1. Security Practices Guide
  2. Installation
  3. Secure the Application Web-Interface
  4. Web Services Based Synchronous Deployment Pattern

4.4.3 Web Services Based Synchronous Deployment Pattern

The web services deployment pattern will be used in integration scenarios where the external system connecting to OFSLL wants to connect using standards-based, inter-operable web services. In this deployment pattern, the external system will use the SOAP (Simple Object Access Protocol) messages to communicate to the OFSLL web services.
The OFSLL services are of a message based services, i.e., the actual request will be in the form of an XML message, but the request will be a payload within the SOAP message. After the necessary processing is done in OFSLL based on the request, the response is returned to the external system as an XML message which will be a payload within the response SOAP message. The transaction control for the processing will stay with the OFSLL.
After deploying the Web Services, one must configure Weblogic Policy and SSL communication on Web Services.

Follow the steps below to configure:

  1. Login to WebLogic application server console (http://hostname:port/console)
  2. Select one of the deployed webservice. The WSDL of the webservice will be accessible on http before applying WS-Policy.
  3. Browse to Configuration WS-Policy and select the policy (say Wssp1.2-Https- UsernameToken-Plain.xml) and save the Deployment Plan.
  4. For SSL communication, the vendor servers seek public certificates. Hence, one needs to download the certificates from vendor website and import into your java keystore. You then need to configure Weblogic to present the certificates to vendor servers for successful handshake. Import the downloaded certificates into keystore.
  5. Select the weblogic Keystores as Custom Identity and Custom trust from the available list and configure the following:
    • Custom Identity Keystore: Java keystore holding the certificates
    • Custom Trust Keystore: Java keystore holding the certificates
    • Custom Identity Keystore Type: jks
    • Custom Trust Keystore Type: jks
    • %Keystore Passpharses: keystore password

Parent topic: Secure the Application Web-Interface