This content has been marked as final. Show 3 replies
I think there may be a misunderstanding here - it makes little sense (to me) to have services as part of an application use directory based username/passwords to authenticate. Instead I would use fixed certificates since your links are mostly static.
That said, there'll be no diference in how you integrate with OSB/BPEL etc. than you would a traditional java application. The security component used by those modules are the exact same. So setup your framework to map the security to the LDAP and utilize the standard JAZN and similar methods to validate security. With OSB you setup a security provider just as you would when you would when deploy a java application. Once done, referencing usernames and passwords is done as usual.
I have build a system a long while ago in which I used the username/password combination in the header of some services using BPEL and then validated them (with and without OWSM) against the OID. So - yes, it works, but a certificate solution is certainly better.
I have integrated BPEL, ESB, WSM, Worklist and Business Rules, jiveforums with microsoft active directory. Same way shud work with oracle ldap