Setting up GenericSoapService in UCM 11g (22.214.171.124 and beyond) to Use WS-Security
(Doc ID 1456506.1)
Last updated on FEBRUARY 06, 2019
Applies to:Oracle WebCenter Content - Version 126.96.36.199.0 and later
Information in this document applies to any platform.
See Oracle documentation:
Oracle WebCenter Content Developer's Guide for Content Server
Section 19.2: Configuring Web Service Security Through Web Service Policies
Web service security (WS-Security) is a standard for securing web services for confidentiality, integrity and authentication. WS-Security is used for authentication, either for a client to connect to the server as a particular user or for one server to talk to another as a user. Web service policy (WS-Policy) is a standard for attaching policies to web services. What these policies define ranges greatly, but in this case policies are used for applying WS-Security to web services. The two supported policies are username-token security and SAML security.
In UCM 11g, the web service GenericSoapService comes installed with UCM automatically. However, the service needs to be configured to use security both for protecting the message and authenticating users.
This service uses a generic, HDA-like format for its SOAP format. It is almost identical to the generic soap calls that one can make to the UCM when IsSoap=1 set. Details of the format can be found in the published WSDL at /idcws/GenericSoapPort?WSDL.
WS-Security can be applied to GenericSoapService via WS-Policy. The content server supports OWSM policies for SAML and username-token.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document