Inbound SOAP Web Services

For inbound SOAP web services, by default the system uses the Schema Name to dictate the Request and Response for the service. The API can be overridden with custom formats by specifying Request and Response XSLs to transform into the relevant schema formats. In addition, if desired, the Request and Response Schemas that document the expected message may be provided.

Note: The Request and Response Schema fields are not supported in a cloud implementation.
Note: The system supports defining the XSLs as a managed content record. For backward compatibility, the system supports defining the XSL as a file in the file system. This is a system wide setting, defined using a feature configuration option. The feature type is External Messages and the option type is XSL Location. Set the value to F1FL to support XSL in the file system. The file location is configured using a system property. To support the XSL in managed content, no option is needed as this is the default. You may explicitly define the value of F1MC if desired.

In addition, note that for business object based operations, when invoking the web service an action is required. This may be passed into the web service as part of the invocation or alternatively, the action may be defined when configuring the operation using the transaction type.

Note: Using the transaction type Change requires all values to be passed in. Using the transaction type Update allows the web service to pass only the primary key and the values to be updated. All other elements will retain their existing values.

Annotations Used for Security

When preparing to deploy inbound SOAP web services, the security aspects of the service must be decided. The product provides a default security policy that is applied when no other policy is defined: @Policy(uri=”policy:Wssp1.2-2007-Https-BasicAuth.xml”, attachToWsdl=true) which requires HTTP Basic over SSL and a WS-Security Timestamp.

If a different security policy is desired, the following options are available:

  • Security policies may be attached to the Inbound Web Service via the Java Enterprise Edition (Java EE) Web Application Server. This allows for multiple policies to be attached as supported by the Java EE Web Application Server. In order to enable this capability, explicit system configuration is required so that the product does not assume the default security policy. See the subsequent bullets for more information.

  • Define a system wide security policy using a feature configuration option. Find the Feature Configuration record for the External Messages feature type. (It may need to be defined if it does not exist). Choose the option type Default security policy and define an appropriate value. If your implementation wishes for the policies to be attached at the Java EE Web Application Server, define this option type with an option value of <none>.

  • Attach a security policy to the IWS via a Web Service Annotation. The base product provides annotation types that support the standard WS-Policy (F1POLICY) and OWSM Security Policy (F1-OWSM). No base annotation is supplied by the product for either annotation type.

    If your implementation wishes for the policy of a particular IWS to be attached at the Java EE Web Application Server, define a special annotation for the F1POLICY annotation type and configure the uri parameter value to <none>.

Note: Refer to WebLogic documentation for more information on supported security policies.
Note: In order to use the OWSM Policy, additional system configuration is necessary. Contact your system administrator to confirm if your implementation supports OWSM.

Inbound SOAP Web Service Deployment

A Inbound SOAP Web Service must be deployed to the Java EE Web Application Server in order for it to be available to the Web Service Clients to access the system. Refer to Deploying SOAP Web Services for more information.