Add WSM policy to authenticate using BasicAuth when calling an external reference in SOA 12c
If you're developing a composite in Oracle SOA Suite 12c (12.2.1.3+), you may need to call an external reference using the SOAP or REST adapters. If these external services require HTTP Basic Authentication (BA), then you will need to attach an OWSM policy to your external reference.
Add WS-Security Policy
- In Oracle JDeveloper, right-click on your external reference, and click on Configure SOA WS Policies....
2. Click + and select the policy oracle/wss_http_token_client_policy.
*Note: The steps here describe how to attach a policy during design time (i.e., development), but you can also add them during runtime through the EM console.
Add the Credentials
- Login to the EM console.
- Click on the menu icon on the top-left.
- Expand WebLogic Domain.
- Click on your domain name (e.g., soadomain).
- Navigate to WebLogic Domain --> Security --> Credentials.
- If you don't find a credential entry for
oracle.wsm.security
, then click on Create Map and manually add it. - Click on the row
oracle.wsm.security
, then click Create Key.
8. Here, add the username and password of your target external reference.
Now, when your SOA composite is instantiated and it makes the invocation to the external web service, it will automatically pass the credentials.
Here is an example of an error you could get if the credential key is not created:
{"RestFaultElement": {
"summary": "oracle.fabric.common.FabricInvocationException: javax.ws.rs.ProcessingException: java.io.IOException: oracle.wsm.common.sdk.WSMException: WSM-00054 : The password credentials cannot be obtained from the Credential Store Framework (CSF). Unable to retrieve the csfKey \"basic.credentials\". The csf map \"oracle.wsm.security\" found in the credential store is being used and the following keys are found in this map :- ",
"code": "null",
"detail": "oracle.wsm.security.SecurityException: WSM-00054 : The password credentials cannot be obtained from the Credential Store Framework (CSF). Unable to retrieve the csfKey \"basic.credentials\". The csf map \"oracle.wsm.security\" found in the credential store is being used and the following keys are found in this map :- "
}}