Calling a webservice using the wss-username-token policy from a SOA Suite composite

When you are building a composite using the SOA Suite you quite often want to call an external webservice. These services can have a form of security on them….wss-username-token in our example. To attach the policy to the service in the SOA Suite is quite straight forward.

  • Right-click the service in the ‘External Reference’ swimlane and click ‘Configure WS Policies’

  • Choose the correct policy under Security. In my case oracle/wss_username_token_client_policy

  • Next we need to supply a username and password. The easiest way is to go to the source of the composite.xml and add 2 properties to the binding. See below for an example. This will ensure you can call your service using ws-security:username-token.
<reference name="CardManagementService" ui:wsdlLocation="v1.wsdl">
<interface.wsdl interface=""/>
< port=""location="v1.wsdl" soapVersion="1.2">
<wsp:PolicyReference URI="oracle/wss_username_token_client_policy" orawsp:category="security" orawsp:status="enabled"/>
<property name="weblogic.wsee.wsat.transaction.flowOption" type="xs:string" many="false">WSDLDriven</property>
<property name="oracle.webservices.auth.username" type="xs:string" many="false" override="may">MyUsername</property>
<property name="oracle.webservices.auth.password" type="xs:string" many="false" override="may">MyPassword</property>

Leave a Reply

Your email address will not be published. Required fields are marked *


This site uses Akismet to reduce spam. Learn how your comment data is processed.