WSM in FMW 11g Patch Set 2 and OSB 11g

With all the Fusion Middleware releases of late April 2010 its nice to take a look at the security part of FMW & OSB 11g. You may already know FMW 11g Patch Set 2 is a patch on PS1 which was a full release but OSB 11g is a new release. Lets see if Oracle changed WSM in PS2 and what they did with the Weblogic 9.2 WS-Security policies in OSB 11g.
Lets start with WSM  in PS2, I did some checks and came to the conclusion that it works the same as in PS1, so my WSM in FMW blogpost is still valid. The only thing what changed is that JDeveloper 11g PS2 give you more information about the WSM policies.

 
OSB11g is a major release and in this 11g release Oracle did not change the WS-Security policies of  Weblogic 9.2, so my OSB blogpost about the security policies in OSB 10.3 is still valid in the 11g version. From this you can conclude Oracle is going full for WSM. With OSB 11g Oracle added support for WSM agents. You can now use the WSM server policies on your OSB Proxy services and the WSM client policies on the OSB Business services. But more inportant, it is now easy to call these secured WSM proxy services from other FMW components ( ADF , Soa Suite & Java )
To use WSM in OSB 11g you need to have a MDS repository and extend the OSB Domain with the WSM components.

When your OSB server is running then you can add the WSM server policy to a Proxy Service. Just select the OWSM policy option and add the right WSM server policy

It works the same for an OSB business service only now you use the client policies.

Before you can test these WSM policies you need to follow the steps of  my FMW WSM blogpost . If you configured the WSM keystore then you can test the proxy service in the service bus console application ( sbconsole) . In the security part of this testpage you only  need to provide the keystore.recipient.alias. Leave the rest empty.

Or you can generate a web service proxy service in JDeveloper and use this in your Proxy client.

view plainprint?

1. public class HelloWorldServiceSoapHttpPortClient  
2. {  
3.   @WebServiceRef  
4.   private static HelloWorldService_Service helloWorldService_Service;  
5.   
6.   public static void main(String [] args)  
7.   {  
8.     helloWorldService_Service = new HelloWorldService_Service();  
9.         SecurityPolicyFeature[] securityFeatures =  
10.             new SecurityPolicyFeature[] { new SecurityPolicyFeature("oracle/wss10_message_protection_client_policy") };  
11.         HelloWorldService helloWorldService = helloWorldService_Service.getHelloWorldServiceSoapHttpPort(securityFeatures);  
12.         // Add your code to call the desired methods.  
13.   
14.         Map<String, Object> reqContext = ((BindingProvider) helloWorldService).getRequestContext();  
15.         reqContext.put(ClientConstants.WSSEC_KEYSTORE_TYPE, "JKS");  
16.         reqContext.put(ClientConstants.WSSEC_KEYSTORE_LOCATION, "C:\\test_keystore.jks");  
17.         reqContext.put(ClientConstants.WSSEC_KEYSTORE_PASSWORD, "password");  
18.         reqContext.put(ClientConstants.WSSEC_SIG_KEY_ALIAS, "client_key");  
19.         reqContext.put(ClientConstants.WSSEC_SIG_KEY_PASSWORD, "password");  
20.         reqContext.put(ClientConstants.WSSEC_ENC_KEY_ALIAS, "client_key");  
21.         reqContext.put(ClientConstants.WSSEC_ENC_KEY_PASSWORD, "password");  
22.         reqContext.put(ClientConstants.WSSEC_RECIPIENT_KEY_ALIAS, "client_key");  
23.           
24.   
25.         System.out.println(helloWorldService.sayHello());  
26.   
27.   }  
28. }