Copyright © 2013, 2015, Oracle and/or its affiliates. All rights reserved.
This graphic shows the JCA Adapter PII use case. At the service side (JCA binding), the pii_security_policy encrypts PII after receiving a request and decrypts PII before sending out a response. The PII remains encrypted as the message flows to various components of the composite. At the client side (JCA binding (reference)), the pii_security_policy decrypts PII before sennding out a request and encrypts PII after receiving a response.