1. Developing SOA Applications with Oracle SOA Suite
  2. Using the Human Workflow Service Component
  3. Understanding Human Workflow Services
  4. Introduction to Human Workflow Client Integration with Oracle WebLogic Server Services
  5. Identity Propagation
  6. Public Key Alias

Public Key Alias

You can use the oracle.wsm.security.util.SecurityConstants.ClientConstants.WSS_RECIPIENT_KEY_ALIAS property with the workflow client. This property sets the alias for the recipient's public key that is used to encrypt the type outbound message. Use this property to secure workflow services with the public key alias. This property is only relevant when the SOAP client type uses identity propagation.

The client code must add the WSS_RECIPIENT_KEY_ALIAS value to the map if the public key alias is defined. The code sample below provides details. 

Map<CONNECTION_PROPERTY,String> properties = new HashMap<ONNECTION_
PROPERTY,String>();
properties.put(CONNECTION_PROPERTY.SOAP_IDENTITY_PROPAGATION , "saml");
properties.put(CONNECTION_PROPERTY.SOAP_END_POINT_ROOT,
 "http://myhost.us.example.com:7001");
properties.put(CONNECTION_PROPERTY.WSS_RECIPIENT_KEY_ALIAS,keyAlias); 
// where keyAlias  is a key alias value
properties.put(ONNECTION_PROPERTY.SECURITY_POLICY_URI, "oracle/wss10_saml_token_
client_policy"); //optional
properties.put(CONNECTION_PROPERTY.MANAGEMENT_POLICY_URI , "oracle/log_policy");
  //optional
IWorkflowServiceClient client =
                            WorkflowServiceClientFactory.getWorkflowServiceClient(
                            WorkflowServiceClientFactory.SOAP_CLIENT,
 properties, null);

If the client uses the JAXB WorkflowServicesClientConfigurationType object or the wf_client_config.xml file, an optional element called wssRecipientKeyAlias is added under the identityPropagation element for a SOAP client. The following code sample provides details. 

<xsd:complexType name="identityPropagationType">
    <xsd:sequence>
      <xsd:element name="policy-references"  type="PolicyReferencesType" 
       minOccurs="0" maxOccurs="1"/>
      <xsd:element name="wssRecipientKeyAlias"  type="xsd:string"  minOccurs="0"
       maxOccurs="1"/> </xsd:sequence> 
    <xsd:attribute name="type" type="xsd:string"  default="saml"/>
    <xsd:attribute name="mode" type="xsd:string"  default="dynamic"/>
</xsd:complexType>

For more information about how to create and use the public key alias in the credential store, see Securing Web Services and Managing Policies with Oracle Web Services Manager in Securing Web Services and Managing Policies with Oracle Web Services Manager.