Not logged in | Login
This document demonstrates the general means to select and configure WSIT features via the use of the HTTP BC and JBI . This document is not a comprehensive nor detailed treatment of the available WSIT features that may be enabled and used with JBI-based services. The specific WSIT features used in this document are chosen as examples.
Once the BPEL project is created and built, build a Composite Application project for it.
The Composite Application project will have a Service Assembly node. Activate the the node to bring up the Composite Application Service Assembly (CASA) editor, which displays the consumer-provider relationship diagram for your JBI (BPEL) module:
To secure the service using WS Security Mutual Certificates, access the context menu for the newly added SOAP port (e.g., right-click on it), and clone it.
Cloning a port causes the CASA Editor to copy the service WSDL from the associated BPEL project, into the Composite Application project, and allowing the WSDL port to be subject to modification in the CASA editor. Changes to the port's properties are reflected in the copy of the WSDL residing in the Composite Application project. Several small icons are overlaid on the port's graphics when the cloning process is complete, indicating the port is now modifiable.
Enable WS Security options on the port by accessing its context menu again, and choosing "Edit Web Service Attributes". Alternatively, you can click on the small key icon on the port graphic. Since the assembly being configured represents the service, choose to configure the "Server Configuration".
For this example, we set the WS Security mechanism to Mutual Certificates, and configure KeyStore and TrustStore parameters. Since this configuration pertains to a service, the KeyStore information utilizes the alias "xws-security-server" intended for it, as provided by the sample V3 certificates.
Once the configuration is committed, the CASA editor adds the necessary WS Policy information in the WSDL file it generates for the new port created.
With the policy assertions set in the WSDL, the service will operate with the Mutual Certificates security mechanism once it is deployed.