Inbound SOAP Web Services
For inbound SOAP web services, by default the system uses the Schema Name to dictate the Request and Response for the service. The API can be overridden with custom formats by specifying Request and Response XSLs to transform into the relevant schema formats. In addition, if desired, the Request and Response Schemas that document the expected message may be provided.
In addition, note that for business object based operations, when invoking the web service an action is required. This may be passed into the web service as part of the invocation or alternatively, the action may be defined when configuring the operation using the transaction type.
Annotations Used for Security
When preparing to deploy inbound SOAP web services, the security aspects of the service must be decided. The product provides a default security policy that is applied when no other policy is defined: @Policy(uri=”policy:Wssp1.2-2007-Https-BasicAuth.xml”, attachToWsdl=true) which requires HTTP Basic over SSL and a WS-Security Timestamp.
If a different security policy is desired, the following options are available:
-
Security policies may be attached to the Inbound Web Service via the Java Enterprise Edition (Java EE) Web Application Server. This allows for multiple policies to be attached as supported by the Java EE Web Application Server. In order to enable this capability, explicit system configuration is required so that the product does not assume the default security policy. See the subsequent bullets for more information.
-
Define a system wide security policy using a feature configuration option. Find the Feature Configuration record for the External Messages feature type. (It may need to be defined if it does not exist). Choose the option type Default security policy and define an appropriate value. If your implementation wishes for the policies to be attached at the Java EE Web Application Server, define this option type with an option value of <none>.
-
Attach a security policy to the IWS via a Web Service Annotation. The base product provides annotation types that support the standard WS-Policy (F1POLICY) and OWSM Security Policy (F1-OWSM). No base annotation is supplied by the product for either annotation type.
If your implementation wishes for the policy of a particular IWS to be attached at the Java EE Web Application Server, define a special annotation for the F1POLICY annotation type and configure the uri parameter value to <none>.
Inbound SOAP Web Service Deployment
A Inbound SOAP Web Service must be deployed to the Java EE Web Application Server in order for it to be available to the Web Service Clients to access the system. Refer to Deploying SOAP Web Services for more information.