Thursday, September 16, 2010

How to access WS Compliant secured Services in Oracle Bpel

To pass security credentials from a BPEL process to another BPEL Process or any other web service it is required to set the following properties on the partner link which is used to invoke a WS Security compliant web service:

1. wsseHeaders Creates a WS-Security username token. The following values are supported:

a.propagate — If the process has been invoked securely, these credentials are also used for the outbound direction

b.credentials — Passes credentials from the BPEL deployment descriptor(bpel.xml).

2.wsseUsername The username for the token. It is a required property.

3.wssePassword The password for the token. It is an optional property.

In the BPEL Process do the following :

i) Select the partner link where you want to enforce security . Click on “Property” tab to provide WS security credentials.

ii) Click on “Create” and select “wsseHeaders” from the drop down list.
You can use either “credentials” or “propagate” based on the requirement. If this BPEL process would be invoked by another process which is passing security credentials then you can use “propagate” to tell BPEL process manager to pass the incoming credentials to the service you are calling. You can use “credentials” as the property value to instruct BPEL Process Manager to read credentials from the deployment descriptor(bpel.xml).

iii) Create two new properties “wsseUsername” and “wssePassword” by following the same approach.

Now you are able to invoke WS-Security compliant web services.