PaaS Partner Community

OWSM and WS-Security: Username Token Authentication for SOAP and REST Services in OSB 12c by Sandy Flores

Juergen Kress
PaaS Partner Adoption



This is the first time i write an English entry here in my blog, since it has been focused on a Spanish speaking audience, but this is an special occasion, yesterday I wrote a Spanish blog post in order to colaborate with OTN Appreciation Day, then a couple of friends ask me to translate and share it with them, so here we go now. I must apologize in advance with all of you for the Spanish images, i had no time to start all over again in English, I really hope you can guess the meaning of them, otherwise please contact me for the translation.
WS-Security is a specification published by OASIS, it is mainly aimed for SOAP Web Services. It encompasses a number of mechanisms to strengthen the integrity and confidentiality of the messages exchanged between these type of services such as data encryption, security tokens, username and password validation, signed messages, etc.
On the other hand, Oracle Web Service Manager (OWSM) is a component of Oracle SOA Suite that provides a framework for centralizing policy management and security of Web Services. OWSM is based on the WS-Policy standard and can be used in development time, or from the management console.
OWSM includes the following main elements:

  • Policy Manager: Reads and writes policies, whether predefined or custom, to and from the repository.
  • Agent: Executes policies and collects execution statistics. It has a cache memory for policies. It consists of a Policy Access Point (PAP) and a Policy Interceptor, the first communicates with the Policy Manager using EJB invocations, while the second is generated when a Web Service is deployed and activated, or when a policy is attached to a Web Service. Its functionality is to intercept requests to the Web Service and execute the policies associated with it.
  • OWSM Repository: Place where policies are stored, typically a database.
  • Enterprise Manager: Application where, in addition to managing several other elements,  the OWSM settings, metrics, etc. are configured. Read the complete article here.

SOA & BPM Partner Community

For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.

Blog Twitter LinkedIn image[7][2][2][2] Facebook clip_image002[8][4][2][2][2] Wiki

Technorati Tags: SOA Community,Oracle SOA,Oracle BPM,OPN,Jürgen Kress

Be the first to comment

Comments ( 0 )
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.