Fusion Applications provides web services that allow external systems to integrate with Fusion Applications. There are two types of services: ADF services and composite services. ADF services are created for a logical business object and provide functionality to access and manipulate these objects. The composite services are mostly process oriented and provide an orchestration of multiple steps.
Information about the web services provided by Fusion Applications is hosted in Oracle Enterprise Repository (OER). The information provided by OER can be used to understand the functionality provided by the service and how the service can be called.
This series of articles describes how one can invoke SOAP web services provided by Fusion Applications using various technologies. In previous article we covered how to invoke a Fusion Application web service secured with simple username token using SoapUI. In this article we will cover a call to service secured with SSL policy.
The reader is expected to have SoapUI installed.
This example covers a call to a web service that support user name tokens and SSL. The example was tested with a service using "oracle/wss_username_token_over_ssl_service_policy" commonly available for Oracle SaaS environments.
Generally the steps to call a SSL and non-SSL services are the same. The SSL services are however commonly configured to validate a timestamp though. So calls to SSL services commonly require the "wsu:Timestamp" element and the value used must be within tolerance. If the timestamp is not provided or the value is not within the tolerance you would see error such as:
<faultstring>InvalidSecurityToken : The security token is not valid.</faultstring>
For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.