1. Developing SOA Applications with Oracle SOA Suite
  2. Using Binding Components
  3. Integrating REST Operations in SOA Composite Applications
  4. Creating REST Support in Service and Reference Binding Components
  5. How to Invoke OAuth-Protected Oracle Integration REST Endpoints from SOA Composite Applications
  6. Import SSL Certificates of Oracle Identity Cloud Service and Oracle Integration

Import SSL Certificates of Oracle Identity Cloud Service and Oracle Integration

  1. Open the HTTPS URL of the Oracle Integration Cloud instance.
  2. Click the padlock icon to the left of the URL.
  3. Under Secure Connection, select More Information.
  4. Go to the Security tab and click View Certificates.
  5. In Certificate Viewer dialog, click the Details tab and select each certificate, such as PEM, Secure Server CA and Root CA.
  6. Click Export and save the certificates.
  7. Import the Oracle Identity and Oracle Integration certificates to the configured SOA trust store of the environment. After importing the certificates, restart the SOA server to see the changes take effect.

    Note:

    • Perform the above step only if you use self-signed certificates and the trust store in the Oracle SOA Suite instance does not already contain the self-signed certificates.
    • To import the certificates to the configured SOA trust store, refer to the keytool commands in Import Certificates of External Web Services with HTTPS in Oracle SOA Suite.
    • The configured SOA trust store might differ based on the environment.
  8. Create credential keys. The credential keys are used in the owsm policies that are attached to the REST reference in the SOA composite application.
    1. Sign in to the Oracle Enterprise Manager Fusion Middleware Control instance: http://administration_server_host:administration_server_port/em
      The default Administration Server port number is 7001.

      Note:

      The sign in credentials might differ based on the environment. For example, secure mode.
    2. In the content pane, select WebLogic Domain, then Security, and then Credentials.
      Description of credentials-png.png follows
      Description of the illustration credentials-png.png

    3. Click Create Key.
      Description of create_key-png.png follows
      Description of the illustration create_key-png.png

      Enter the username and password of your Oracle Identity Cloud Service application. See Get Oracle Integration Cloud Instance Details.

      You have now created two credential keys: oic.user and idcs.client.secret.

  9. In Oracle JDeveloper, attach the following policies to the REST reference. See About Attaching Policies to Web Services and Clients Using Fusion Middleware Control.
    • oracle/http_oauth2_token_with_resource_owner_creds_over_ssl_client_policy
    • oracle/oauth2_config_client_policy

    Note:

    The OWSM policies might differ based on the OAuth grant type. The policies listed above are applicable for OAuth2.0 Client Credentials grant type.
  10. Select and edit each policy and add the following configuration override properties.
    1. Select and edit oracle/http_oauth2_token_with_resource_owner_creds_over_ssl_client_policy and add values for the following properties.
      Property Information to Enter
      csf.key Enter oic.user.
      federated.client.token Enter false.
      scope Enter scope received from the Oracle Integration Cloud administrator.
      Click OK.
    2. Select and edit oracle/oauth2_config_client_policy and add values for the following properties.
      Property Information to Enter
      token.uri Enter the token URI received from the Oracle Integration Cloud administrator.
      oauth2.client.csf.key Enter idcs.client.secret.
      idcs:token.uri Enter the token URI received from the Oracle Integration Cloud administrator.
      idcs:oauth2.client.csf.key Enter idcs.client.secret.
      Click OK.
  11. Deploy and test the SOA composite application. See Deploying SOA Composite Applications.