How Is it Possible to Make Local Optimized Calls Bypass Security in OWSM? (Doc ID 2026809.1)

Last updated on OCTOBER 07, 2022

Applies to:

Goal

A case has been set up to try to use the OWSM policy, oracle/wss_http_token_service_policy.  Local optimization has been set set up so that composite-composite invocations can bypass the security and hence only external partners should have to know the credentials to call the services.

To set up Local Optimization, the following steps have been performed:

- The serverURL in Common Properties has been set to the Load Balancer URL.
- The front end HTTP host and port have been set to the Load Balancer host and port.
- The HttpServer URL has been set to the Load Balancer URL.

Create a copy of the oracle/wss_http_token_service_policy and in that, turn the Local Optimization setting to 'ON'.
Attached this policy to the service endpoint.

When this policy is disabled, the call goes through, a local invocation is made.
However, with this policy enabled, the call doesn't go through and an "unable to reach" Remote fault is thrown.

How is local optimization established for the above use-case?
 

Solution

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.