Identity Propagation Mode Setting Through Properties

If properties are used, then populate the property CONNECTION_PROPERTY.SOAP_IDENTITY_PROPAGATION with the value saml.

  • Dynamic SAML token propagation mode

    The SAML token policy is provided dynamically (the default). The property shown in the code sample below is optional. If the identity propagation mode is set, you run by default in dynamic mode.

    properties.put(IWorkflowServiceClientConstants.CONNECTION_PROPERTY.SOAP_
    IDENTITY_PROPAGATION_MODE , "dynamic");
    

By default, SAML-token constructs dynamic policy based on the following security policy URI: oracle/wss10_saml_token_client_policy. Logging is not used. To overwrite the default policy URI, the client can add the code shown below:

properties.put(CONNECTION_PROPERTY.SECURITY_POLICY_URI     "oracle/wss10_saml_
token_client_policy");
properties.put(CONNECTION_PROPERTY.MANAGEMENT_POLICY_URI , "oracle/log_policy");

The code sample below shows the SAML token dynamic client:

Map<CONNECTION_PROPERTY,String> properties = new HashMap<ONNECTION_
PROPERTY,String>();
properties.put(CONNECTION_PROPERTY.SOAP_IDENTITY_PROPAGATION , "saml");
properties.put(CONNECTION_PROPERTY.SOAP_END_POINT_ROOT,
 "http://myhost.us.example.com:7001");
properties.put(ONNECTION_PROPERTY.SECURITY_POLICY_URI, "oracle/wss10_saml_token_
client_policy"); //optional
properties.put(CONNECTION_PROPERTY.MANAGEMENT_POLICY_URI , "oracle/log_policy");
  //optional
IWorkflowServiceClient client =
                            WorkflowServiceClientFactory.getWorkflowServiceClient(
                            WorkflowServiceClientFactory.SOAP_CLIENT,
properties, null);

The client reference to the policy URI must match the server policy URI. Otherwise, SAML token propagation fails.