le
! 8esLarL Lhe followlng processes:
" 8l resenLauon Servlces
" Webloglc managed server bl_server1"
60
! 1esL! ?ou should now be able Lo creaLe an Acuon and see LhaL Lhe web
servlces are auLomaucally avallable for you Lo choose and execuLe:
61
! WlLhouL furLher congurauon, all Lhe Web Servlces for SCA wlll be
lnvoked as Lhe same wsll.browslng" accounL
" Lveryone has Lhe same vlslblllLy of Lhe common Shared lolders" area
" Lveryone has Lhe same vlslblllLy of Lhe user's own My lolders" area
" Common daLa vlslblllLy for all users
! Powever, wlLh furLher congurauon lL ls posslble Lo secure" Lhe web
servlces Lo run as Lhe user who ls lnvoklng Lhe web servlce raLher Lhan Lhe
common wsll.browslng" accounL
! We wlll be deallng wlLh securlng web servlces ln a laLer Loplc..
Important Note!
62
! Crac|e 8LL
63
Crac|e 8LL
! Cracle 8LL rocess Manager ls a componenL of Cracle SCA SulLe
! 8LL enables you Lo bulld workows LhaL orchesLraLe synchronous and
asynchronous buslness processes
64
Crac|e 8LL
! 8LL ls deslgned Lo slL ln Lhe mlddle of your enLerprlse, coordlnaung and sequenclng
Lhe lnLeracuons beLween varlous exLernal servlces (known as parLner llnks) Lo form
slngle workows LhaL dellver end-Lo-end buslness processes
! ?ou can lnLegraLe muluple Lechnology adapLers and servlces wlLhln each workow,
such as human Lasks, Lransformauons, noucauons, and buslness rules
65
Crac|e 8LL
! 8LL ls Lhe probably Lhe mosL
eecuve Lool when lL comes Lo
lnLegrauon wlLh Lhe sesslon based"
C8lLL web servlces
! lL enables you Lo bulld a slngle
workow LhaL calls Lhe varlous C8lLL
web servlces ln Lhe approprlaLe
sequence
! ?ou can Lhe deploy Lhe workow as
a slngle web servlce whlch can be
cenLrally secured and monlLored
Integranng w|th C8ILL
66
Crac|e 8LL
! ln Lhls example, a 8LL workow ls
calllng 3 C8lLL web servlces ln
sequence:
Sesslon Logon
lnvoke AgenL
Sesslon Logo
Integranng w|th C8ILL
67
Crac|e 8LL
# AblllLy Lo encapsulaLe muluple 8l LL web servlce calls lnLo a slngle workow
# lasL/slmple developmenL
# lasL/slmple deploymenL
# Less cllenL-slde [avascrlpL (less worrylng abouL lL / Mozllla supporL)
# CenLrallsed processlng, so less cllenL-server communlcauon
# Lasy Lo supporL / de-bug (debugglng someone else's cusLom [ava code ls noL easy!)
# 8LL deslgner parL of !ueveloper
# rocess monlLorlng/performance vla 8LL ConLrol
# SLandardlsed developmenL (whereas everyone's cusLom code ls dlerenL)
# Lasy Lo orchesLraLe web-servlces and oLher processes/acuons
# Cood sLarung polnL for conunued SCA expanslon
# uenlng xSu schemas uslng a Cul Lool - don'L need knowledge of xML schema language
Advantages of 8LL
68
Crac|e 8LL
! A Synchronous" 8LL Workow ls Lyplcally used for shorL-runnlng processes where resulLs
can be reLurned almosL lmmedlaLely back Lo Lhe lnvoklng cllenL (Lhe cllenL wlll walL unul Lhe
resulLs have been reLurned)
! Asynchronous" 8LL Workows are very useful for envlronmenLs ln whlch a process, such
as one LhaL lnvolves manual lnLervenuon, can Lake a long ume Lo process a cllenL requesL.
1he lnvoklng cllenL does noL walL for a response, lnsLead Lhe workow wlll use a callback" Lo
reLurn Lhe resulLs, lf any, Lo Lhe cllenL aL a laLer daLe/ume
! Asynchronous servlces provlde a more rellable faulL-LoleranL and scalable archlLecLure Lhan
synchronous servlces
P%20'#./ 2;& I'0:&%% #. - 7-2-"-%& I'&%&'(&% 2;& I'0:&%% -.7 I'&(&.2% -.C 90%% 01 %2-2& 0'
'&9#-"#9#2C #1 - %C%2&? %;=2% 703. 0' - .&230'@ I'0"9&? 0::='%, J;#% 1&-2='& #.:'&-%&% "02;
QLRS I'0:&%% '&9#-"#9#2C -.7 %:-9-"#9#2C, T0= :-. -9%0 =%& #2 20 %=II0'2 :9=%2&'#./ -.7 1-#90(&'U

Synchronous vs Asynchronous
69
Crac|e 8LL
! Lach 8LL process ls lnvoked by a cllenL", Lhls could be someone lnvoklng
Lhe process manually or parL of a scheduled Lask
! 1he process wlll accepL some lnpuL parameLers and reLurn a seL of ouLpuL
! A Cul Lool allows you Lo deslgn Lhe lnpuL and ouLpuL sLrucLures
Invok|ng C||ent
We are accepung Lwo
lnpuL parameLers:
username
AgenL
1here ls only one
ouLpuL parameLers
70
Crac|e 8LL
! WlLhln a 8LL workow, you Lyplcally use 3 ob[ecLs Lo lnvoke an exLernal servlce:
" A arLner Llnk" : uenes Lhe exLernal llnk e.g. a WSuL u8L
" An lnvoke" acuvlLy : uenes Lhe process Lo lnluaLe and Lhe lnpuL/ouLpu
" An Asslgn" AcuvlLy : 1o asslgn Lhe lnpuL parameLers Lo Lhe lnvoke acuvlLy
Invok|ng a artner L|nk (e.g. Web Serv|ce)
ln Lhls case, Lhe lnpuL
parameLers Lo our loglnC8lLL"
parLner llnk wlll be:
username
assword

1hese can be passed ln from Lhe
cllenL lnvoklng Lhe 8LL process
71
Crac|e 8LL
! ln Lhe evenL of an error, a CaLchAll" acuvlLy wlll be dlrecL Lhe workow
down anoLher paLh of acuons
Lrror nand||ng
ln Lhls case, Lhe CaLchAll" ls
walung for any errors LhaL mlghL
occur durlng Lhe logln process
72
Crac|e 8LL
! ?ou also have Acuvlues LhaL enable you Lo
perform loops:
" Whlle
" 8epeaL unul
" lor Lach
! lor example:
" lor each record reLurned ln an xML resulLs
seL: lnserL Lhe record lnLo Lhe daLabase
Loops
73
Crac|e 8LL
! Cnce your workow ls compleLe, you can deploy lL auLomaucally Lo your
appllcauon server
" 1he appllcauon server should be runnlng SCA SulLe
Dep|oyment
74
Crac|e 8LL
! Cnce deployed, you use LnLerprlse Manager Lo monlLor and LesL your
8LL process:
Lnterpr|se Manager
75
Crac|e 8LL
! ?ou can LesL your 8LL process from LnLerprlse Manager (by lnluaung Lhe
web servlce for Lhe 8LL process):
1esnng
noLe Lhe Lwo lnpuL
parameLers dened
76
Crac|e 8LL
! ?ou can Lrack, monlLor and dlagnose lssues dlrecLly wlLhln LnLerprlse
Manager:
Support]Mon|tor|ng
77
! Web Serv|ce Standards
78
Web Serv|ce Standards
! 1here are Lwo Lypes of web servlce supporLed by Webloglc:
" !Ax-WS: !ava Al for xML-based Web Servlces 2.1
" !Ax-8C: !ava Al for xML-8ased 8C 1.1
! 8ecause !Ax-WS ls Lhe successor Lo Lhe !Ax-8C and lL lmplemenLs many
of Lhe new feaLures ln !ava LL 3, Cracle recommends LhaL you develop
Web servlces wlLh !Ax-WS
! !Ax-8C ls consldered legacy and Lhe speclcauon ls no longer evolvlng
79
! Crac|e Web Serv|ces Manager (CWSM)
80
Crac|e Web Serv|ces Manager (CWSM)
! CWSM ls Lhe Cracle luslon Mlddleware componenL responslble for Lhe cenLrallsed
managemenL and securlLy of web servlces across your enLerprlse
" lL ls embedded wlLhln lMW ConLrol (LnLerprlse Manager)
" WebLoglc ls auLomaucally congured Lo serve as an CWSM AgenL"
CWSM also
manages C8lLL
web servlces
81
! CWSM has Lhree maln purposes:
" CenLrallsed polnL Lo apply pollcles" Lo your web servlces
$ ollcles are securlLy rules. lor example, you could lock down a web servlce so LhaL
all messaglng musL come from a LrusLed source and Lhe user needs Lo supply boLh
a username and password (or some form of SSC Loken)
" 1o serve as a web servlce reglsLry"
$ When you have web servlces doued everywhere, CWSM can serve as a gaLeway so
LhaL all your web servlces can be dlscoverable ln a slngle locauon
" CenLrallsed monlLorlng
urpose
82
! Cracle luslon Mlddleware 11g currenLly only supporLs Lhe use of !Ax-WS
servlces
" 1hls means !Ax-8C web servlces cannoL be admlnlsLered ln Cracle LnLerprlse
Manager
! WebLoglc however does sull supporL !Ax-8C web servlces
" 1herefore, lf you have !Ax-8C web servlces Lhen you have Lo manage Lhem
wlLhln WebLoglc Console
Support for IAk-WS]kC
83
! CWSM funcuons can be access vla Lhe maln menu for your WebLoglc
domaln
"Web Serv|ces" Menu
84
! ?ou can use Lhe 8eglsLered Servlces" congurauon screen Lo reglsLer all
your web servlces, so LhaL Lhey can be referenced ln a slngle place
keg|ster|ng Serv|ces
85
! Cllcklng on a WebLoglc server wlll dlsplay varlous performance/usage
meLrlcs:
Mon|tor|ng
86
! Secur|ng Web Serv|ces
87
Secur|ng Web Serv|ces
! 1he securlng of web servlces ls obvlously a very lmporLanL Loplc
" lf you're noL careful, by defaulL your cusLom web servlces wlll have no securlLy so anyone
can lnvoke Lhem from anywhere!
! ?ou can secure web servlces wlLhln CWSM or wlLhln WebLoglc. ?ou secure a web
servlce by asslgnlng one or more WS ollcles"
! ln Lhe example below, Lhe LxecuLeAgenL" web servlce has a securlLy pollcy whlch
enforces auLhenucauon uslng a username and password (1oken):
88
! 1here are Lwo Lypes of pollcy LhaL can be auached Lo web servlces:
" Crac|e Web Serv|ces Manager (WSM) o||cy
$ ollcy provlded by Lhe CWSM
$ ?ou can only auach CWSM securlLy pollcles Lo !Ax-WS Web servlces
$ ?ou manage CWSM pollcles from wlLh Cracle LnLerprlse Manager luslon
Mlddleware ConLrol
" WebLog|c Web Serv|ce o||cy
$ ollcy provlded by WebLoglc Server
$ A subseL of WebLoglc Web servlce pollcles lnLeroperaLe wlLh Cracle WSM pollcles
$ ?ou manage WebLoglc Web servlce pollcles from Lhe WebLoglc Admln Console
! nC1L:
" lL ls recommended LhaL you use CWSM pollcles over WebLoglc pollcles
whenever posslble. ?ou cannoL mlx your use of Cracle WSM and WebLoglc
Web servlce pollcles on Lhe same web servlce
o||c|es
89
! CWSM and WebLoglc come wlLh many predened pollcles! 1he one Lo
use largely depends on Lhe cusLomer's needs:
! As a general rule Lhough you can slmply conslder Lhe pollcles menuoned
on Lhe prevlous slldes
redehned o||c|es
90
! 8y defaulL, all Lhe C8lLL Web Servlces for SCA" are congured wlLh a pollcy LhaL
requlres a valld username / assword credenuals Lo be passed Lhrough:
! 1he credenuals are checked agalnsL whaLever ldenuLy rovlder(s) ls congured ln
WebLoglc (by defaulL, lL wlll be lLs own embedded LuA sLore)
! ln Lhe case of C8lLL 11g, Lhe credenuals passed are sLored ln Lhe Credenual SLore"
admlnlsLered wlLhln LnLerprlse Manager (WebLoglc uomaln > SecurlLy > Credenuals):
Username ] assword (1oken)
91
! AlLhough Lhe pollcy wss_username_Loken_servlce_pollcy" secures
auLhenucauon, lL does noL cover all securlLy aspecLs:
" Conhdenna||ty:
$ 1here ls no use of publlc/prlvaLe keys so Lhe messages are noL encrypLed (usernames/
passwords are noL even encrypLed)
" Integr|ty:
$ 1he messages are noL dlglLally slgned, so you cannoL guaranLee Lhe auLhenuclLy of Lhe
messages

nC1L: a prlvaLe key ls acLually used Lo dlglLally slgn messages
Username ] assword (1oken)
92
! CWSM provldes anoLher pollcy wss_username_Loken_wlLh
message_proLecuon_servlce_pollcy":
! 1hls securlLy pollcy ls much more secure:
" username/password credenuals musL be supplled
" xML Messages are encrypLed uslng publlc/prlvaLe key
" xML Messages are dlglLally slgned uslng Lhe prlvaLe key
! 1he downslde ls LhaL you always have Lo supply a password!
" ?ou can use Lhe Credenual SLore" for Lhls purpose, buL lL means you are always
passlng over Lhe same credenuals no mauer whlch user ls lnvoklng Lhe servlce

Username ] assword (1oken) w|th Message
rotecnon
93
! CWSM provldes alLernauve pollcy wss11_saml_Loken_wlLh
! lnsLead of requlrlng a password, Lhe cllenL passes over a cerucaLe whlch ls Lhen verled
by Lhe server (Lhe server has a key sLore conLalnlng all Lhe valld cerucaLes)
! 1hls securlLy pollcy ls also very secure:
" Cnly cllenLs wlLh a LrusLed" cerucaLe are allowed
! 1he beneL ls LhaL Lhe username of Lhe lnvoklng user ls propagaLed, so Lhls pollcy supporLs
Lhe need for a servlce Lo run as dlerenL users. 1he downslde ls LhaL Lhe server has Lo
LrusL LhaL Lhe user ls valld. 1hls meLhod ls commonly used by parLners" who need Lo
lnLegraLe across Lhe web and can LrusL each oLher
! nC1L: 1he propagaLed user musL have an enLry ln Lhe reclplenL's LuA sLore

SAML 1oken w|th Message rotecnon
94
! CWSM provldes alLernauve pollcy wss11_saml_Loken_wlLh
! lnsLead of requlrlng a password, an x.309 cerucaLe ls passed over Lo Lhe server Lo verlfy
LhaL Lhe user has been auLhenucaLed and can be LrusLed (x.309 ls commonly used ln SSC
appllcauons)
! 1hls securlLy pollcy ls also very secure:
" Cnly cllenLs wlLh a valld x.309 cerucaLe allowed

! 1he username of Lhe lnvoklng user ls propagaLed, so Lhls pollcy supporLs Lhe need for a
servlce Lo run as dlerenL users. x.309 ls a sLronger and more secure form of SSC
compared Lo SAML. Lach user has a cerucaLe whlch ls ued Lo an lndlvldual enLry ln Lhe
company's LuA sLore

kS09 1oken w|th Message rotecnon
95
! Generanng a key Store
96
Generanng a key Store
! Cracle luslon Mlddleware makes use of a key sLore" Lo conLaln:
" A rlvaLe/publlc key palr
" A CerucaLe
" 1he CerucaLes of oLher LrusLed" slLes (for SAML pollcles)
! 1he key sLore should reslde ln Lhe followlng folder:
" [Mlddleware Pome]\user_pro[ecLs\domalns\[domaln]\cong\fmwcong
! 8y defaulL, Lhe key sLore has Lhe lename defaulL-keysLore.[ks"
! nC1L: CerucaLes sLore lnformauon such as Crganlzauon name, CounLry eLc
" lor producuon use lL ls recommended Lo only use cerucaLes lssued by a
CerucaLe AuLhorlLy (CA) such as verlslgn
" lL ls posslble Lhough Lo generaLe cerucaLes for developmenL/LesL use
97
! ?ou need Lo generaLe a key sLore when whenever you have pollcles LhaL
lnvolve message proLecuon".
! SeparaLe key sLores should be creaLed on boLh cllenL and server machlnes
" 1he cllenL/server should have dlerenL publlc/prlvaLe keys and cerucaLes
! When Lhe web servlce ls lnvoked, Lhe publlc keys are exchanged beLween
cllenL and server
" 1he cllenL wlll Lhen encrypL messages uslng Lhe server's publlc key and vlce versa
" Cnly Lhe recelver who has Lhe correspondlng prlvaLe key can decrypL Lhe message
! 1o ensure auLhenuclLy, Lhe boLh sldes wlll also add a dlglLal slgnaLure Lo Lhelr
messages:
" 1he sender creaLes a dlglLal slgnaLure by produclng a hashed" copy of Lhe
message and Lhen encrypung lL uslng Lhe sender's prlvaLe key
" 1he reclplenL can use Lhe sender's publlc key Lo decrypL Lhe hashed" copy and
verlfy Lhe auLhenuclLy of Lhe sender (as only Lhe sender has Lhe prlvaLe key LhaL
could have generaLed Lhe hashed copy)
ub||c]r|vate keys
98
! lor pollcles lnvolvlng Message roLecuon" and/or SAML asseruon:
" 1he server's key sLore wlll need Lo conLaln Lhe cerucaLes from all Lhe
LrusLed" cllenL machlnes
" 1he key sLore on each cllenL machlne wlll need Lo conLaln Lhe server's
cerucaLe
! So you have Lo perform Lhe followlng process on all cllenL and server
machlnes
" CeneraLe a new key sLore conLalnlng a prlvaLe/publlc key palr and a cerucaLe
" LxporL your cerucaLe
" Send your cerucaLe (securely!) Lo Lhe oLher server
" lmporL your cerucaLe lnLo Lhe oLher server's key sLore
Message rotecnon and SAML Assernon
99
! use Lhe followlng commands Lo generaLe a defaulL key sLore le
conLalnlng a publlc/prlvaLe key palr and a cerucaLe:
" keyLool -genkeypalr -keyalg 8SA -allas orakey -keypass HC*00C#"/%I -keysLore
defaulL-keysLore.[ks -sLorepass HC*00#"/%I -valldlLy 3600
! ?ou wlll be prompLed for Lhe followlng
" WhaL ls your rsL and lasL name?
" WhaL ls Lhe name of your organlzauonal unlL?
" WhaL ls Lhe name of your organlzauon?
" Cracle WhaL ls Lhe name of your ClLy or LocallLy?
" WhaL ls Lhe name of your SLaLe or rovlnce?
" WhaL ls Lhe Lwo-leuer counLry code for Lhls unlL?
Commands - Generate keys
100
! ?ou can llsL Lhe conLenLs of your key sLore by uslng Lhe followlng
command:
" keyLool -llsL -v -keysLore defaulL-keysLore.[ks
nC1LS:
$ ?ou wlll be prompLed for your key sLore password
Commands - L|st key Store Contents
101
! lf you need Lo send your cerucaLe Lo Lhe server (e.g. SAML) Lhen you
should exporL your cerucaLe uslng Lhe followlng command:
" keyLool -exporLcerL -v -allas orakey -keysLore defaulL-keysLore.[ks -sLorepass
[password]
nC1LS:
$ 1hls wlll creaLe a le ln Lhe formaL [allas].cer"
Commands - Lxport Cernhcate
102
! 1o lmporL your cllenL cerucaLe lnLo anoLher server's key sLore you can
use Lhe followlng command:
" keyLool -lmporL -allas [cllenL_allas] -le [cerucaLe le] -keysLore defaulL-
keysLore.[ks
nC1LS:
$ ?ou wlll be asked Lo enLer Lhe key sLore passowrd
$ ?ou wlll need Lo conrm LhaL you agree LhaL Lhls ls a LrusLed cerucaLe LhaL you are
lmporung
Commands - Import Cernhcate
103
! Cnce you have lmporLed your cerucaLe you can do a keysLore llsL"
command Lo llsL Lhe conLenLs of your key sLore, whlch should conLaln your
own key enLry and cerucaLe as well as your LrusLed cerucaLes:
Commands - Import Cernhcate
?our own key
enLry and
cerucaLe
CerucaLe from
LrusLed source
104
! Conhgur|ng CWSM
105
Conhgur|ng CWSM
! Whenever you generaLe a new key sLore you wlll need Lo congure lMW
ConLrol wlLh Lhe allas and passwords LhaL you used (you'll have Lo do Lhls
on all servers)
! WlLhln LnLerprlse Manager, expand your WebLoglc domaln and choose
Lhe followlng from Lhe menu:
" WebLoglc uomaln > SecurlLy > SecurlLy rovlder Congurauon
Secur|ty rov|der Conhguranon
106
Conhgur|ng CWSM
! Cllck on Lhe key SLore > Congure buuon:
! LnLer Lhe allas (Lyplcally orakey") and Lhen Lhe SlgnaLure" and CrypL"
key sLore passwords (e.g. welcome1) LhaL were specled wen generaung
Lhe key sLore:
Secur|ty rov|der Conhguranon
107
! Conhgur|ng
AcnonIrameworkConhg.xm|
108
Conhgur|ng AcnonIrameworkConhg.xm|
! Whenever you wanL C8lLL Lo lnvoke secured web servlces, you have Lo
congure C8lLL as follows:
" 8eglsLer Lhe web servlces
" Speclfy Lhe pollcles
" Speclfy accounL deLalls
! 1he congurauon le ls AcuonlrameworkCong.xml" whlch ls locaLed ln
Lhe followlng folder:
" !V#779&3-'&$W0?&*\user_pro[ecLs\domalns\!N0?-#.*\cong\fmwcong
\bllnsLances\coreappllcauon
! Whenever you make changes Lo AcuonlrameworkCong.xml you need Lo
resLarL:
" 1he C8lLL managed server (bl_server1)
" 8l resenLauon Servlces
109
! llrsL of all, you can speclfy a llsL of Allases" wlLhln Lhe <allases> secuon
! 1o faclllLaLe deploymenL and release processes, Lhese Allases mean you don'L
have Lo hard code server names/l addresses ln your sysLem. lnsLead you
can refer Lo server allases, whlch C8lLL wlll LranslaLe aL run-ume lnLo you're
Lhelr acLual server names:
<aliases>
<location-alias>
<alias>obiee11g</alias>
<actual>obiee11g-prod</actual>
</location-alias>
<location-alias>
<alias>soasuite</alias>
<actual>soasuite-prod</actual>
</location-alias>
</aliases>
<a||ases>
110
! lor any username/password pollcles, you wlll need Lo llsL a number of accounL
credenuals ln Lhe <accounLs> secuon:

<accounts>
<account>
<name>wsil.browsing</name>
<description>Account for BI WS for SOA</description>
<adminonly>false</adminonly>
<credentialkey>wsil.browsing</credentialkey>
<credentialmap>oracle.bi.enterprise</credentialmap>
</account>
</accounts>

! nC1LS:
" 1he <name> elemenL wlll be used as a reference elsewhere ln Lhe le
" 1he <credenualkey> and <credenualmap> elemenLs musL refer Lo a credenual key ln Lhe
lMW Credenual SLore" (WebLoglc uomaln > SecurlLy > Credenuals)
<accounts>
111
! ?ou should llsL all Lhe dlerenL Lypes of pollcles LhaL are ln use wlLhln Lhe <pollcles>
secuon

<policies>
<policy>
<name>SAMLPolicy</name>
<policyfile>ActionsSAMLPolicy.xml</policyfile>
</policy>
<policy>
<name>wss_username_token_policy</name>
<policyfile>wss_username_token_policy.xml</policyfile>
</policy>
<policy>
<name>wss_username_token_message_protection_policy</name>
<policyfile>wss_username_token_message_protection_policy.xml</policyfile>
</policy>
</policies>
! nC1LS:
" 1he <name> elemenL wlll be used as a reference elsewhere ln Lhe le
" Lach pollcy wlll have lLs own .xml le separaLely creaLed, Lhe name of Lhe le should be wlLhln
Lhe <pollcyle> elemenL (we wlll do Lhls nexL)
<po||c|es>
112
! CreaLe a separaLe .xml le for each <pollcyle> enLry referenced ln Lhe
<pollcles> secuon:
<?xml version="1.0" encoding="UTF-8"?>
<oracle-webservice-clients>
<webservice-client>
<port-info>
<policy-references>
<policy-reference uri="oracle/log_policy" category="management"/>
<policy-reference uri="oracle/wss_username_token_client_policy" category="security"/>
</policy-references>
</port-info>
</webservice-client>
</oracle-webservice-clients>
! lMC81An1 nC1L:
" 1hls le should conLaln Lhe cllenL" pollcy. So lf your pollcy ls
wss_username_Loken_serv|ce_pollcy" Lhen ln Lhls le you should sLaLe
wss_username_Loken_c||ent_pollcy"
Create o||cy I||es
name of
cllenL" pollcy
113
! 1he <reglsLrles> secuon should llsL all Lhe web servlces LhaL you wlsh Lhe C8lLL
end users Lo use:
" Cnly WSlL u8Ls are supporLed ln Lhe <reglsLry> secuon
! 1hls example ls for a slmple username/password pollcy:
<registries>
<registry>
<id>WS4SOA</id>
<location>
</location>
<service-access>
<policy>wss_username_token_policy</policy>
</service-access>
</registry>
</registries>

<reg|str|es> : Lxamp|e 1
Maps Lo a credenual
sLore key and pollcy
114
! 1hls example ls for a username/password pollcy wlLh message proLecuon
<registries>
<registry>
<id>WS4SOA</id>
<location>
</location>
<service-access>
<policy>wss_username_token_message_protection_policy</policy>
</service-access>
</registry>
</registries>

115
! 1hls example ls for a SAML pollcy wlLh message proLecuon:
! <propagaLeldenuLy> ls seL Lo Lrue as we wlll wanL Lo propagaLe Lhe lnvoker's username
lnsLead of uslng a xed credenual from Lhe credenual sLore

<registries>
<registry>
<id>WS4SOA</id>
<name>OBIEE Web Services for SOA (SAML)</name>
<location>
</location>
<service-access>
<policy>SAMLPolicy</policy>
<propagateIdentity>true</propagateIdentity>
</service-access>
</registry>
</registries>

As SAML ls based on LrusLed
cerucaLes, we won'L need Lo
provlde a password for
auLhenucauon. So we don'L speclfy
a credenual sLore accounL her
! uesnons?
Helping Your Business Intelligence Journey

Heljula SOA

Hochgeladen von

Dokumentinformationen

Copyright

Verfügbare Formate

Dieses Dokument teilen

Dokument teilen oder einbetten

Freigabeoptionen

Stufen Sie dieses Dokument als nützlich ein?

Sind diese Inhalte unangemessen?

Copyright:

Verfügbare Formate

Heljula SOA

Hochgeladen von

Copyright:

Verfügbare Formate

Peak Indicators Limited

Crac|e 8us|ness Inte|||gence 11g

Das könnte Ihnen auch gefallen