- WS-Security is a specification published by OASIS, it is mainly aimed for SOAP Web Services. It encompasses a number of mechanisms to strengthen the integrity and confidentiality of the messages exchanged between these type of services such as data encryption, security tokens, username and password validation, signed messages, etc.
- On the other hand, Oracle Web Service Manager (OWSM) is a component of Oracle SOA Suite that provides a framework for centralizing policy management and security of Web Services. OWSM is based on the WS-Policy standard and can be used in development time, or from the management console.
- For the SOAP Service the username and password will travel in the UsernameToken element embedded within the SOAP Envelope message Header, and for the REST service, it will travel in the HTTP transport Header.
Implementation:
Step1: Create a Schema:
<?xml version="1.0" encoding="windows-1252" ?>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.emp.test"
targetNamespace="http://www.emp.test" elementFormDefault="qualified">
<xsd:element name="EmployeeRequest">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="EmpId" type="xsd:string"/>
<xsd:element name="EmpName" type="xsd:string"/>
<xsd:element name="Address" type="xsd:string"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="EmployeeResponse">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="result" type="xsd:string"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="requestHeader">
<xsd:complexType>
<xsd:sequence>
<xsd:element name="User" type="xsd:string" minOccurs="0"/>
<xsd:element name="Id" type="xsd:string" minOccurs="0"/>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
</xsd:schema>
Step2: Create a WSDL:
Right click on project folder WSDLs⇾New⇾From Galary⇾All Items⇾WSDL(builder)(Interfaces)⇾OK⇾Provide Service Name,Port type, operation and choose Interface Type as Synchronous and Add the message part(Request and Header) in the Input and Response in the Output sections.
<?xml version= '1.0' encoding= 'UTF-8' ?>
<wsdl:definitions name="service1"
targetNamespace="http://xmlns.oracle.com/SOAApplication/ExposeHeaderWithWSSProject/service1"
xmlns:tns="http://xmlns.oracle.com/SOAApplication/ExposeHeaderWithWSSProject/service1"
xmlns:inp1="http://www.emp.test" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/">
<wsdl:types>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<xsd:import namespace="http://www.emp.test" schemaLocation="../Schemas/EMP.xsd"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="requestMessage">
<wsdl:part name="requestHeader" element="inp1:requestHeader"/>
<wsdl:part name="paylod" element="inp1:EmployeeRequest"/>
</wsdl:message>
<wsdl:message name="replyMessage">
<wsdl:part name="payload" element="inp1:EmployeeResponse"/>
</wsdl:message>
<wsdl:portType name="execute_ptt">
<wsdl:operation name="execute">
<wsdl:input message="tns:requestMessage"/>
<wsdl:output message="tns:replyMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="execute_pttSOAP11Binding" type="tns:execute_ptt">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="execute">
<soap:operation style="document"
soapAction="http://xmlns.oracle.com/SOAApplication/ExposeHeaderWithWSSProject/service1/execute"/>
<wsdl:input>
<soap:body use="literal" parts="paylod"/>
<soap:header message="tns:requestMessage" use="literal" part="requestHeader"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal" parts="payload"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
</wsdl:definitions>
Step3: Create a BPEL service based on the above WSDL:
Step4: Configure SOA WS Policies...
Step5: Deploy and take the wsdl and test from SOAP UI:
Test1: Tested without WSSE Security user token authentication:
Payload with WSSE:
<soapenv:Envelope xmlns:emp="http://www.emp.test" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-81CB99D5C318DB117215815725859457">
<wsse:Username>wsstest</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">wsstest1</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">j05VdqxZ2sVIdPjZiGKi5Q==</wsse:Nonce>
<wsu:Created>2020-02-13T05:43:05.944Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
<emp:requestHeader>
<!--Optional:-->
<emp:User>user1</emp:User>
<!--Optional:-->
<emp:Id>id1</emp:Id>
</emp:requestHeader>
</soapenv:Header>
<soapenv:Body>
<emp:EmployeeRequest>
<emp:EmpId>e1</emp:EmpId>
<emp:EmpName>enmae</emp:EmpName>
<emp:Address>eadd</emp:Address>
</emp:EmployeeRequest>
</soapenv:Body>
</soapenv:Envelope>
No comments:
Post a Comment