Setting up GenericSoapService in WCC 11g (11.1.1.6 and beyond) to use WS-Security (Doc ID 1456506.1)

Last updated on JULY 20, 2024

Applies to:

Goal

See Oracle documentation:

Oracle WebCenter Content Developer's Guide for Content Server
Section 19.2: Configuring Web Service Security Through Web Service Policies
http://docs.oracle.com/cd/E23943_01/doc.1111/e10807/c19_web_services.htm#CHDBHHGJ

Web service security (WS-Security) is a standard for securing web services for confidentiality, integrity and authentication. WS-Security is used for authentication, either for a client to connect to the server as a particular user or for one server to talk to another as a user. Web service policy (WS-Policy) is a standard for attaching policies to web services. What these policies define ranges greatly, but in this case policies are used for applying WS-Security to web services. The two supported policies are username-token security and SAML security.

In UCM 11g, the web service GenericSoapService comes installed with UCM automatically. However, the service needs to be configured to use security both for protecting the message and authenticating users.

GenericSoapService

This service uses a generic, HDA-like format for its SOAP format. It is almost identical to the generic soap calls that one can make to the UCM when IsSoap=1 set. Details of the format can be found in the published WSDL at /idcws/GenericSoapPort?WSDL.

WS-Security can be applied to GenericSoapService via WS-Policy. The content server supports OWSM policies for SAML and username-token.

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.