There are two most popular ways of securing Webservices, We will talk about them and how to invoke those secured services from BPEL.
Basic Secure Services:
These services are required to send authentication information (username / password) in HTTP Header to access.
WS-Security Services:
These services are required to send authentication information ( username / password) as WS-Security tokens in SOAP Envelope to access.
How to Add HTTP Authentication in BPEL:
Add the following properties in bpel.xml under the partner link for that service.
<property name="httpHeaders">credentials</property>
<property name="httpUsername">kalyan</property>
<property name="httpPassword">welcome1</property>
<property name="basicHeaders">credentials</property>
<property name="basicUsername">kalyan</property>
<property name="basicPassword">welcome1</property>
How to Add WS-Security Tokens in BPEL
Add the following properties in bpel.xml under the partner link for that service.
<property name="wsseHeaders">credentials</property>
<property name="wsseUsername">kalyan</property>
<property name="wssePassword">welcome1</property>