Identity Propagation Mode Setting Through Properties
If properties are used, then populate the property CONNECTION_PROPERTY.SOAP_IDENTITY_PROPAGATION
with the value saml
.
-
Dynamic SAML token propagation mode
The SAML token policy is provided dynamically (the default). The property shown in the code sample below is optional. If the identity propagation mode is set, you run by default in dynamic mode.
properties.put(IWorkflowServiceClientConstants.CONNECTION_PROPERTY.SOAP_ IDENTITY_PROPAGATION_MODE , "dynamic");
By default, SAML-token constructs dynamic policy based on the following security policy URI: oracle/wss10_saml_token_client_policy
. Logging is not used. To overwrite the default policy URI, the client can add the code shown below:
properties.put(CONNECTION_PROPERTY.SECURITY_POLICY_URI "oracle/wss10_saml_ token_client_policy"); properties.put(CONNECTION_PROPERTY.MANAGEMENT_POLICY_URI , "oracle/log_policy");
The code sample below shows the SAML token dynamic client:
Map<CONNECTION_PROPERTY,String> properties = new HashMap<ONNECTION_ PROPERTY,String>(); properties.put(CONNECTION_PROPERTY.SOAP_IDENTITY_PROPAGATION , "saml"); properties.put(CONNECTION_PROPERTY.SOAP_END_POINT_ROOT, "http://myhost.us.example.com:7001"); properties.put(ONNECTION_PROPERTY.SECURITY_POLICY_URI, "oracle/wss10_saml_token_ client_policy"); //optional properties.put(CONNECTION_PROPERTY.MANAGEMENT_POLICY_URI , "oracle/log_policy"); //optional IWorkflowServiceClient client = WorkflowServiceClientFactory.getWorkflowServiceClient( WorkflowServiceClientFactory.SOAP_CLIENT, properties, null);
The client reference to the policy URI must match the server policy URI. Otherwise, SAML token propagation fails.