Set Up a Security Policy on WebCenter Content Server
Oracle Content and Experience Cloud communicates with WebCenter Content Server using the JAX-WS communication channel. Use the OWSM policies to secure the JAX-WS endpoints.
Use the oracle/wss_username_token_over_ssl_service_policy
server-side policy. For client communication with the WebCenter Content Server instance, the user needs to enter both a user name and password. If these values are incorrect, then the handshake with the WebCenter Content Server will not be established.
Check the prerequisites before setting up the security policy:
-
First check if any OWSM policy is attached to JAX-WS.
Access your Oracle Content and Experience Cloud wsdl at
ucm-instance/ /idcnativews/IdcWebLoginPort?WSDL
. You should see the policywsp:PolicyReference
field in the wsdl.
Description of the illustration security_policy_prerequisites.png -
If the attached policy is
oracle/wss_username_token_over_ssl_service_policy
, then you can ignore the following configurations. -
If the attached policy is a different one, you need to detach that policy and then attach the policy
oracle/wss_username_token_over_ssl_service_policy
. -
If no policy is attached, then you to attach the policy
oracle/wss_username_token_over_ssl_service_policy
.
Take the following steps to configure the server-side policy: