Last updated on MAY 01, 2017
Applies to:Oracle WebCenter Content - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
Note: This note applies to versions 220.127.116.11 and beyond. If using 18.104.22.168 to 22.214.171.124 for WebCenter Content see <Document 1332300.1> - Setting up GenericSoapService in UCM 11g to Use WS-Security.
See Oracle documentation: Oracle WebCenter Content Developer's Guide for Content Server
Section 19.2: Configuring Web Service Security Through Web Service Policies
Web service security (WS-Security) is a standard for securing web services for confidentiality, integrity and authentication. WS-Security is used for authentication, either for a client to connect to the server as a particular user or for one server to talk to another as a user. Web service policy (WS-Policy) is a standard for attaching policies to web services. What these policies define ranges greatly, but in this case policies are used for applying WS-Security to web services. The two supported policies are username-token security and SAML security.
In UCM 11g, the web service GenericSoapService comes installed with UCM automatically. However, the service needs to be configured to use security both for protecting the message and authenticating users.
This service uses a generic, HDA-like format for its SOAP format. It is almost identical to the generic soap calls that one can make to the UCM when IsSoap=1 set. Details of the format can be found in the published WSDL at /idcws/GenericSoapPort?WSDL.
WS-Security can be applied to GenericSoapService via WS-Policy. The content server supports OWSM policies for SAML and username-token.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms