Server side policies
1. oracle/aia_wss_saml_or_username_or_http_token_service_policy_OPT_ON
If service is configured with this policy, then client needs to provide one of three security measures:
- SAML
- WSSE Username Token
- HTTP basic authentication
2. oracle/aia_wss_saml_or_username_token_service_policy_OPT_ON
If service is configured with this policy, then client needs to provide one of the two security measures:
- SAML
- WSSE Username Token
Client Side Policies
oracle/aia_wss10_saml_token_client_policy_OPT_ON
This is client side policy and it can be configured for any web service or composite which is protected via AIA server side policies.
Testing Service Side Policies using SOAP UI (or any other WS testing client)
1. oracle/aia_wss_saml_or_username_or_http_token_service_policy_OPT_ON
- WSSE Username Token
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:sam="http://xmlns.oracle.com/SAMLProject/SAMLProcess2/SAMLBPELProcess2">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*******</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sam:process>
<sam:input>asdf</sam:input>
</sam:process>
</soapenv:Body>
</soapenv:Envelope>
- HTTP basic authentication
2. oracle/aia_wss_saml_or_username_token_service_policy_OPT_ON
- WSSE Username Token
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:sam="http://xmlns.oracle.com/SAMLProject/SAMLProcess2/SAMLBPELProcess2">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*******</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<sam:process>
<sam:input>asdf</sam:input>
</sam:process>
</soapenv:Body>
</soapenv:Envelope>