How to secure Internal Web Services through OWSM

It is important to ensure that only authorized consumers can call the web services that are exposed. The below solution applies only to security internal web services. All the internal web services will be secured using OWSM Server Agents. This document consists of steps to be taken on order to deploy server agents.

To configure a server agent component in Oracle Web Services Manager

Point your browser to the Web Services Manager Control Console and log in using

your user name and password.

The Web Services Manager Control Console is accessed with a URL of the form:

http://:port_number/ccore

For example:

httphttp://dceapocxxxx:8888/ccore/index.jsp

2. Click Add New Component.

3. On the Add New Component page, define:

■Component name

■Component type

■Container type


Click Register.




Define Policy Set for Server Agent

To define the policy set for the server agent:

1. At the Web Services Manager Control Console, click Policy Management, then click Manage Policies.

2. In the component list, select the agent for which the policy set is to be defined, and click Policies.

3. The policy set for the agent is displayed.

4. Click the Edit icon for the Default Policy.

5. Select Extract Credentials from the list, and click OK.

6. The Policy Definition page reappears, showing the newly added Extract Credentials step.

7. Click Configure to define the properties for the Extract Credentials step.

a. The Enabled property is set to true by default.

b. The credentials location is set to WS-BASIC.

8. Click OK.

9. To add the second step for credential authentication, in the Extract Credentials row, click Add Step Below.

10. In the New Step box, select the step template named LDAP Authenticate & Configure LDAP connection as below







Install Server Agent on OC4J

1. At a Oracle Web Services Manager command prompt, navigate to the bin directory of the Oracle Web Services Manager component within Oracle SOA installation. For example:

ORACLE_HOME\owsm\bin

2. Using a text editor, edit the agent.properties file.

3. For the agent.component.id, insert the Component ID of the server agent that was registered

4. Using a text editor, edit the coresv.properties file

5. Edit the external.oc4j.instance= e.g. external.oc4j.instance=customs

6. At the command prompt, run the installAgent command:

7. ORACLE_HOME\owsm\bin\wsmadmin installAgent Oracle-AS-password

8. where Oracle-AS-password is the OC4J administrator password.

Configure the Web Services Agent in Application Server Control

It is important to enable the Oracle Web Services Manager agent, Oracle Web Services

Manager and associate it with the Oracle WSM Server Agent.

To Configure the web services Agent in Enterprise Manager:



1. Open Application Server Control Console home page.

2. Under Members, click the home link.

3. Click Web Services. The list of web services is displayed.

4. Click the webservice link

5. Click the Administration link to display the management features available for

6. this web service, as shown below



7. Select Web Service Agent and click Move. Press OK

8. Edit configuration & put the value of configuration directory which is the value of agent id. E.g c300089

9.Test the web service using registered username/password. Monitor the connections on OWSM.




Comments

Popular posts from this blog

Identity Service Authentication failure

Weblogic server is not starting up ; java.lang.AssertionError

jstatd error : Could not create remote object : access denied (java.util.PropertyPermission java.rmi.server.ignoreSubClasses write)