Configuring WS-Security credentials on a BPEL / ESB in OracleSOA suite:-

In an SOA based application, a BPEL or an ESB can act as a client as well as an intermediary destination. In either case we need to secure the message flows to and from a BPEL or an ESB. Oracle Enterprise Manager provides a facility to add WS-Security credentials to any Webservice deployed on OC4J, BPEL deployed on Process Manager as well as an ESB deployed on Oracle AS. These credentials can also be added using Jdeveloper.

In this article i will be talking about how to enable WS Security features using Enterprise manager:-

Browse to the Enterprise manager and click on your OC4J instance:-















Now click on the Web Services tab and select the Web Service (BPEL/ESB are also exposed as a WebService in EM) on which you want to enable WS Security features:-













Click the Administration Tab:-














Click on the Enable/Disable features button, select security and add it. Click on OK. The resultant screen is somewhat like:-

Click on the Edit Configurations for Security and as per your requirement configure either inbound/outbound policy. An Inbound policy will configure your service with a policy that gets executed when ever a request comes to it. Similarly theOutgoing policy gets executed when ever a request is generated from the service.

Oracle Enterprise manager provides a facility to add authentication, Integrity as well as confidentiality related feature to your service. Choose the apporpriate tab and configure the policy accordingly:-

Following fields are available in the Integrity tab:-

Following fields are available in the confidentiality tab:-











Click on ok and you are through with the policy configurations. In my next blog entry i will be speaking on the details of every configuration tab provided in the inbound/outbound policy.