|Oracle® Fusion Middleware Developer's Guide for Oracle Imaging and Process Management
11g Release 1 (11.1.1)
Part Number E12784-03
|PDF · Mobi · ePub|
Although the Native Java API is the most convenient way to leverage Oracle I/PM services, it is mostly a set of proxy and utility classes that wrap calls to the I/PM web services set. All of the functionality exposed by the native Java API is available using direct web service calls as well. Use of the API through direct web services requires a in depth understanding of WSDL documents and of environment specific techniques for invoking web services.
This chapter has the following sections:
Understanding how to invoke I/PM web services starts with knowing where to access the WSDL documentation. The following is a complete list of the I/PM service WSDL locations. The host name and port number will vary depending on your installation.
The majority of Oracle I/PM web services are capable of operating in either stateless or stateful mode. In stateless mode, authentication credentials passed in each service request are used to transparently log the user in, perform the requested operation, and then log out before returning.
In stateful operation, a call is first made to the LoginService.login operation to establish the user session with I/PM. Credentials to the login method are provided by the security policy currently in effect, or through HTTP Basic Auth if no policy is applied.
The jsessionid cookie returned by the log in operation is subsequently passed to call other services, thus maintaining session state from call to call. Note that web service security still requires that each call pass user credentials in order to comply with OWSM security policy enforcement. A call to LoginService.logout ends the user session.
As mentioned above, most Oracle I/PM services operate in either mode. The exception to this is the DocumentContentService. DocumentContentService operations are capable of leveraging a streaming Message Transmission Optimization Mechanism (MTOM) feature that is incompatible with OWSM security policies. Therefore, the stateful mode is required to wrap appropriate security around DocumentContentService operations.