Fusion Applications provides web services that allow external systems to integrate with Fusion Applications. There are two types of services: ADF services and composite services. ADF services are created for a logical business object and provide functionality to access and manipulate these objects. The composite services are mostly process oriented and provide an orchestration of multiple steps.
Information about the web services provided by Fusion Applications is hosted in Oracle Enterprise Repository (OER). The information provided by OER can be used to understand the functionality provided by the service and how the service can be called.
This series of articles describes how one can invoke SOAP web services provided by Fusion Applications using various technologies. In previous article we covered how to invoke a Fusion Application web service secured with simple username token using SoapUI. In this article we will cover a call to service secured with SSL policy.
The reader is expected to have SoapUI installed.
This example covers a call to a web service that support user name tokens and SSL. The example was tested with a service using "oracle/wss_username_token_over_ssl_service_policy" commonly available for Oracle SaaS environments.
Generally the steps to call a SSL and non-SSL services are the same. The SSL services are however commonly configured to validate a timestamp though. So calls to SSL services commonly require the "wsu:Timestamp" element and the value used must be within tolerance. If the timestamp is not provided or the value is not within the tolerance you would see error such as:
<faultstring>InvalidSecurityToken : The security token is not valid.</faultstring>
To resolve the issue add the Timestamp element:
Tolerance is configured on the server for details of configuration refer to Advanced Administration. In Cloud environment the tolerance is not configurable by customer. While the timestamp can be "manually" added to the SOAP envelope, Soap UI provides easier way to default the value. First we create a SoapUi project by navigating "File -> New Soap Project":
The project name can be anything; it does not impact the web service call. For the "Initial WSDL" enter the location of the WSDL for the service to be called, in this example we will use the "LocationService" for HCM. The "Create Requests" checkbox is checked to generate an example SOAP Envelope. Click OK and once the tool is done with the generation navigate to the operation to be invoked, in this case we will invoke the "findByLocationId" operation.
To populate the header we can create a template to be applied on the request. Double click the project name, in this case "SoapUIDemoSSL" and navigate to "WS-Security Configurations -> Outgoing WS-Security Configurations". Here create a new "Outgoing WS-Security Configuration" and define values as follows:
Now back on the request we add header to the request by right clicking and choosing "Outgoing WSS -> Apply SoapUiDemoSSL":
With this the call to the service would succeed.
In this article we covered an example using SoapUI to integrate with Fusion Applications using web services secured with SSL policy. In future articles other technologies for invoking Fusion Applications web services will be covered.