2 Replies Latest reply: May 28, 2010 8:06 PM by VictorJabur RSS

    Creating a Pass-Through Proxy Service: Main Steps

    VictorJabur
      Hello,

      I was reading the security.book documentation and i don't understood the STEP 5 from bellow text, someone employee from Oracle could explain this Step for me or then send the more clarification document,
      that explains this Step.

      The bellow text was extracted from security.book (Oracle Service Bus), page 7-7 and 7-8:

      Creating a Pass-Through Proxy Service: Main Steps
      To create a pass-through proxy service:
      1. Create a business service to which the proxy service will pass the unprocessed SOAP
      message. There are two configuration methods:
      – The business service is a Web service that contains WS-Policy statements.
      – The business service directly binds the WS-Policies. The WSDL on which the service
      is based should not have any WS-Policy statements.
      See “Configuring Business Service Message-Level Security: Main Steps” on page 7-8.
      2. If the WSDL document does not have WS-Policy attachments and you want to add them, or
      if you want to specify a different WS-Policy from that of the WSDL, edit the business service
      you just created to do the following from the Policies tab:
      a. Select Custom Policy Bindings.
      b. To specify policies that apply to the entire service, expand the service name entry. Click
      Add to search for and select your policies.
      c. To specify policies that apply to an operation or the request/response of that operation,
      expand the operation name entry. Click Add to search for and select your policies.
      Update the policy binding.
      3. In the Oracle Service Bus Console, create a proxy service from a WSDL document. You can
      use the same WSDL document that you used for the business service that you created in
      step 1. Activate your changes.
      4. If you should later edit the proxy service you just created, do not select the Process
      WS-Security Header check box on the Security tab.

      5. Configure the proxy service to route to the business service that you created in step 1.

      Configuring Message-Level Security for WebServices:
      If you route to the business service based on the operation that the client’s SOAP message
      is requesting to invoke, you must configure the routing so that it specifies an operation
      selection algorithm other than the SOAP body algorithm. Make sure the actions in the
      proxy service pipeline do not modify the WS-Security header or any parts of the SOAP
      envelope that are signed or encrypted. Changes to clear-text message parts covered by
      digital signatures almost always break the digital signature because the signature cannot be
      verified later.
        • 1. Re: Creating a Pass-Through Proxy Service: Main Steps
          675595
          I think I don't understand your question? Step 5 talks about routing to BS created.

          Manoj
          • 2. Re: Creating a Pass-Through Proxy Service: Main Steps
            VictorJabur
            I don't understood this part of text:

            you must configure the routing so that it specifies an operation selection algorithm other than the SOAP body algorithm. Make sure the actions in the proxy service pipeline do not modify the WS-Security header or any parts of the SOAP envelope that are signed or encrypted. Changes to clear-text message parts covered by digital signatures almost always break the digital signature because the signature cannot be verified later.

            1) About the "selection algorithm" (Wich i should choose ? How to make this configuration ?)
            2) Make sure the actions in the proxy service pipeline do not modify the WS-Security header or any parts of the SOAP envelope that are signed or encrypted. (How to make this ?)
            3) Changes to clear-text message parts covered by digital signatures almost always break the digital signature because the signature cannot be verified later. (What is this ?)

            Thanks