Federated Outbound Messages

Note: The Authorization Server setup and Client Setup are identical to the configuration of Inbound Web Services. Refer to Process Flow for initial setup instructions.

Outbound Messages allows product transactions to send information out of the product via technology connectors in synchronous and asynchronous modes.

Overview

As with the Inbound Web Services the architecture of the Federated security involves issuing a token from an authorized user from the Authorization Server to the External System:

• An Outbound Message is created by the business process of a certain type and with the relevant payload.

• An External System definition with the product decides how this information is sent to the External System (the technology and mode).

• A Message Sender is configured to use the relevant policy in its context parameters to send to the external system. The policies supported are configured on an Extended Lookup to filter the policies available.

• When sending the information out, the Authorization Server issues a token to an authorized transaction to use in the transaction to the external system.

• Trust is established between the Authorization Server and Resource Server for the external system to accept valid transactions. This certificate must be exported from the Authorization Server and imported into the technology used by the Resource Server.

• For example:

OAuth Policies

To use this facility the following policies are recommended for use from Oracle Web Service Manager and the product:

• oracle/oauth2_config_client_policy

• oracle/http_oauth2_token_client_policy

These two policies are compatible with the oracle/multi_token_rest_service_policy used for Inbound Web Services (REST and SOAP).

Extendable Lookup Configuration

Note: These values are shipped with the product meta data and the policy configuration values set for the policy used should refer to the Oracle Web Services Manager documentation for a description of the valid values.

The following Extended Lookups are provided to be used:

Extended Lookup	Recommendations
F1-ValidPolicies	Two policies exist (F1-OWSM-CLIENT and F1-OWSM-TOKEN). These are delivered with the parameter settings.
F1-SetOfPolicies	This Extended Lookup is altered to set the parameter values for the valid policies above as a Policy Set. An extended lookup value is recommended to be added for each external system interfaced.

The following recommendations apply to the configuration of the above policies:

• For any CSF key parameters, the keys need to be added to the CSF as outlined in the Setup Oracle Web Service Manager Client.

• The URI parameters may be hardcoded or use substitution variables as outlined in the Server Administration Guide. If substitution variables are used, they should be configured in the substitutionVariable.xml configuration file. For example:

<name>F1_TOKEN_URI</name>

<value>http://<server>:<port>/ms_oauth/oauth2/endpoints/oauthservice/tokens</value>

</uriVariable>

• Additional parameters may be set according the documentation for the Client and Token.

Message Sender Configuration

The final step in the configuration of the use of federation for Outbound Messages is to configure the context of the Message Sender to use the Policy Set that was configured in the earlier step. To use the federation the following content types must be set:

Context Type	Recommendations
Sender Security Type	This must be set to OWSM.
OWSM Policy Set	Set to the Policy Set configured (e.g. F1-OAUTH)