Wednesday, June 04, 2008

Calling Secure Services

There are two most popular ways of securing Webservices, We will talk about them and how to invoke those secured services from BPEL.


Basic Secure Services:

These services are required to send authentication information (username / password) in HTTP Header to access.

WS-Security Services:

These services are required to send authentication information ( username / password) as WS-Security tokens in SOAP Envelope to access.

How to Add HTTP Authentication in BPEL:

Add the following properties in bpel.xml under the partner link for that service.

<property name="httpHeaders">credentials</property>
<property name="httpUsername">kalyan</property>
<property name="httpPassword">welcome1</property>

OR


<property name="basicHeaders">credentials</property>
<property name="basicUsername">kalyan</property>
<property name="basicPassword">welcome1</property>


How to Add WS-Security Tokens in BPEL

Add the following properties in bpel.xml under the partner link for that service.

<property name="wsseHeaders">credentials</property>
<property name="wsseUsername">kalyan</property>
<property name="wssePassword">welcome1</property>