tag:blogger.com,1999:blog-1839316484051079047.post826695849339017083..comments2024-03-28T06:38:40.958+01:00Comments on Java / Oracle SOA blog: Identity propagation with OWSMEdwin Biemondhttp://www.blogger.com/profile/02338716126881111629noreply@blogger.comBlogger11125tag:blogger.com,1999:blog-1839316484051079047.post-76525688688511790712014-03-26T19:48:32.148+01:002014-03-26T19:48:32.148+01:00Hi Edwin,
I have a basic question regarding SAML p...Hi Edwin,<br />I have a basic question regarding SAML policy.<br />I have a OSB proxy with policy "wss11_saml_token_with_message_protection_service_policy" which I am invoking from a J2SE standalone WS client with policy "wss11_saml_token_with_message_protection_client_policy".<br />In client I have provided username, keystores and relevent everything and it works well. Gaurav Guptanoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-47855032925781195852012-12-10T13:01:19.590+01:002012-12-10T13:01:19.590+01:00Hi Biemond,
I want to integrate OWSM 11g with OA...Hi Biemond, <br /><br />I want to integrate OWSM 11g with OAM. Do you have any blogs on that? That will be of great help.<br /><br />Thanks,<br />SusmitAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-86528213774459183432012-07-01T11:48:27.964+02:002012-07-01T11:48:27.964+02:00Hi,
I think so when you use the matching server p...Hi,<br /><br />I think so when you use the matching server policy. it's more about the saml token<br /><br />thanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-59019740643839996692012-06-26T14:03:29.690+02:002012-06-26T14:03:29.690+02:00Hi Edwin,
In your example you use the policy &quo...Hi Edwin,<br /><br />In your example you use the policy "oracle/wss11_saml_token_with_message_protection_service_policy" to configure identity switching, but is it possible to configure identity switching using the "oracle/wss10_saml_token_with_message_integrity_client_policy" policy?? That is, SAML without encryption.<br /><br />/ ChrisAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-81886217510770296432012-06-24T13:01:18.290+02:002012-06-24T13:01:18.290+02:00Hi,
When you two domains you can't validate i...Hi,<br /><br />When you two domains you can't validate it twice. saml and domain trust al depends on trust. domain 1 validates and domain 2 accepts this.<br /><br />you should store the password or ask the password again on the web service. You should not do that. <br /><br />thanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-63242107927967588932012-06-19T07:44:54.408+02:002012-06-19T07:44:54.408+02:00Hi,
Thanks for your inputs. Now my concern is SEC...Hi,<br /><br />Thanks for your inputs. Now my concern is SECURITY check for my requirement where only user credentials needs to be validated. <br />1. Do I need to use SAML - for user validation at SOA Suite <br />2. OR OWSM username token policy<br />3. I believe as per one of your article, I have to use Domain Trust in case of remote client call<br />4. Or any other approach<br /><br />Please Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-86017586839837927942012-06-18T21:26:34.705+02:002012-06-18T21:26:34.705+02:00Hi,
When the humantask is assigned to user B , he...Hi,<br /><br />When the humantask is assigned to user B , he is the only one who can claim it. So when acquire is successful you know it. And I think when you use the hw ejb client it automatically use the logged in user as subject in the ejb call. <br />Maybe it also works in a java ws proxy client.<br /><br />thanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-38426704650942270832012-06-18T15:44:22.943+02:002012-06-18T15:44:22.943+02:00Hi,
Thanks for your reply.
1. The custom workli...Hi,<br /><br />Thanks for your reply. <br /><br />1. The custom worklist app contains classes which uses oracle worklist api to create the task, retrieve task details etc.<br />2. This app converted as a jar and will be added in to my web application (an existing product) war file (in web-inf/lib location).<br />3. User A log in to the Web App and creates a Task and assign it to User B. This Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-42405859013090331142012-06-17T14:20:20.239+02:002012-06-17T14:20:20.239+02:00Hi,
I don't understand what you will be doing...Hi,<br /><br />I don't understand what you will be doing in your custom worklist app, in this web app your username will be automatically used and added in the humantask, when you claim or pass a outcome.<br /><br />on the bpel side you can read this information.<br /> <br />thanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-85021315021011874782012-06-13T11:14:12.319+02:002012-06-13T11:14:12.319+02:00Hi,
I would like to validate the calling user (fr...Hi,<br /><br />I would like to validate the calling user (from custom worklist web application in one weblogic domain) credentials at soa human task application(soa suite 11.1.1.5 in another weblogic domain). I believe I need to follow these steps<br /><br />1. Attach username token service policy at soa human task composite entry level<br />2. Add the users in to weblogic users <br />2. Use Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-83975994033466848052012-03-05T12:16:26.698+01:002012-03-05T12:16:26.698+01:00Hello, Edwin.
Can You give me a counsil about OWSM...Hello, Edwin.<br />Can You give me a counsil about OWSM settings?<br />I try use OWSM SAML-based policy: oracle/wss10_saml_token_service_policy or<br />oracle/wss_saml_token_bearer_over_ssl_service_policy.<br />Now I have a problem: my SAML token must contain "AudienceRestrictionCondition" element(tag), but I don't now how configure OWSM. I have error in log: "Caused By: FAULT Anonymousnoreply@blogger.com