1 Reply Latest reply: Apr 24, 2012 3:00 PM by 798606 RSS

    Invoke a BPEL process using HTTP Basic Authentication

    932577
      Hi,

      I am trying to configure a BPEL process to receive SOAP/HTTP request using the HTTP Basic Authentication (user and password). I have configured a user in the weblogic server and I want that only that user can execute the BPEL process.

      My environment is 11gR1 (11.1.1.4), SOA Suite PS3. The weblogic server has a LDAP connection to my organization Active Directory (with all the users of my organization, for the BPM processes)

      I have configured the SOA WS Policies "*oracle/wss_http_token_service_policy*" . This OWSM policy enables HTTP Basic authentication for HTTP & SOAP or WSS Username Token in SOAP.

      The policy works (only allows the users of the Active directory or the weblogic users to execute the BPEL) but I need to restrict the execution of the BPEL to only one user (the one configure in the weblogic internal LDAP)

      I tried to specify this user with properties in the composite:

      <service name="bpel_enviarasientossap_client_ep"
      ui:wsdlLocation="BPEL_EnviarAsientosSAP.wsdl">
      <interface.wsdl interface="http://xmlns.oracle.com/AppProcesoRepartosContables/ProcesoRepartosContable/BPEL_EnviarAsientosSAP#wsdl.interface(BPEL_EnviarAsientosSAP)"/>
      <binding.ws port="http://xmlns.oracle.com/AppProcesoRepartosContables/ProcesoRepartosContable/BPEL_EnviarAsientosSAP#wsdl.endpoint(bpel_enviarasientossap_client_ep/BPEL_EnviarAsientosSAP_pt)">
      <wsp:PolicyReference URI="oracle/wss_http_token_service_policy"
      orawsp:category="security" orawsp:status="enabled"/>
      *<property name="oracle.webservices.auth.username" type="xs:string" many="false" override="may">username11</property>*
      *<property name="oracle.webservices.auth.password" type="xs:string" many="false" override="may">password11</property>*
      *<property name="httpBasicUsername">username11</property>*
      *<property name="httpBasicPassword">password11</property>*
      </binding.ws>
      </service>

      But it doesn´t work properly. How can I indicate that only one user can execute the BPEL process?

      Thanks a lot!

      Regards,
      Tomas
        • 1. Re: Invoke a BPEL process using HTTP Basic Authentication
          798606
          Greatings.

          This post really helped me: BPEL to invoke Webservice secured with HTTP Basic authentication

          In composite.xml my service worked with this configuration:
          ...
          <reference name="BamService" ui:wsdlLocation="DataObjectOperationsByID.wsdl">
              <interface.wsdl interface="http://xmlns.oracle.com/bam#wsdl.interface(DataObjectOperationsByID)"/>
              <binding.ws port="http://xmlns.oracle.com/bam#wsdl.endpoint(DataObjectOperationsByID/DataObjectOperationsByID)"
                          location="DataObjectOperationsByID.wsdl" soapVersion="1.1">
                <wsp:PolicyReference URI="oracle/wss_http_token_client_policy"
                                     orawsp:category="security" orawsp:status="enabled"/>
                <property name="weblogic.wsee.wsat.transaction.flowOption"
                          type="xs:string" many="false">WSDLDriven</property>
                <property name="oracle.webservices.auth.username" type="xs:string"
                        many="false" override="may">username_test</property>
              <property name="oracle.webservices.auth.password" type="xs:string"
                        many="false" override="may">password1234</property>
              </binding.ws>
              
            </reference>
          ...