How Is it Possible to Make Local Optimized Calls Bypass Security in OWSM? (Doc ID 2026809.1)

Last updated on JULY 22, 2016

Applies to:

Oracle Web Services Manager - Version 11.1.1.6.0 and later
Information in this document applies to any platform.

Goal

A case has been set up to try to use the OWSM policy, oracle/wss_http_token_service_policy.  Local optimization has been set set up so that composite-composite invocations can bypass the security and hence only external partners should have to know the credentials to call the services.

To set up Local Optimization, the following steps have been performed:

- The serverURL in Common Properties has been set to the Load Balancer URL.
- The front end HTTP host and port have been set to the Load Balancer host and port.
- The HttpServer URL has been set to the Load Balancer URL.

Create a copy of the oracle/wss_http_token_service_policy and in that, turn the Local Optimization setting to 'ON'.
Attached this policy to the service endpoint.

When this policy is disabled, the call goes through, a local invocation is made.
However, with this policy enabled, the call doesn't go through and an "unable to reach" Remote fault is thrown.

How is local optimization established for our use-case?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms