Search only in titles

---

Applying the New Policy

Appendix > Configuring SAML Web Service Clients for Identity Switching without Message Protection

1. Before applying the new policy, you need to import into JDeveloper. Copy the new custom policy to your JDev store directory (either use the attached policy from this document or export your custom policy from EM). The location of the store could appear as follows:

   USER_HOME\AppData\Roaming\JDeveloper\system11.1.1.4.37.59.23\DefaultDomain\oracle\store\gmds\owsm\policies

2. Apply this new client policy to your service reference in your composite app via EM.

With this policy in place you can leverage the javax.xml.ws.security.auth.username inbound service property. If you are hardcoding, set the value without quotes. The value is set to jcooper; however, you can also extract the username from the payload of execData variable.

You do not have to import the policy to JDev, you can deploy the composite without a client-side policy, and then set the client policy through EM.

EM has a feature for setting the client-side policies that shows you compatible client-side policies based on the service you are calling.

References

http://download.oracle.com/docs/cd/E17904_01/web.1111/b32511/setup_config.htm#WSSEC3585

Related Topics

Configuring SAML Web Service Clients for Identity Switching without Message Protection

Message Protection Policy

Setting the WSIdentityPermission

Creating the basic.credentials Key

Configuring a Keystore if One Is Not Configured

---

Last Published Tuesday, November 28, 2023