Oracle UCM provides two types of Web services: a general (generic) JAX-WS based Web service, and a native SOAP based Web service. The two types of Web services reside in two different context roots. The context root is the primary identifier in the URL for accessing the Web services.
The context roots are:
/idcws/ - Use this context root for general access to a Oracle UCM Content Server instance through any regular Web services client.
/idcnativews/ - The Remote IDC client (RIDC) uses the native Web services. . It is recommended that you do not develop custom client against these services.
The following table describes the Oracle UCM Web service in the
/idcws/ context root.
|Oracle UCM Web Service||Descriptions|
|GenericSoapService||This service uses a generic format similar to HDA for its SOAP format. It is almost identical to the generic SOAP calls that you can make to the Oracle UCM Content Server when you set IsSoap=1. Details of the format can be found in the published WSDL at /idcws/GenericSoapPort?WSDL.
You can apply WS-Security to GenericSoapService through WS-Policy. The Content Server supports Oracle Web Services Manager (OWSM) policies for Security Assertion Markup Language (SAML) and username-token.
As a result of allowing WS-Security policies to be applied to this service, streaming Message Transmission Optimization Mechanism (MTOM) is not available for use with this service. Very large files (greater than the memory of the client or the server) cannot be uploaded or downloaded.
The following table describes the Oracle UCM Web services in the /idcnativews/ context root.
|Oracle UCM Web Services||Descriptions|
|IdcWebRequestService||This is the general Oracle UCM service. Essentially it is a normal socket request to the Oracle UCM Content Server, wrapped in a SOAP request. Requests are sent to the Content Server using streaming Message Transmission Optimization Mechanism (MTOM) in order to support large files.
Streaming MTOM and WS-Security do not mix. As a result, do not apply WS-Security to this service, because it will break the streaming file support. In order to achieve security, you must first log in using the IdcWebLoginService, then use the same JSESSIONID received from that service in the next call to IdcWebRequestService as a cookie.
|IdcWebLoginService||This service is solely for adding security to IdcWebRequestService calls. There are no parameters for this service; it simply creates a session. The important field to retrieve is the JSESSIONID for future calls to IdcWebRequestService. If you want to use WS-Security with IdcWebRequestService, then apply it here. The Content Server supports Oracle Web Services Manager (OWSM) policies for Security Assertion Markup Language (SAML) and username-token.|