20 Proxy Services: Creating and Managing

This chapter describes how to create, configure, and manage proxy services using the Oracle Service Bus Administration Console.

Proxy services are Oracle Service Bus definitions of services implemented locally on WebLogic Server.

For more information, see "Configuring Proxy Services and Business Services" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

20.1 Creating and Configuring Proxy Services

This section describes how to create and configure proxy services.

For JCA services, you can generate proxy services from JCA Bindings, as described in Section 20.1.1, "Generating a Proxy Service from a JCA Binding Resource."

  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Section 3.1, "Using the Change Center."

  2. Select Project Explorer, then select the project or folder to which you want to add the proxy service.

  3. On the Project/Folder View page, select Proxy Service from the Create Resource list.

  4. On the General Configuration page, provide a name for the service and select the type of service to create.

    Follow the Section 2.3, "Resource Naming Restrictions" for naming guidance.

  5. Click Next. The pages that follow depend on the choices you made on the first page. Enter the appropriate information on each of the subsequent pages, until you reach the summary page, then click Save to save the service in the current session.

    For detailed instructions on completing each page, see the following:

  6. To end the session and deploy the configuration to the run time, click Activate under Change Center.

  7. After you create a proxy service, the next step is to configure its message flow. The message flow defines the implementation of a proxy service. To learn more, see Section 21.1, "Viewing and Editing Message Flows."

20.1.1 Generating a Proxy Service from a JCA Binding Resource

You can generate a JCA proxy service from an inbound JCA Binding resource in Oracle Service Bus. For more information on JCA Binding resources, see Chapter 13, "JCA Bindings."

To generate a JCA proxy service from a JCA Binding:

  1. In the Oracle Service Bus Administration Console, click Create or Edit in the Change Center if you area not already in Create or Edit mode.

  2. In the Resource Browser, click JCA Bindings.

  3. Locate the JCA Binding from which you want to generate a service, and click the Action icon.

  4. In the window that appears, confirm the name of the WSDL and the service you want to generate, select the location for these new resources, and click Generate.

    Oracle Service Bus generates the service and its corresponding WSDL.

  5. Modify any other configuration details on the generated service as appropriate, such as the Endpoint URI.

20.2 Create/Edit a Proxy Service - Page Reference

Create a proxy service by selecting Proxy Service from the Create Resource list on the Project/Folder View page. When you select that option, it displays the first in a series of pages for configuring and adding proxy services. The pages displayed vary, depending on the options you choose along the way. The pages are:

20.2.1 General Configuration Page

The Create/Edit a Proxy Service - General Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to modify general configuration settings for a proxy service.

When you create a proxy service, this is the first page displayed in a series of pages for configuring the service. The pages displayed after this one differ depending on the choices you make on this page.

Table 20-1 describes how to use the page.

Table 20-1 Create/Edit a Proxy Service - General Configuration Page

Option To create or edit...

Service Name

Enter a unique name for the proxy service.

Follow the Section 2.3, "Resource Naming Restrictions" for naming guidance.

Description

Enter a description.

Service Type

Select the type of proxy service to create:

  • WSDL Web Service - Select this option to create a proxy service based on a WSDL. Then enter the WSDL name, qualified by its path (for example, myProject/myFolder/myWSDL). Alternatively, click Browse to select a WSDL from the Select a WSDL Definition page.

    (port or binding) - Enter the name of a port (defined in the WSDL) to describe an actual transport address, or enter the name of a binding (defined in the WSDL) to map to a transport address. If you use Browse to select a WSDL, the Select a WSDL Definition page lists any defined ports and bindings.

    Note: If you are going to use the SOAP Body Type for operations, ensure that the WSDL does not have two operations with the same input message. The SOAP Body Type operation cannot be uniquely identified by inspecting the input message.

  • Transport Typed Service - Select this option to create a JEJB proxy service.

  • Messaging Service - Select this option to create a service that can receive messages of one data type and respond with messages of a different data type. These exchanges can be either request/response or one-way.

    (HTTP GET is supported only in the Any XML Service and Messaging Service service types.)

  • Any SOAP Service - Select this option to create a SOAP service that does not have an explicitly defined, concrete interface.

    Select SOAP 1.1 or SOAP 1.2 from the list to specify the SOAP version to be used.

  • Any XML Service - Select this option to create an XML service that does not have an explicitly defined, concrete interface.

    (HTTP GET is supported only in the Any XML Service and Messaging Service service types.)

  • Business Service - Select this option to create a proxy service with a route node that routes to the business service you select. You cannot create a proxy service from a transport typed business service. If you create a proxy service from a DSP transport business service, Oracle Service Bus switches the transport type of the proxy service to HTTP, because the DSP transport cannot be used for proxy services. You can change the transport type of the proxy service to any other available transport.

    Enter the path (project/folder) and the name of the business service; or click Browse to select the business service from the Select Business Service page.

Service Type (continued)

  • Proxy Service - Select this option to clone an existing proxy service. Since Oracle Service Bus does not accept the same URI for multiple services, you must change the URI for the cloned service.

    Note: When a service is created from another service, alert rules are maintained in the following way:

  • When a proxy service is created from a business service or a business service is created from a proxy service, the alert rules, if any, are removed.

  • When a proxy service is created from another proxy service or a business service is created from another business service, the alert rules, if any, are retained.

Service Key Provider

If needed, enter the path (project/folder) and name of a service key provider, or click Browse to select one from the Select Service Key Provider page.

A service key provider is only required in certain cases:

  • Outbound two-way TLS/SSL, where the proxy service routes messages to HTTPS services that require client-certificate authentication.

  • In some Web Service security scenarios, for example, if the proxy service requires messages to be encrypted.

To add a Web service security-enabled proxy service, you must create the proxy service from a WSDL (port or binding) with WS-Policy attachments.

For more information, see Chapter 18, "Service Key Providers." To learn how to create a service key provider, see Section 18.2, "Adding Service Key Providers."

Publish to Registry

This option appears only when a default UDDI registry exists.

Select this option to publish the proxy service to the default registry automatically. For more information, see Section 30.8, "Using Auto-Publish."


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.2 Message Type Configuration Page

The Create/Edit a Proxy Service - Message Type Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure message types for a proxy service whose type is Messaging Service.

The binding definition for messaging services consists of configuring the content-type of the messages that are exchanged. The content-type for the response does not have to be the same as for the request; therefore, the response is configured separately (for example, the service could accept an MFL message and return an XML acknowledgment receipt).

Note:

E-mail, File, FTP, or SFTP transport proxy services whose type is Messaging Service support one-way messaging only; the Response Message Type should be none. If you select an option other than none, the E-mail, File, FTP, or SFTP protocols will not be available on the Transport Configuration page.

Table 20-2 describes how to use Create/Edit a Proxy Service - Message Type Configuration page.

Table 20-2 Create/Edit a Proxy Service - Message Type Configuration Page

Option To create or edit...

Request Message Type

Select a message type for the request message:

  • None - Select this option if there is no request message.

  • Binary - Select this option if the content-type of the message is unknown or not important.

  • Text - Select this option if the message can be restricted to text.

  • MFL - Select this option if the message is a binary document conforming to an MFL definition. Enter the MFL file name (qualified by its path), or click Browse to select a file.

    You can configure only one MFL file.

    Note: To support multiple MFL files, define the content as binary or text and use the MFL action in the message flow to convert to XML.

  • XML - Select this option if the message is an XML document. Enter the XML file name (qualified by its path), or click Browse to select a file.

    Optionally provide some type information by declaring (in the element or type field) the XML schema type of the XML document exchanged.

  • Java - Select this option if a Java Object is being sent in the request. The JMS transport is used for Java Object messages. For more information, see "Sending and Receiving Java Objects in Messages" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus

Response Message Type

Select a message type for the response message:

  • None - Select this option if there is no response message.

    Note: If you are using a Reply action in the pipeline to propagate success or failure messages from a service to the calling client, select an option other than None. The None option blocks the reply.

  • Binary - Select this option if the content-type of the message is unknown or not important.

  • Text - Select this option if the message can be restricted to text.

  • MFL - Select this option if the message is a binary document conforming to an MFL definition. Enter the MFL file name (qualified by its path), or click Browse to select a file.

    You can configure only one MFL file.

    Note: To support multiple MFL files, define the content as binary or text and use the MFL action in the message flow to convert to XML.

  • XML - Select this option if the message is an XML document. Enter the XML file name (qualified by its path), or click Browse to select a file.

    Optionally provide some type information by declaring (in the element or type field) the XML schema type of the XML document exchanged.

  • Java - Select this option if a Java Object is being received in the response. The JMS transport is used for Java Object messages. For more information, see "Sending and Receiving Java Objects in Messages" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.3 Transport Configuration Page

The Create/Edit a Proxy Service - Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to select a transport protocol for the proxy service and to set other general transport configuration settings. Table 20-3 describes how to use the page.

Note:

Inbound transport-level security applies to the client applications and Oracle Service Bus proxy services. Outbound transport-level security applies to the connections between Oracle Service Bus proxy services and business services. To learn more about transport-level security, see "Configuring Transport-Level Security" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Table 20-3 Create/Edit a Proxy Service - Transport Configuration Page

Option To create or edit...

Protocol

Select a transport protocol from the list. The protocols available differ, depending on the service type you are creating:

  • WSDL Web Service: http, jca, jms, local, sb, ws

  • Transport Typed: jejb

  • Messaging Service: email, file, ftp, http, jms, local, mq (if available), sftp, tuxedo

  • Any SOAP Service: http, jms, local, sb

  • Any XML Service: email, file, ftp, http, jms, local, mq (if available), sb, sftp, tuxedo

Endpoint URI

Enter an endpoint URI in the format based on the transport protocol you selected in the Protocol field, above: The formats are:

  • email - mailfrom:mail-server-hostname:mail-server-port

  • file - file:///drivename:/somename

  • ftp - ftp://hostname:port/directory

  • http - someName

    The HTTP transport supports both HTTP and HTTPS endpoints.

  • jca - jca://<resource_adapter_jndi>

  • jejb – The URL format is ejb_jndi_name. The URI configured for a JEJB proxy service becomes the global JNDI name for locating the stateless session bean generated by the JEJB transport from the remote/business interface in the client JAR.

    Note: For EJB 3.0, ejb_jndi_name is the mappedName attribute of the @javax.ejb.Stateless annotation in the generated bean. The lookup JNDI name for the generated EJB service is suffixed with #interface_class, which is the fully qualified name of the business interface.

    You can access the JEJB proxy service as:

    EJB 2.1: protocol://host:port/ejb_jndi_name

    EJB 3.0: protocol://host:port/ejb_jndi_name#interface_class

    Note: If your EJBs are running on IBM WebSphere, ejb_jndi_name must be in the following format:

    cell/nodes/node_name/servers/server_name/ejb_jndi_name

    or

    cell/clusters/cluster_name/ejb_jndi_name

    as described in the IBM WebSphere documentation at http://publib.boulder.ibm.com/infocenter/wasinfo/v6r1/index.jsp?topic=/com.ibm.websphere.nd.iseries.doc/info/iseriesnd/ae/rnam_example_prop3.html

  • jms - jms://host:port/factoryJndiName/destJndiName

    To target a target a JMS destination to multiple servers, use the following URI format:

    jms://host1:port,host2:port/QueueConnectionFactory/DestName

    You can also omit host and port from the URI to have the lookup performed on the local machine. For example:

    jms:///connection_factory/jndi_destination

    Note that when you create a proxy service, you can configure a JMS endpoint URI even if the server at that endpoint if not available. However, in the case of JMS, when you activate the session, the endpoint must be available. To learn more, see Section 3.2, "Activating Sessions."

    Note: While Oracle WebLogic Server allows forward slashes in JNDI names, such as "myqueues/myqueue", JNDI names with forward slashes interfere with the endpoint URI format required by Oracle Service Bus, and you cannot use those names. To work around this issue, define a JMS foreign server and reference that foreign server in the endpoint URI. For more information, see "Configure foreign servers" in the Oracle Fusion Middleware Oracle WebLogic Server Administration Console Online Help.

    In a cluster: The host names in the JMS URI must exactly match the host names of the cluster servers as they are configured in WebLogic Server.

  • local

    This transport does not require an endpoint URI.

Endpoint URI (continued)

  • mq - mq://<local-queue-name>?conn=<mq-connection-resource-ref>

    local-queue-name is the name of the MQ queue from which the proxy service reads messages.

    mq-connection-resource-ref is the path (project/folder) and name of the MQ connection resource; for example, default/my_MQconnection.

    Note: The Endpoint URI cannot contain spaces, so do not create MQ Connection resources or projects/folders with spaces in the names.

    To make the MQ transport available in Oracle Service Bus, see Chapter 9, "MQ Connections."

  • sb - service_name

    service_name is the unique identifier for the proxy service. By default, this name will be the proxy service name.

    service_name must only contain characters permitted in URIs (as described in RFC2396 at http://www.ietf.org/rfc/rfc2396.txt), except it cannot contain forward slash (/) or colon (:) characters.

  • sftp - sftp://hostname:port/directory

  • tuxedo - exportname

    The URI exportname corresponds to a WTC Export that the remote Tuxedo domain identifies as a Tuxedo service.

    If more than one URI is specified, you must have unique resource names for the endpoints. If no remote name is specified, its value is the value of the resource name. If no remote name is entered or if remote and resource name are the same, only one URI is allowed. In this case resource name and remote name will have the same value. This allows users using already defined WTC Imports to make use of WTC load-balancing and failover.

    Note: If you configure two identical URIs, an error indicates that the service name already exists.

  • ws - /contextPath

    contextPath must be unique for proxy services that use either HTTP or WS transport.

Get All Headers

Select Yes to retrieve all the headers from the transport.

Select No to retrieve a defined set of headers. If you select No, enter a set of headers in the Header field, then click Add. (This step does not apply to Local transport.)

Note: Oracle Service Bus does not pass the HTTP Authorization header from the request to the pipeline because it opens a security vulnerability. You could inadvertently create a log action that writes the user name and unencrypted password to a log file. If your design pattern requires the HTTP Authorization header to be in the pipeline, do the following:

a. In the startup command for Oracle Service Bus, set the following system property to true: com.bea.wli.sb.transports.http.GetHttpAuthorizationHeaderAllowed

b. In the Oracle Service Bus Administration Console, on the Transport Configuration page, select Get All Headers or select User-specified Headers and specify Authorization.

c. Restart Oracle Service Bus.

Oracle Service Bus will pass the Authorization header to the pipeline.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.5 E-Mail Transport Configuration Page

The Create/Edit a Proxy Service - E-Mail Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure transport settings for a proxy service using the e-mail transport protocol. Table 20-4 describes how to use the page.

Table 20-4 Create/Edit a Proxy Service - E-Mail Transport Configuration Page

Option To create or edit...

Service Account

Enter a service account name, or click Browse to select service accounts from a browser.

Managed Server

This field is available only in a clustered domain.

Select the Managed Server to act as the polling server. All of the Managed Servers can process the message, but only one can poll for the message.

Polling Interval

Enter a polling interval, in seconds.

E-Mail Protocol

Select POP3 or IMAP as the server type for the e-mail account.

Read Limit

Specify the maximum number of messages to read per polling sweep. Enter 0 to specify no limit.

Pass By Reference

Select this check box to stage the file in the archive directory and pass it as a reference in the headers.

By default when you create a new service, the Pass By Reference option is selected and you must specify the archive directory location.

Pass Attachments by Reference

Select this check box to stage the attachments in the archive directory and pass them as a reference in the headers.

By default, when the Pass By Reference option is selected, the Pass Attachments By Reference option is implicitly true and you must specify the archive directory location.

Post Read Action

Select what happens to a message after it has been read:

  • Archive - The message is archived.

  • Delete - The message is deleted.

  • Move - The message is moved. Move is only available with the IMAP protocol.

Attachments

Select how attachments are handled:

  • Archive - Attachments are saved to the archive directory.

  • Ignore - Attachments are ignored.

IMAP Move Folder

Enter the folder to which the message is moved if the Post Read Action field is set to Move.

Download Directory

Enter a temporary location for downloading e-mails.

Archive Directory

Specify the path to the archive location if the Post Read Action field is set to Archive.

This field is required if the Pass By Reference or Pass Attachments By Reference option is selected.

Error Directory

Enter the file system directory path to write the message and any attachments if there is a problem.

Request Encoding

Accept the default ISO-8859-1 as the character set encoding for requests in E-mail transports, or enter a different character set encoding.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.6 File Transport Configuration Page

The Create/Edit a Proxy Service - File Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure transport settings for a proxy service using the file transport protocol. Table 20-5 describes how to use this page.

Table 20-5 Create/Edit a Proxy Service - File Transport Configuration Page

Option To create or edit...

File Mask

Specifies the files that should be polled by the proxy service. If the URI is a directory and *.* is specified, then the service will poll for all the files in the directory. Only the wildcard characters * and ? are allowed in the File Mask. Regular expressions are not supported.

Managed Server

This field is available only in a clustered domain.

Select the Managed Server to act as the polling server. All of the Managed Servers can process the message, but only one can poll for the message.

Polling Interval

Enter a polling interval, in seconds. The default is 60.

Read Limit

Specify the maximum number of messages to read per polling sweep. Enter 0 to specify no limit. The default is 10.

Sort By Arrival

Select this check box to specify that events are delivered in the order of arrival.

Note that when this option is selected for a proxy service that is executed in a clustered environment, messages are always sent to the same server. In other words, load balancing across servers is ignored when this option is selected.

Scan Subdirectories

Select this check box to recursively scan all the directories.

Pass By Reference

Select this check box to stage the file in the archive directory and pass it as a reference in the headers.

Post Read Action

Select what happens to a message after it has been read:

  • Archive - The message is archived.

  • Delete - The message is deleted.

Stage Directory

Enter an intermediate directory to temporarily stage the files while processing them.

Do not put the stage directory inside of the polling directory (the directory identified in the URL of the file transport proxy service; for example, file:///c:/dir1/dir2).

Archive Directory

Specify the path to the archive location if the Post Read Action option is set to Archive. The Archive Directory field is also a required field if you have selected the Pass By Reference field.

Do not put the archive directory inside of the polling directory.

Error Directory

Enter the location where messages and attachments are posted if there is a problem.

Do not put the error directory inside of the polling directory.

Request Encoding

Accept the default UTF-8 as the character set encoding for requests in file transports, or enter a different character set encoding.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.7 FTP Transport Configuration Page

The Create/Edit a Proxy Service - FTP Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure transport settings for a proxy service using the ftp transport protocol. Table 20-6 describes how to use this page.

Table 20-6 Create/Edit a Proxy Service - FTP Transport Configuration Page

Option To create or edit...

User Authentication

Select anonymous if the user of the FTP server is anonymous, or select external user if the user of the FTP server is an externally configured account.

Identity (E-Mail ID)

This field is available only if the User Authentication option is set to anonymous.

Enter the mail ID for the anonymous user.

Service Account

This field is available only if the User Authentication option is set to external user.

Enter the service account for the user. This is a required field when the User Authentication option is set to external user.

Pass By Reference

Select this check box to stage the file in the archive directory and pass it as a reference in the headers.

Remote Streaming

Select this check box to stream the FTP files directly from the remote server at the time of processing. When you select this option, the archive directory is the remote directory on the remote FTP server machine. Therefore, you should specify the archive directory as relative to the FTP user directory.

File Mask

Enter the regular expression for the files to be picked. The default is *.*.

Managed Server

This field is available only in a clustered domain.

Select the Managed Server to act as the polling server. All of the Managed Servers can process the message, but only one can poll for the message.

Polling Interval

Enter a polling interval, in seconds. The default is 60.

Read Limit

Specify the maximum number of messages to read per polling sweep. Enter 0 to specify no limit. The default is 10.

Post Read Action

Select what happens to a message after it has been read.

  • Archive - The message is archived.

  • Delete - The message is deleted.

Transfer Mode

Select ASCII or binary as the transfer mode.

Archive Directory

Specify the path to the archive location if the Post Read Action option is set to Archive. This field is required if the Pass By Reference option is selected.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Download Directory

Enter the directory on your local machine where files are downloaded during the file transfer.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Error Directory

Enter the location where messages are posted if there is a problem.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Request Encoding

Accept the default UTF-8 as the character set encoding for requests in FTP transports.

Scan Subdirectories

Select this check box to recursively scan all directories

Sort By Arrival

Select this check box to deliver events in the order of arrival.

Timeout

Enter the socket timeout interval, in seconds, before the connection is dropped. If you enter 0, there is no timeout.

Retry Count

Specify the number of retries for FTP connection failures.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.8 HTTP Transport Configuration Page

The HTTP transport now supports both HTTP and HTTPS endpoints.

The Create/Edit a Proxy Service - HTTP Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure transport settings for a proxy service using the HTTP transport protocol. Table 20-7 describes how to use the page.

Table 20-7 Create/Edit a Proxy Service - HTTP Transport Configuration Page

Option To create or edit...

HTTPS required

Select this check box for inbound HTTPS endpoints.

To learn more, see "Configuring Transport-Level Security" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Authentication

Select one of the following:

  • None - Specifies that authentication is not required.

  • Basic - Specifies that basic authentication is required to access this service.

    Basic authentication instructs WebLogic Server to authenticate the client using a user name and password against the authentication providers configured in the security realm, such as a Lightweight Directory Access Protocol (LDAP) directory service and Windows Active Directory. The client must send its user name and password on the HTTP request header.

    Basic authentication is strongly discouraged over HTTP because the password is sent in clear text. However, it is safe to send passwords over HTTPS because HTTPS provides an encrypted channel.

    Warning: By default, all users (authorized and anonymous) can access a proxy service. To limit the users who can access a proxy service, create a transport-level authorization policy. See Section 25.15, "Editing Transport-Level Access Policies."

  • Client Certificate - Specifies encrypted communication and strong client authentication (two-way SSL). To learn more, see "Configuring Transport-Level Security" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

  • Custom Authentication - Specifies that an authentication token is contained in an HTTP header. The client's identity is established through the use of this client-supplied token. You must configure an Identity Assertion provider that maps the token to an Oracle Service Bus user.

    The custom authentication token can be of any active token type supported by a configured WebLogic Server Identity Assertion provider.

Dispatch Policy

Select a dispatch policy for this endpoint. Leave blank to use the default dispatch policy.

Dispatch policy refers to the instance of Oracle WebLogic Server Work Manager that you want to use for the service endpoint.

For information about Work Managers, see:

Request Encoding

  • For HTTP inbound transports:

    If the character set encoding parameter of the Content-Type header is not specified in Client Request, enter a character set encoding parameter. If you do not enter a value, the field defaults to ISO-8859-1.

  • For HTTP outbound transports:

    If you have not configured a request encoding, the Oracle Service Bus run time decides the most appropriate encoding while it makes a request to the business service. In the case of a non-pass-through scenario, the default character encoding is UTF-8 at run time. However if it is a pass-through scenario, the run time will pass through the encoding received with the outbound response.

Response Encoding

Accept the default ISO-8859-1 as the character set encoding for responses in HTTP transports, or enter a different character set encoding.

Authentication Header

Enter the HTTP header (any except Authorization) from which Oracle Service Bus is to extract the token. This field is available only if you selected the Custom Authentication check box.

For example, client-xyz-token.

Authentication Token Type

Select an authentication token type. Only the active token types configured for an Identity Assertion provider are available. (See Configuring Identity Assertion Providers at https://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/security/message_level_cust_auth.html#wp1066076 for Custom Tokens for more information.) This field is available only if you selected the Custom Authentication check box.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.9 JCA Transport Configuration Page

Use this page to configure transport settings using the JCA transport protocol. For more information on using the JCA transport, see "JCA Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus and Section 20.1.1, "Generating a Proxy Service from a JCA Binding Resource."

Table 20-8 JCA Transport Configuration Page

Option Description

JCA File

Click Browse to select a JCA Binding. The JCA Binding defines different aspects of the service, such as details about the adapter used, a binding to the WSDL and TopLink or EclipseLink mapping file, and the activation/interaction spec properties required by the service.

Once you select a valid JCA Binding, the remaining transport configuration fields become available.

For more information on JCA Bindings, see Chapter 13, "JCA Bindings."

Adapter Name

A read-only value showing the name of the adapter that the JCA service will use.

Adapter Type

A read-only value showing the adapter type.

Dispatch Policy

Select the instance of WebLogic Server Work Manager that you want to use for the dispatch policy for this endpoint. The default Work Manager is used if no other Work Manager exists.

For information about Work Managers, see:

JNDI Service Account

JNDI Service Account is for JNDI context security, used to access the EIS adapter managed connection factory. Click Browse and select a service account. If no service account is specified, an anonymous subject is used.

For JCA business services, there is no restriction on the type of JNDI service account that can be configured, such as static or pass-through, but the run time must be able to access a user name and password. JCA proxy services can use only static JNDI service accounts.

For more information on JNDI service accounts, see "Security" in the "JCA Transport" chapter of the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

EndPoint Properties

This field lets you assign values to endpoint properties such as retries for the type of adapter the service uses.

For a list of supported JCA endpoint properties, see "Endpoint Properties" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Dynamic EndPoint Properties

This option lets you pass request parameters to JCA-compliant services. For example, you can use a dynamic endpoint property to pass database query parameters to the Oracle JCA Adapter for Database.

For more information on querying with parameters, see "Oracle JCA Adapter for Database" in the Oracle Fusion Middleware User's Guide for Technology Adapters.

Enter a name/value pair for each dynamic endpoint property you want to provide. The endpoint property key matches the query parameter name.

Always use configuration from JCA file

This option determines whether or not Activation Spec Properties (proxy services) and Interaction Spec Properties (business services) are always used from the JCA file.

If this option is selected (default), the JCA transport interacts with the JCA framework using the activation/interaction spec properties in the JCA file.

If this option is deselected, you can override the Activation/Interaction Spec Properties.

For the redeployment impact of using this option, see "Endpoint Redeployment" in the "JCA Transport" chapter of the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Operation Name

Displays a read-only name of the selected WSDL operation. An operation can have its own activation/interaction spec properties, shown in the Activation/Interaction Spec Properties field.

Activation/Interaction Spec Properties

Activation Spec Properties is the field name for proxy services; Interaction Spec Properties is the field name for business services.

If this service is an inbound service invoked by an EIS application, this field displays the activation spec properties for the JCA inbound operation shown in Operation Name field.

You can override the activation/interaction spec properties if you deselect Always use configuration from JCA file.

Note: For Oracle Adapter Suite adapters, activation/interaction spec properties are displayed as read-only. The Oracle Adapter Suite adapters store their own configurations, which you must change in the Oracle Adapter Suite management tools.

Connection properties (legacy)

For legacy JCA services that use non-managed mode connection properties (deprecated in this release), see the connection configuration options at https://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/jcatransport/transport.html#wp1105451.


For more information on endpoint and activation/interaction spec properties, see the Oracle Fusion Middleware User's Guide for Technology Adapters.

20.2.10 JEJB Transport Configuration Page

Use this page to configure transport settings using the JEJB transport protocol. For more information on using the JEJB transport, see "JEJB Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Table 20-9 JEJB Transport Configuration Page

Option Description

Dispatch Policy

Select the instance of WebLogic Server Work Manager that you want to use for the dispatch policy for this endpoint. The default Work Manager is used if no other Work Manager exists.

For information about Work Managers, see:

EJB Spec Version

Select the EJB version of the remote EJB interface.

Pass XMLBeans by value

Select this option if you want the transport to generate an "inlined" XML representation of POJO arguments (an XMLObject) whose parameters you can access and manipulate with XQuery expressions.

Note: Type information is not available inline for XMLObjects passed by value. If you use this option, you cannot pass the typed XMLObject as the argument in a Java Callout in a proxy service pipeline.

Do not select this option if you want to pass the POJO by reference, which also results in better performance.

Transaction Attribute

Select one of the following options for handling transactions:

Supports – The transport accepts an incoming transaction. Quality of service is exactly-once if the operation is invoked in a transaction and best-effort if the operation is invoked outside of a transaction.

Required – The transport accepts an incoming transaction. If no ongoing transaction exists, the transport starts one. Quality of service is exactly-once.

RequiresNew – The transport always starts a new transaction, suspending an ongoing transaction. Quality of service is exactly-once.

Mandatory – The transport invokes the method in the existing transaction. Quality of service is exactly-once.

NotSupported – The transport suspends an existing transaction and resumes it on invocation. Quality of service is best-effort.

Never – The transport does not invoke the method in a transaction. Quality of service is best-effort.

Client JAR

Click Browse and select an EJB client JAR resource from the list displayed. The client JAR contains the remote or business interface for the remote EJB. The Client JAR is registered as a generic Archive Resource.

Home Interface

EJB 2.1 only – Select the required EJBHome interface from the options populated by the client JAR.

Remote Interface

EJB 2.1 only – This field is automatically populated based on the configuration of the Home Interface.

Business Interface

EJB 3.0 only – Select the business interface from the client JAR that you want to invoke.

Target Namespace

This field is populated by information picked up from the JAR.

Methods

Select the required methods. Click + to expand the method, which lets you edit the default parameter values.

You can change the default operation name for a given method. By default, the operation name is the method name. If an EJB contains methods with same name (overloaded), you must change the operation names so that they are unique. WSDLs require unique operation names.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.11 JMS Transport Configuration Page

The Create/Edit a Proxy Service - JMS Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "JMS Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Use this page to configure transport settings for a proxy service using the JMS transport protocol. Table 20-10 describes how to use the page.

Table 20-10 Create/Edit a Proxy Service - JMS Transport Configuration Page

Option To create or edit...

Destination Type

Select one of the following:

  • Queue (for a point-to-point destination type)

  • Topic (for a publish/subscribe destination)

Is Response Required

This option is available only when Queue is selected for the Destination Type.

Select this option to specify that a response is expected after an outbound message is sent.

Response Pattern

This option is available only when the Is Response Required check box is selected.

Select one of the following:

  • Select JMSMessageID for JAX-RPC services running on Oracle WebLogic Server.

  • Select JMSCorrelationID for all other services. When you select this option, you must also enter a Response URI.

Response Message Type

This option is available only when the Is Response Required check box is selected.

Select one of the following:

  • Bytes (for a stream of uninterpreted bytes)

  • Text (for text messages)

This option is disabled if you select a Message Type of Java for the response.

Client Jar

This option is available when the service is a Messaging Service with a request type of Java. Select the client JAR to be used for dequeueing messages that contain Java Objects. Selecting the client JAR ensures it is on the classpath.

For more information, see "Sending and Receiving Java Objects in Messages" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Dispatch Policy

Select the instance of Oracle WebLogic Server Work Manager that you want to use for the dispatch policy for this endpoint. The default Work Manager is used if no other Work Manager exists.

For example, if the business service has a JMS transport protocol, the business service endpoint is an MDB (message-driven bean) JAR file that you can associate with the specific dispatch policy.

For information about Work Managers, see:

Request Encoding

Enter the character set for encoding requests. The default is UTF-8.

Response Encoding

This option is available only when the Is Response Required check box is selected.

Enter the character set for encoding responses. The default is UTF-8.

Client Response Timeout

This option is available only when the Is Response Required check box is selected.

Enter the number of seconds to wait for a server response before dropping the connection. This only applies if the client is another proxy service in the same domain.

Response URI

This option is available only when JMSCorrelationID is selected for the Response Correlation Pattern.

Enter a response URI in the format:

jms://host:port/connection_factory/jndi_destination

To target multiple servers, use the following format:

jms://host1:port,host2:port/connection_factory/jndi_destination

You can also omit the host and port in the response URI. For example:

jms:///connection_factory/jndi_destination

When you omit host and port, the connection factory/destination lookup occurs on the local server. This is useful, for example, if the request URI goes to a foreign connection factory/destination, but you want the response sent to the local server.

Note: While Oracle WebLogic Server allows forward slashes in JNDI names, such as "myqueues/myqueue", JNDI names with forward slashes interfere with the URI format required by Oracle Service Bus, and you cannot use those names. To work around this issue, define a JMS foreign server and reference that foreign server in the URI. For more information, see "Configure foreign servers" in the Oracle Fusion Middleware Oracle WebLogic Server Administration Console Online Help.

Response Connection Factory

This option is available only when JMSMessageID is selected for the Response Correlation Pattern.

Enter a response connection factory URI.

If a connection factory is not specified, the connection factory for the request is used for the response.

JMS Service Account

Select a service account to use for the JMS resource managed by the JMS server. A service account is an alias resource for a user ID and password, used for both the request and response. The same service account is used for both JMS and JNDI purposes.

For more information, see Chapter 17, "Service Accounts."

Use SSL

Select this option only if the requests are made over a TLS/SSL connection.

TLS/SSL (Secure Sockets Layer) provides secure connections by allowing two applications connecting over a network to authenticate the other's identity and by encrypting the data exchanged between the applications. Authentication allows a server, and optionally a client, to verify the identity of the application on the other end of a network connection. Additionally, if the administrator has restricted access to individual JMS destinations (queues or topics) by setting access control on the JNDI entry for the destination, the service must authenticate when looking up the entry in the JNDI tree.

Note: The JMS transport does not support two-way SSL.

Message Selector

Enter a message selector expression.

Only messages with properties matching the expression are processed

Durable Subscription

This option is available only if Topic is selected for the Destination Type.

Select this check box if the subscription is durable or leave it blank if the subscription is not durable

Retry Count

Enter the number of delivery retries a message can have before it is moved to the error destination. This field only applies to Oracle WebLogic Server JMS destinations.

Retry Interval

Enter the amount of time, in milliseconds, before rolled back or recovered messages are redelivered. This field only applies to Oracle WebLogic Server JMS destinations.

Error Destination

Enter the name of the target destination for messages that have reached their redelivery limit. This field only applies to Oracle WebLogic Server JMS destinations.

Expiration Policy

Select an Expiration Policy to use when an expired message is encountered on a destination. This field only applies to Oracle WebLogic Server JMS destinations.

Is XA Required

Select this check box if your connection factory is XA.

This value is taken into account when the remote connection factory is unavailable. If your connection factory is available and this value is true, make sure that the connection factory is defined as transactional.

Topic Messages Distribution

This option is available when you select Topic for the Destination Type.

Topic Messages Distribution provides different options for handling inbound JMS messages and providing high availability and failover.

Select one of the following properties to determine how message-driven beans handle incoming JMS messages:

  • One Copy Per Application (default) – If the JMS proxy service is deployed to a cluster, this option provides high availability and scalability by ensuring that an inbound JMS message is processed on only one of the available servers in a cluster.

  • One Copy Per Server – Select this option if you want inbound JMS messages published to a topic to be received by the proxy service on every member of the cluster.

  • Compatibility – Select this option if you want inbound JMS messages to be processed on a specific Managed Server or all Managed Servers in a cluster. If you select this property, select a Target server.

Note: For topic destinations deployed on Oracle WebLogic Server prior to version 10.3.4, the only valid option is Compatibility.

The "One Copy" options you select for Topic Messages Distribution override the Subscription Sharing Policy and/or Client ID Policy configured on the JMS Connection Factory.

Target

This option is available only in an Oracle Service Bus cluster when you select Compatibility for the Topic Messages Distribution option. Select the target server that will handle incoming JMS messages. If you select one of the "One Copy" options for Topic Messages Distribution, this field displays the name of the cluster.

If you do not set a target, the JMS proxy service instance (reading messages off the Topic) on each Managed Server in the cluster gets a copy of the message.

JNDI Timeout

The JNDI connection timeout (in seconds) used while looking up the destination or connection factory in the JNDI tree.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.12 MQ Transport Configuration Page

The Create/Edit a Proxy Service - MQ Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "MQ Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Before you begin

Configure a MQ Connection resource. See Chapter 9, "MQ Connections."

To configure the MQ transport

Use this page to configure transport settings for a proxy service using the native MQ transport protocol. Table 20-11 describes how to use the page.

Table 20-11 Create/Edit a Proxy Service - MQ Transport Configuration Page

Option To create or edit...

Polling Interval

Enter a polling interval, in milliseconds. The default is 1000.

Is Response Required

Select this option to specify that a response is expected after an outbound message is sent.

Response Correlation Pattern

This option is available only when the Is Response Required check box is selected.

Specify whether the response correlation pattern should be based on MessageID or CorrelationID.

MQ Response URI

This option is available only when the Is Response Required check box is selected.

The destination to which the response should be published. Enter a response URI in the same format as the endpoint URI: mq://<local-queue-name>?conn=<mq-connection-resource-ref>

Response Message Type

This option is available only when the Is Response Required check box is selected.

Select one of the following:

  • Bytes (for a stream of uninterpreted bytes)

  • Text (for text messages)

Client Response Timeout

This option is available only when the Is Response Required check box is selected.

Enter the number of seconds to wait for a response before dropping the connection.

Dispatch Policy

Select a dispatch policy for this endpoint.

Dispatch policy refers to the instance of Oracle WebLogic Server Work Manager that you want to use for the service endpoint.

For information about Work Managers, see:

Backout Threshold

Enter a value representing the number of times the pipeline should retry a message before redirecting the message to the queue specified in the Dead Letter URI field.

If you do not specify a value for this field, the message is redirected to the dead letter queue without attempting any retries.

MQ Dead Letter URI

Enter the URI of the dead letter queue to which request messages should be redirected after attempting the number of retries specified in the Backout Threshold field.

If you do not specify a value for this field, the message is discarded after retrying the number of times specified in the Backout Threshold field. The Dead Letter URI uses the same format as the EndPoint URI.

Endpoint URI 'GET' options

Enter the MQ GET message options from among the following:

  • MQC.MQGMO_ACCEPT_TRUNCATED_MSG

  • MQC.MQGMO_ALL_MSGS_AVAILABLE

  • MQC.MQGMO_BROWSE_FIRST

  • MQC.MQGMO_BROWSE_NEXT

  • MQC.MQGMO_COMPLETE_MSG

  • MQC.MQGMO_CONVERT

  • MQC.MQGMO_FAIL_IF_QUIESCING

  • MQC.MQGMO_LOCK

  • MQC.MQGMO_LOGICAL_ORDER

  • MQC.MQGMO_MARK_BROWSE_CO_OP

  • MQC.MQGMO_MARK_SKIP_BACKOUT

  • MQC.MQGMO_NO_SYNCPOINT

  • MQC.MQGMO_NONE

  • MQC.MQGMO_NO_WAIT

  • MQC.MQGMO_SYNCPOINT

  • MQC.MQGMO_SYNCPOINT_IF_PERSISTENT

  • MQC.MQGMO_UNLOCK

  • MQC.MQGMO_UNMARK_BROWSE_CO_OP

  • MQC.MQGMO_UNMARK_BROWSE_HANDLE

  • MQC.MQGMO_UNMARKED_BROWSE_MSG

  • MQC.MQGMO_VERSION_1

  • MQC.MQGMO_VERSION_2

  • MQC.MQGMO_VERSION_3

  • MQC.MQGMO_WAIT

You can use either "|" or "+" to separate multiple options. For example, you can specify the following:

MQC.MQGMO_ACCEPT_TRUNCATED_MSG | MQC.MQGMO_LOCK

The MQ GET message options are applied when reading a message from the inbound queue.

Process RFH2 Headers

Select this option to parse WebSphere MQ RFH2 headers from a message payload and automatically generate an RFH2Headers transport header containing the RFH2 data.

If you do not select this option, the payload is passed through as received.

For information about how the MQ transport handles RFH2 headers, see "About RFH2 Headers" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.13 SB Transport Configuration Page

The Create/Edit a Proxy Service - SB Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "SB Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Use this page to configure transport settings for a proxy service using the SB (Service Bus) transport protocol. Table 20-12 describes how to use the page.

Table 20-12 Create/Edit a Proxy Service - SB Transport Configuration Page

Option To create or edit...

Dispatch Policy

Select a dispatch policy for this endpoint or use the default dispatch policy.

Dispatch policy refers to the instance of Oracle WebLogic Server Work Manager that you want to use for the service endpoint to process the request.

For information about Work Managers, see:

Use SSL

When specified, requests must be sent over an SSL connection.

However, unsecured connections are not forbidden. The administrator must close all unsecured protocols on the server (for example, t3 or http) to strictly enforce secured client connections.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.14 SFTP Transport Configuration Page

The Create/Edit a Proxy Service - SFTP Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "HTTP and Poller Transports" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Use this page to configure transport settings for a proxy service using the sftp transport protocol. Table 20-13 describes how to use this page.

Table 20-13 Create/Edit a Proxy Service - SFTP Transport Configuration Page

Option To create or edit...

User Authentication

Select one of the following:

  • Username Password Authentication - Specifies that a static service account is associated with this authentication method and the client is authenticated using the provided credentials.

  • Host Based Authentication - Specifies that a user name and service key provider is required to use this authentication method. Any user connecting from a known host is authenticated using the private key of the host.

  • Public Key Authentication - Specifies that a user name and service key provider is required to use this authentication method. Every user has their own private key.

Note: The Oracle Service Bus service does not use the service key provider to authenticate any credentials from the SFTP server. It uses only the known_hosts file to authenticate the SFTP server, as described in "Configuring Transport-Level Security for SFTP Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Service Account

Enter the service account for the user, or click Browse to select service accounts from a browser.

Service Key Provider

This option is available only when Host Based or Public Key Authentication is selected.

Enter a service key provider in the Service Key Provider field. You can click Browse to select service key providers from a browser. This is a required field.

Username

This option is available only when Host Based or Public Key Authentication is selected.

Enter the user name.

Pass By Reference

Select this check box to stage the file in the archive directory and pass it as a reference in the headers.

Remote Streaming

Select this check box to stream the SFTP files directly from the remote server at the time of processing. When you select this option, the archive directory is the remote directory on the remote SFTP server machine. Therefore, you should specify the archive directory as relative to the SFTP user directory.

File Mask

Enter the regular expression for the files to be picked. The default is *.*.

Managed Server

This field is available only in a clustered domain.

Select the Managed Server to act as the polling server. All of the Managed Servers can process the message, but only one can poll for the message.

Polling Interval

Enter the interval in seconds at which the file is polled from the specified location. The default is 60.

Read Limit

Specify the maximum number of messages to read per polling sweep. Enter 0 to specify no limit. The default is 10.

Post Read Action

Select what happens to a message after it has been read.

  • Archive - The message is archived.

  • Delete - The message is deleted.

Archive Directory

Specify the path to the archive location if the Post Read Action option is set to Archive. This field is required if the Pass By Reference option is selected.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Download Directory

Enter the directory on your local machine where files are downloaded during the file transfer.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Error Directory

Enter the location where messages are posted if there is a problem.

Note: The Archive, Download, and Error directories are absolute paths, and they are automatically created. If you specify a relative path, the files are created relative to the Java process that starts the WebLogic Server.

Request Encoding

Accept the default UTF-8 as the character set encoding for requests in SFTP transports.

Scan Subdirectories

Select this check box to recursively scan all directories

Sort By Arrival

Select this check box to deliver events in the order of arrival.

Timeout

Enter the socket timeout interval, in seconds, before the connection is dropped. If you enter 0, there is no timeout. The default value is 60.

Retry Count

Specify the number of retries for SFTP connection failures.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.15 Tuxedo Transport Configuration Page

The Create/Edit a Proxy Service - Tuxedo Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "Tuxedo Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Use this page to configure transport settings for a proxy service using the Tuxedo transport protocol. Table 20-14 describes how to use the page.

Table 20-14 Create/Edit a Proxy Service - Tuxedo Transport Configuration Page

Option To create or edit...

Field Table Classes

Enter the name of the class or classes describing the FML/FML32 buffer received. These are used for the FML/FML32-to-XML conversion routines to map field names to element names. This is a space separated list of fully qualified class names.

View Classes

Enter the name of the class or classes describing the VIEW/VIEW32 buffer received or sent. These are used for the VIEW-to-XML or VIEW32-to-XML conversion routines to map field names to element names. This is a space separated list of fully qualified class names.

X_C_TYPE and X_COMMON Tuxedo buffer types are handled in the same manner as VIEW/VIEW32 buffers.

If an incoming request contains a VIEW, then the corresponding VIEW class should be specified in the Oracle Service Bus CLASSPATH.

Classes Jar

Select a JAR resource that contains a JAR file with the FML/FML32 or VIEW/VIEW32 classes necessary for this endpoint operation.

Local Access Point

Select a local access point from the list that is associated with the export. The list contains local access points configured in WTC. A proxy service cannot be created if there is not an associated local access point.

If no local access points exist or to create a new one, select New. Enter the corresponding Local Access Point Name and Local Network Address in the adjacent fields. Upon validation of the endpoint, the access point is added to the WTC configuration for each WTC server. If no WTC server exists, one is created.

You can enter an existing access point name after selecting the New option. This causes the existing information to be updated with the new parameters. You can change only the host name and port number.

Remote Access Point

This field appears only when you select New in the Local Access Point field.

From the list, select a remote access point to be associated with the newly created local access point. If none exist or to create a new one, select New. Enter the corresponding Access Point Name and Network Address in the adjacent fields.

You can enter an existing access point name after selecting the New option. This causes the existing information to be updated with the new parameters. You can change only the host name and port number.

The remote access point will also be the authentication principal for the WTC connection for inbound requests. Optionally, you can create a user with the same access point ID in the default security realm to allow incoming calls. To do so, select Yes from the Create User? list. The password will be randomly generated using a temporary variable to avoid security issues.

Reply Buffer Type

This option is available only if the Response Required option is selected.

Select the type of buffer that the remote Tuxedo client will receive.

Reply Buffer Subtype

This option is available only when the Response Required option is selected and the Reply Buffer Type value is VIEW or VIEW32.

Enter the buffer subtype with which to associate the reply buffer.

Response Required?

Select this check box if this service is expected to send a response.

The default status is that this option is selected.

This option is cleared and the unavailable if the service type is Messaging Service and the response message type is None.

Request Encoding

Specify a character set encoding for requests in Tuxedo transports.

Response Encoding

Specify a character set encoding for responses in Tuxedo transports.

Transformation Style

Select one of the following:

  • None - (default) The order of fields may not be respected.

  • Ordered - The fields are presented with all their occurrences in the correct order.

  • Ordered and Grouped - If the fields are logically structured as records, the fields are ordered by occurrence and grouped by record.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.16 WS Transport Configuration Page

The Create/Edit a Proxy Service - WS Transport Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

For more information, see "WS Transport" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Use this page to configure transport settings for a proxy service using the WS transport protocol. Table 20-15 describes how to use the page.

Table 20-15 Create/Edit a Proxy Service - WS Transport Configuration Page

Option To create or edit...

Dispatch Policy

Select a dispatch policy for this endpoint or use the default dispatch policy.

Dispatch policy refers to the instance of Oracle WebLogic Server Work Manager that you want to use for the service endpoint.

For information about Work Managers, see:

Retry Count

The number of times to retry delivery of a message to the pipeline.

If an unhandled exception occurs in the request pipeline of a proxy service, the incoming WS transport message will be redelivered to the pipeline up to the number of times specified by the retry count. This value is important for reliably processing WS transport messages.

Retry Delay

The number of seconds the system pauses before retrying to send a message to the pipeline after an error.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.17 Operation Selection Configuration Page

The Create/Edit a Proxy Service - Operation Selection Configuration page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations." This page is displayed only if the service you are creating has operations.

Use this page to enforce WS-I compliance (for SOAP 1.1 services only) and select the selection algorithm to use to determine the operation called by this proxy service. This option is only available for SOAP or XML services defined from a WSDL.

The WSDL specification defines a default algorithm to compute which operation is called based on the type of the SOAP message received. However, there are cases (for example, performance issues, signature/encryption issues, or the default algorithm is not applicable) when you may need to select the operation based on other means.

Oracle Service Bus provides additional algorithms. Each of them follows the same pattern and are based on the evaluation of an expression to get a value that is then used to lookup the corresponding operation in a static table.

Oracle Service Bus is generally very forgiving if an inbound message is either missing data such that the operation cannot be determined, or has data that does not correspond to a valid operation. Both of these conditions result in $operation being empty. Rather than reject all such messages, Oracle Service Bus does not initialize the operation variable in the context but otherwise continues to process the message.

However, security requirements are enforced if the proxy service is WSDL-based and at least one of the following conditions is true:

  • The WSDL has a WS-Security policy and the proxy is an active intermediary.

  • The proxy has message-level custom authentication (either custom token or username/password).

If these conditions are met, then there is a runtime check to make sure the operation selection algorithm returns a valid operation name. If the operation selection returns null or an operation that is not in the WSDL, then the message is rejected and an error is raised.

Table 20-16 describes how to use the Create/Edit a Proxy Service - Operation Selection Configuration page.

Table 20-16 Create/Edit a Proxy Service - Operation Selection Configuration Page

Option To create or edit...

Enforce WS-I Compliance

For SOAP 1.1 services only:

Select this check box if you want to specify whether or not the service is to conform to the Basic Profile defined by the Web Services Interoperability Organization.

When a service is marked WS-I compliant, checks are performed against the messages sent to and from that service. For proxies, checks are performed against request messages received by the proxy. For invoked services (i.e. services invoked by a proxy via service callout action or route node), checks are performed against the response messages received from those services. Note that it is the WS-I compliance property of the invoked service and not the proxy that determines whether or not checks are performed against messages received from the invoked service. If you specify WS-I compliance testing for an invoked service, the message flow generates a fault for response errors.

Selection Algorithm

Select one of the following and perform any required additional steps:

  • Transport Header - Select this algorithm to define the transport header that contains the lookup value. Then:

    In the Header Name field, enter the transport header that extracts the value used as a key to select the operation being invoked.

    Under the Operation Mapping field, specify the value for each operation in the Value field. The value is used as the key of the operation.

  • SOAPAction Header - Select this algorithm to specify that operation mapping be done automatically from the WSDL associated with this proxy service.

  • WS-Addressing - Select this algorithm to specify that the lookup value is contained by the WS-Addressing Action tag located in the SOAP headers of the SOAP message. Then, under the Operation Mapping field, specify the value for each operation in the Value field. The value is used as the key of the operation.

  • SOAP Header - Select this algorithm to define an XPath expression to be evaluated against the SOAP headers. This allows you to get the lookup value. Then:

    In the XPath Expression field, specify the XPath expression that extracts the value used as a key to select the operation being invoked.

    Under the Operation Mapping field, specify the value for each operation in the Value field. The value is used as the key of the operation.

  • SOAP Body Type - This is the default algorithm defined by the WSDL specification to compute which operation is called based on the type of the SOAP message received.

    If the proxy service is configured for a Web Service security pass-through scenario with an encrypted body, you cannot select this algorithm. A similar caveat applies to pass-through encrypted SOAP headers.

    If you have a WSDL that has two operations with the same input message, do not select this algorithm for operations, because the operation cannot be uniquely identified by inspecting the input message.

  • Payload Type - Available only for XML services based on a WSDL port or WSDL binding.

Header Name

This option is available only when the Selection Algorithm option is set to Transport Header.

Enter the transport header that extracts the value used as a key to select the operation being invoked.

XPath Expression

This option is available only when the Selection Algorithm option is set to SOAPHeader.

Specify the XPath expression that extracts the value used as a key to select the operation being invoked.

Operation Mapping

This option is available only when the Selection Algorithm option is set to Transport Header, WS-Addressing, or SOAP Body Type.

Specify the value for each operation in the Value field. The value is used as the key of the operation.


After you finish

Click Next to continue configuring this service on the next page; or click Last to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.18 Message Handling Page

The Create/Edit a Proxy Service - Message Handling page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to specify whether the proxy service should stream message content, how the service is to decode request messages received and encode response messages sent, and whether the proxy service should stream MIME attachments instead of buffering the attachment contents in memory.

Using this page, you can enable the proxy service to stream message content rather than storing it in memory. You can also enable the proxy service to decode and parse inbound messages in MTOM/XOP format and to send responses using the MTOM/XOP format, when appropriate. SOAP Message Transmission Optimization Mechanism (MTOM) is a method of sending binary data to and from Web services. MTOM uses XML-binary Optimized Packaging (XOP) to transfer the binary data.

Using this page, you can also enable the proxy service to store MIME attachment content to a disk file and then process the data in a streaming fashion without buffering the attachment contents in memory. This enables the proxy service to process large attachments robustly and efficiently.

Table 20-17 describes how to use the Create/Edit a Proxy Service - Message Handling page.

Table 20-17 Create/Edit a Proxy Service - Message Handling Page

Option To create or edit...

Transaction Required

Select this option to ensure Oracle Service Bus executes the proxy service message flow in the context of a transaction. If a global transaction already exists, the transport provider propagates it in the request (even if you do not select this option). If no global transaction exists, the message flow run time starts a transaction. If the message flow run time starts a transaction, the transaction context begins before the service configuration is validated or run (for example, security checking or WS-I validation), and before message flow execution, ensuring that all processing and execution occurs in the transaction context.

If the message flow run time starts a transaction, quality of service is exactly-once. However, if Service Callouts or Publish actions have the outbound quality of service parameter set to best-effort (the default), Oracle Service Bus executes those actions outside of the transaction context. To have Oracle Service Bus execute those actions in the same request transaction context, set quality of service on those actions to exactly-once.

The service maintains its messaging pattern (synchronous, asynchronous, one-way) regardless of the setting on this option.

For transaction timeouts, the global transaction timeout value configured in the Oracle WebLogic Server Console applies.

Exceptions in Transactions

Oracle Service Bus invokes the system error handler for failed transactions. You cannot catch failed transaction exceptions in a user-configured error handler. For synchronous patterns, a transaction exception is returned through the response. For asynchronous patterns, where the transaction is designed to be committed in the request, the exception is sent back on the request thread.

Note that in asynchronous patterns, an error in the response that occurs after transaction committal in the request does not affect the transaction.

Same Transaction for Response

This option applies only to one-way and asynchronous messaging patterns.

If you select this option, Oracle Service Bus propagates the transaction context from the request thread to the response thread.

If you select this option, the message pattern becomes synchronous automatically, regardless of the initial message pattern setting (such as asynchronous or one-way).

You would not use this option, for example, if the business service in the request required a transaction committal before sending the response, such as in a one-way pattern.

For transaction timeouts, the global transaction timeout value configured in the Oracle WebLogic Server Console applies.

Content Streaming

Select this option to stream message content rather than store it in memory.

Select the Enabled check box and choose the following:

  • Whether to buffer the intermediate content in memory (Memory Buffer) or to a disk file (Disk Buffer)

  • Whether to enable Compression

For more information, see "Streaming body Content" in the Oracle Fusion Middleware Administrator's Guide for Oracle Service Bus.

XOP/MTOM Support

Oracle Service Bus supports XOP/MTOM using the following transports:

  • HTTP/S

  • Local

  • SB

Select the Enabled check box to enable the proxy service to decode and parse inbound messages in MTOM/XOP format and to send responses using the MTOM/XOP format, when appropriate. Note that this option is disabled for imported proxy services that are based on previous release configurations.

If XOP/MTOM Support is enabled, select how to handle binary data in the $header and $body message context variables from among the following options:

  • Include Binary Data by Reference: (Default) In an inbound request message, replace xop:Include elements with ctx:binary-content elements when setting up the $header and $body message context variables.

  • Include Binary Data by Value: In an inbound request message, replace xop:Include elements with Base64-encoded text versions of corresponding binary data when setting up the $header and $body message context variables.

Use Include Binary Data by Reference when you need direct access to binary data, for example to pass data to a Java callout or Message Format Language (MFL) transform.

Use Include Binary Data by Value in the following cases:

  • To bridge between MTOM and non-MTOM services. For example, consider an MTOM-enabled proxy service that receives a request that is then routed to a non-MTOM-enabled service. You could use this option to comply with existing standards for sending binary data in XML in Base64-encoded form.

  • To validate the contents of the message against an XML schema that requires a base64binary element to be used in place of binary data

Note that if XOP/MTOM Support is enabled for a proxy service, it is not required that every inbound message be in the MTOM format. Instead, this setting specifies that when an MTOM-formatted message arrives, the proxy service should handle it accordingly. Note also that when proxy services not enabled for XOP/MTOM Support receive an MTOM-formatted message, the service rejects the message and issues a runtime error.

Attachments

Oracle Service Bus supports streaming MIME attachments using the following transports:

  • HTTP/S

  • Local (when chained through an HTTP proxy with streaming attachments enabled)

Select the Page Attachments to Disk check box to enable the proxy service to stream MIME attachments. When enabled for HTTP proxy services, the option applies to proxy service inbound request messages.

Note that if you select XOP/MTOM Support, the Attachments option is only available if you choose the Include Binary Data by Reference option under XOP/MTOM Support. Note also that payloads that contain attachments must conform to RFC 822. Specifically, lines containing Internet headers need to be terminated with CRLF (carriage return line feed).


After you finish

Click Next to review and save this configuration on the Create/Edit a Proxy Service-Summary page.

20.2.19 Summary Page

The Create/Edit a Proxy Service - Summary page is one in a series of pages for creating and editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to view or modify the configuration settings for a proxy service before saving it.

To view or modify settings, click Edit in the row of the appropriate category (for example, General Configuration, Transport Configuration, etc.). The pages you can edit depend on what pages you configured when creating the proxy service. The following list shows all pages:

20.3 Exporting a WSDL Associated with a Proxy Service

You can export the WSDL of a WSDL-based proxy service, so you can view or modify the WSDL in an external tool such as an IDE. The WSDL is exported as a JAR file.

Note that this is different than the Export Resources functionality in the System Administration module, which you use to move and stage resources between two domains. See Section 29.2, "Exporting Resources."

Before you begin

You can only export a WSDL when you are outside a session. See Section 3.1, "Using the Change Center."

To export a WSDL

  1. Do either of the following:

    • Select Resource Browser > Proxy Services to display the Summary of Proxy Services page.

    • Select Project Explorer, then select the project or folder containing the proxy service you want to export as a WSDL. The Project/Folder View page is displayed.

  2. Click the Export WSDL icon in the row of the proxy service whose WSDL you want to export. A dialog box prompts you to open or save the exported JAR file.

  3. In the dialog box, click Open to open the file, or click Save to save it.

20.4 Locating Proxy Services

To locate proxy services:

  1. Do either of the following:

    • Select Project Explorer to display the Projects View page or the Project/Folder View page. Then navigate through projects and folders to find the proxy service.

    • Select Resource Browser > Proxy Services. The Summary of Proxy Services page displays the information shown in Table 20-18. For a more detailed description of the properties, see Section 20.5, "Editing Proxy Service Configurations."

  2. To restrict the number of items in the list, you can filter by name, path, or both. In the Name and Path fields, under Search, enter the name and/or path of the target(s), then click the Search button.

    The path is the project name and the name of the folder in which the proxy service resides.

    Wildcard characters * and ? are allowed. Search is case-sensitive.

    Click View All to display all proxy services in the domain. This clears the search parameters from the previous search.

Table 20-18 Summary of Proxy Services Page

Property Description

Name

A unique name for the proxy service. Click the name to display the View a Proxy Service - Configuration Details page.

See Section 20.5, "Editing Proxy Service Configurations."

Path

The path is the project name and the name of the folder in which the proxy service resides, for example, UDDI/Proxies/OSB_services.

Click the path of a proxy service to display the Project/Folder View page that contains it.

Actions

Do any of the following:

  • Click the Edit Message Flow icon to edit the message flow of the proxy service. See Section 21.1, "Viewing and Editing Message Flows."

  • Click the Launch Test Console icon to invoke the Test Console, which you use to validate and test the design of your services and transformations. For business services, you can only use the Test Console at run time; that is, when the session is activated. For transformations, you can use the Test Console whether you are inside or outside a session. See Section 33.1, "Testing Services" and Section 33.2, "Testing Transformations."

  • The Export WSDL icon is displayed for WSDL-based business services. Click this icon to export a WSDL, which you can then view or modify in an external tools such as an IDE.

    Note that this is different than the Export Resources functionality in the System Administration module, which you use to move and stage resources between two domains. See Section 4.28, "Exporting a WSDL."

Options

Click the Delete icon to delete the service. A Deletion Warning icon is displayed when other resources reference this resource. You can delete the resource with a warning confirmation. This might result in conflicts due to unresolved references to the deleted resource. For more information, see Section 20.6, "Deleting Proxy Services."


20.5 Editing Proxy Service Configurations

This section describes how to edit proxy service configurations.

  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Section 3.1, "Using the Change Center."

  2. Locate the proxy service you want to view or edit. See Section 20.4, "Locating Proxy Services."

  3. Click the proxy service name. The View a Proxy Service - Configuration Details page displays configuration information for the selected proxy service.

  4. To view or modify settings, do either of the following:

    • Click the Edit icon next to the name of the category whose properties you want to view or edit (for example, General Configuration, Transport Configuration, etc.). The pages you can edit depend on what pages you configured when creating the proxy service.

      For a list of all those pages, see Section 20.5.1, "View a Proxy Service - Configuration Details Page."

    • Click Edit at the bottom of the page to display the Create/Edit a Proxy Service-General Configuration page, which is the first page in the sequence of pages for configuring this proxy service.

  5. Continue to view or edit, as described in Section 20.1, "Creating and Configuring Proxy Services."

  6. On the Create/Edit a Proxy Service-Summary page, click Save to commit the updates in the current session.

  7. To end the session and deploy the configuration to the run time, click Activate under Change Center.

20.5.1 View a Proxy Service - Configuration Details Page

The View Proxy Service - Configuration Details page displays the configuration details of a proxy service. Table 20-19 describes all the properties that can appear on this page. (Properties vary depending on the details of the proxy service.)

The categories listed on this page correspond to the Create/Edit a Proxy Service pages used for creating and editing proxy service configurations, as described in Section 20.2, "Create/Edit a Proxy Service - Page Reference."

Click the Edit link next to any category name to display the associated configuration page.

Table 20-19 View a Proxy Service: Configuration Details Page

Properties Description

Last Modified By

The user who created this proxy service or imported it into the configuration.

Last Modified On

The date and time that the user created this proxy service or imported it into the configuration. Click the date and time link to view the change history of this resource. See Section 4.23, "View Change History Page."

References

The number of objects that this proxy service references. If such references exist, click the numeric link to view a list of the objects.

Referenced by

The number of objects that reference this proxy service. If such references exist, click the numeric link to view a list of the objects.

Description

A description of this proxy service, if one exists.

General Configuration

Shows properties configured on the Section 20.2.1, "General Configuration Page."

Message Type Configuration

Shows properties configured on the Section 20.2.2, "Message Type Configuration Page."

Transport Configuration

Shows properties configured on the Section 20.2.3, "Transport Configuration Page."

E-Mail Transport Configuration

Shows properties configured on the Section 20.2.5, "E-Mail Transport Configuration Page."

File Transport Configuration

Shows properties configured on the Section 20.2.6, "File Transport Configuration Page."

FTP Transport Configuration

Shows properties configured on the Section 20.2.7, "FTP Transport Configuration Page."

HTTP Transport Configuration

Shows properties configured on the Section 20.2.8, "HTTP Transport Configuration Page."

JCA Transport Configuration

Shows properties configured on the Section 20.2.9, "JCA Transport Configuration Page."

JMS Transport Configuration

Shows properties configured on the Section 20.2.11, "JMS Transport Configuration Page."

MQ Transport Configuration

Shows properties configured on the Section 20.2.12, "MQ Transport Configuration Page."

SB Transport Configuration

Shows properties configured on the Section 20.2.13, "SB Transport Configuration Page."

SFTP Transport Configuration

Shows properties configured on the Section 20.2.14, "SFTP Transport Configuration Page."

Tuxedo Transport Configuration

Shows properties configured on the Section 20.2.15, "Tuxedo Transport Configuration Page."

WS Transport Configuration

Shows properties configured on the Section 20.2.16, "WS Transport Configuration Page."

Message Level Security Configuration

Shows properties configured on the Section 20.5.3, "Proxy Service Security Page."

Operation Selection Configuration

Shows properties configured on the Section 20.2.17, "Operation Selection Configuration Page."

Message Handling Configuration

Shows properties configured on the Section 20.2.18, "Message Handling Page."


20.5.2 Proxy Service Policy Page

The View a Proxy Service - Policies page is one in a series of pages for editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure policy settings for a WSDL-based or Any SOAP proxy service. Table 20-20 describes how to use the page.

For WSDL-based services, WLS 9.2 policies bound to the service are exposed (inlined) in the effective WSDL. Abstract policies are pre-processed before they are inlined. OWSM policies are bound by reference, not inlined in the effective WSDL.

Table 20-20 Proxy Service - Policy Page

Option To edit...

Service Policy Configuration

Following are the options in the Service Policy Configuration field:

  • From OWSM Policy Store – Policies are defined in the central Oracle Web Services Manager Policy Store managed by Oracle Enterprise Manager. These policies support WS-Security 1.0/1.1, SAML 1.1/2.0, KerberosToken Profile, and other industry standards.

    Use filtering if necessary to locate the policies you want. For proxy services, only service policies are displayed.

    For more information, see "Securing Oracle Service Bus with Oracle Web Services Manager" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

  • From WSDL – Select this option if the service policy is associated with the WSDL upon which the service is based. These policies support WS-Security 1.0, SAML 1.1, and other industry standards.

    With this option you can view (read-only) request and response policies from the WSDL.

  • From Pre-defined Policy or WS-Policy Resource, in which you add service-level policies, operation-level policies (in which case the policy applies to both the request and response messages), request policies, and response policies from the Administration Console.

    Policies are either pre-defined in Oracle WebLogic Server or user-defined in Oracle Service Bus with a WS-Policy resource. These policies support WS-Security 1.0, SAML 1.1, and other industry standards.

    With this option you can add policies at the service, operation, request, and response levels.

Note: The policy binding models are mutually exclusive. You must use only one type of policy in a service. If you bind policies directly to the service, all WSDL-based policies are ignored.


After you finish

Click Update to save this configuration; or click Reset to undo your changes.

20.5.3 Proxy Service Security Page

The View a Proxy Service - Security page is one in a series of pages for editing proxy services, as described in Section 20.1, "Creating and Configuring Proxy Services" and Section 20.5, "Editing Proxy Service Configurations."

Use this page to configure security settings for a proxy service.

The fields available on this page depend on the use of policies in the proxy service. For example, if the proxy service use OWSM policies (recommended), Policy Overrides appear on the Security page. For more information, see "Securing Oracle Service Bus with Oracle Web Services Manager" in the Oracle Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

For WLS 9.2 policies, the configuration for both custom user name/password and custom token is similar. In both cases, you specify XPath expressions that enable Oracle Service Bus to locate the necessary information. The root of these XPath expressions is as follows:

  • Use soap-env:Envelope/soap-env:Header if the service binding is AnySOAP or WSDL-SOAP.

  • Use soap-env:Body if the service binding is not SOAP based.

All XPath expressions must be in a valid XPath format. The XPath expressions must use the XPath "declare namespace" syntax to declare any namespaces used, as follows:

declare namespace
ns='http://webservices.mycompany.com/MyExampleService';)

Table 20-21 describes the View a Proxy Service - Security Configuration page.

Table 20-21 View a Proxy Service - Security Configuration Page

Option To edit...

Service Key Provider

If needed, enter the path (project/folder) and name of a service key provider, or click Browse to select one from the Select Service Key Provider page.

For more information, see Chapter 18, "Service Key Providers." To learn how to create a service key provider, see Section 18.2, "Adding Service Key Providers."

Policy Overrides

For OWSM policies, provide any desired overrides that are allowed.

For more information, see Table 20-20 and "Securing Oracle Service Bus with Oracle Web Services Manager" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Process WS-Security Header

If a client request includes a WS-Security security header, decide whether or not to process this header:

  • Select Yes: In an active intermediary scenario, the client applies WS-Security to the request and/or response messages. The proxy service processes the security header and enforces the WS-Security policy.

    This option is automatically set to Yes when a proxy service is based on a WSDL that has a security policy or when you attach a policy to the service on the Service Policy Configuration page.

  • Select No: In a WS-Security pass-through scenario, the client applies WS-Security to the request and/or response messages. The proxy service does not process the security header. Instead, it passes the secured request message untouched to a business service.

Transport Access Control

For all proxy services, you can create a transport-level policy, which applies a security check when a client attempts to establish a connection with the proxy service. Only requests from users who are listed in the transport-level policy are allowed to proceed.

Message Access Control

A message-level access control policy applies a security check when a client attempts to invoke a proxy service with message-level security. You can create a message-level access control policy in the following cases:

  • For proxy services that are active Web Service security intermediaries; that is, you process the WS-Security header.

  • For proxy services for which you set custom authentication on this page.

Only users who are listed in the message-level policy are allowed to invoke the operation.

Authentication Type

Select one of the following:

  • Select None if the proxy service will not use custom authentication.

  • Custom User Name and Password

    When you select this option, you must also enter values in the User Name XPath field and the User Password XPath field.

  • Custom Token

    When you select this option, you must also select a Token Type and enter values for the Token XPath field.

User Name XPath

This option is available only when the Custom Authentication Settings option is set to Custom User Name and Password. When available, this option is required.

Enter the user name as an XPath expression.

The XPath expression is evaluated against the message headers or payload, as appropriate, which allows Oracle Service Bus to obtain the user name and for custom authentication.

User Password XPath

This option is available only when the Custom Authentication Settings option is set to Custom User Name and Password. When available, this option is required.

Enter the password as an XPath expression.

The XPath expression is evaluated against the message headers or payload, as appropriate, which allows Oracle Service Bus to obtain the password values for custom authentication.

Token Type

This option is available only when the Custom Authentication Settings option is set to Custom Token. When available, this option is required.

Select the token type from the list. Only the active token types configured for a WebLogic Server Identity Assertion provider are available. See "Configuring Identity Assertion Providers for Custom Tokens" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Token XPath

This option is available only when the Custom Authentication Settings option is set to Custom Token. When available, this option is required.

Enter an XPath expression to specify a path to the custom token. Oracle Service Bus evaluates the Token XPath expression against the message headers or payload, as appropriate, to obtain the token for custom authentication.

Context Properties

Optionally, specify one or more context properties to pass additional context information to the Authentication (Custom User Name and Password) or Identity Assertion (Custom Token) security provider.

Context Properties provide a way (the ContextHandler interface) to pass additional information to the WebLogic Security Framework so that a security provider can obtain contextual information. See "Context Properties Are Passed to Security Providers" in the Oracle Fusion Middleware Developer's Guide for Oracle Service Bus.

Enter the Property Name as a literal string, and the Value Selector as a valid XPath expression. (XPath expressions can also be literal strings.)

The XPath expressions are evaluated against the same message-part that is used for the custom token or custom user name/password. That is, the Value Selector XPath expressions for SOAP-based proxy services evaluate against the header and against the payload for non-SOAP-based proxy services.

The XPath expression is evaluated at runtime to produce the property's value. A ContextHandler is essentially a name/value list and, as such, it requires that a security provider know what names to look for. Therefore, the XPath expressions are evaluated only if a security provider asks for the value of one of these user-defined properties.

Click Add Property to add this context property. You can add multiple context properties.


After you finish

Click Update to save this configuration; or click Reset to undo your changes.

20.6 Deleting Proxy Services

Deleting a proxy service deletes all of the ACLs referenced by the proxy from the repository controlled by Oracle Service Bus, as well as from the appropriate authorization provider.

  1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Section 3.1, "Using the Change Center."

  2. Select Resource Browser > Proxy Services to display the Summary of Proxy Services page.

  3. Click the Delete icon in the row of the of the proxy service you want to delete. The proxy service is deleted in the current session. A Deletion Warning icon is displayed when other resources reference this resource. You can delete the resource with a warning confirmation. This might result in conflicts due to unresolved references to the deleted resource.

  4. To end the session and deploy the configuration to the run time, click Activate under Change Center.