Wednesday, November 20, 2019

Oracle BPEL integrated with WCC Services using OPSS

I have to integrate a Web Center Content (WCC) Search service on a SOA BPEL using the Oracle Platform Security Services (OPSS).


Security Configuration between SOA and WCC 

First of all we need to configure SOA BPEL and WCC secure comunication. To do that open your enterprice manager (http://<host>:<port>/em) in my case http://localhost:7001/em
and setup Oracle Credential Store Framework to centralize the username and password in our environment.

So to centralize the username and password in our environment we decided to use the full potential of the Oracle Credential Store Framework (CSF) for both BPM and ADF. Oracle CSF is part of the Oracle Platform Security Services (OPSS).

Since Oracle BPM relies heavily on the SOA-INFRA structure used by Oracle SOA Suite the functionality works identical. Lucky for us Edwin Biemond already blogged about this feature regarding Oracle SOA Suite which we could simple re-use for Oracle BPM.

Oracle Credential Store Framework

BPEL Implementation

Set up your composite in 4 steps:

Step 1: Download WSDL from WCC Content

  • Open your CS site at url http:/<host>:<port>/cs  (in my case http:/localhost:16200/cs). 
  • Click on: Administration -> SOAP WSDLs
  • download the WSDL that you need, Search in my case

Step 2: Store WSDL on MDS and on your project 

  • save your WSDL on MDS folder, removing <service/> in the end (usualy you can find ant the end of the file). in my case:
<service name="Search">
<port name="SearchSoap" binding="s0:SearchSoap">
<soap:address location="http://localhost:16200/_dav/cs/idcplg" />
</port>
</service>
  • in your SOA Project save the complete WSDL version that include the service tag, at the path: 
<Application Name>/<Project Name>/SOA/WSDLs/external/Search.wsdl

Step 3: Reference it from your composite

  • in your composite create a service reference and reference the wsdl into mds, in my case:



  • find the new created reference into the composite source code, in my case I'm able to find:

  <reference name="UCMSearchReference" ui:wsdlLocation="oramds:<MDS-PATH+TO_WSDL>/Search.wsdl">
    <interface.wsdl interface="http://www.stellent.com/Search/#wsdl.interface(SearchSoap)"/>
    <binding.ws port="" location="oramds:<MDS-PATH+TO_WSDL>/Search.wsdl"/>
  </reference>


  • edit the reference and modifythe binding.ws location to the external WSDL into the project and setup the port
  <reference name="UCMSearchReference" ui:wsdlLocation="oramds:<MDS-PATH+TO_WSDL>/Search.wsdl">
    <interface.wsdl interface="http://www.stellent.com/Search/#wsdl.interface(SearchSoap)"/>
    <binding.ws port="http://www.stellent.com/Search/#wsdl.endpoint(Search/SearchSoap)" interface="WSDLs/external/Search.wsdl"/>
  </reference>

In this way MDS contains abstract reference of the wsdl at the WCC external service and into the project we have the implementation of the WSDL with the service specify. Editing a generated configuration plan you can update the service url for the deploy and the MDS have no change and is valid for every environment.

Is a good practise manage SOA Suite external WSDL as described:

  • store WSDL abstract insto MDS and reference it from ui:wsdlLocation
  • store WSDL interface into the project under WSDLs/external and reference is from interface ->  interface

Step 4: WS Security policy

WCC Services are called using authentication, after security SOA configuration I have to declare, into the composite, the secure policy to use: in my case: wss_http_token_client_policy.
  • Select the service reference created and right click, select "Configure SOA WS Policies"

  • Add a security and select wss_http_token_client_policy


  • Jdeveloper create a wsm-assembly.xml file that contains all the policy sets. We have to update the policy set in order to reference the environment setup. Find in file:

    <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
                         DigestAlgorithm="http://www.w3.org/ns/ws-policy/Sha1Exc"
                         URI="oracle/wss_http_token_client_policy" orawsp:status="enabled" orawsp:id="1"/>

  •  add reference to policy setup:
    <wsp:PolicyReference xmlns:wsp="http://www.w3.org/ns/ws-policy"
                         DigestAlgorithm="http://www.w3.org/ns/ws-policy/Sha1Exc"
                         URI="oracle/wss_http_token_client_policy" orawsp:status="enabled" orawsp:id="1">
      <orawsp:OverrideProperty xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" orawsp:name="csf-key"
                               orawsp:value="wccKey"/>
    </wsp:PolicyReference>


Now we can use the wsdl reference from a BPEL process as you want.




Pubblicato da a

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)