My Oracle Support Banner

Feasibility Of Using A Binary Security Token Instead Of Encrypted Key To Call WCCM Service (Doc ID 2768090.1)

Last updated on APRIL 14, 2021

Applies to:

Oracle Web Services Manager - Version 12.2.1.4.0 and later
Information in this document applies to any platform.

Goal

Is it possible to remove the EncryptedKey from the BinarySecurityToken in the following scenario:

IBM websphere acts as a client to call a webservice in WebCenter Content that has wss11_saml_token_with_message_protection_service_policy.

SAML is being implemented in the client (IBM) following this IBM document


https://www.ibm.com/support/knowledgecenter/SSMKHH_10.0.0/com.ibm.etools.mft.doc/bp28350_.html

Therefore, no OWSM client policy is being attached at the client side since the IBM webserver does not offer a way to attach the client policy.
The security communication between the client and server will be customized using SAML according to the above IBM document to be able to call the webservice running in the WCC 12.2.1.4

The question is how to use the BinarySecurityToken in the header without the EncryptedKey?

 

 

 

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.