Interoperability with Oracle WebLogic Server 11g Web Service Security Environments 4-21 11. Invoke the Web application client and enter the appropriate credentials.

4.12.2 Configuring Oracle WSM 11g Client and Oracle WebLogic Server 11g Web Service

To configure Oracle WSM 11g client and Oracle WebLogic Server 11g Web service, perform the following steps:

4.12.2.1 Configuring Oracle WebLogic Server 11g Web Service

1. Create a Web service.

2. Attach the following policies:

■ Wssp1.2-wss10_saml_token_with_message_protection_owsm_policy.xml ■ Wssp1.2-2007-SignBody.xml ■ Wssp1.2-2007-EncryptBody.xml For more information, see Updating the JWS File with Policy and Policies Annotations in Oracle Fusion Middleware Securing WebLogic Web Services for Oracle WebLogic Server.

3. Configure identity and trust stores, as described in Configure identity and trust

in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Help

4. Configure message-level security, as described in:

■ Configuring Message-Level Security in Oracle Fusion Middleware Securing WebLogic Web Services for Oracle WebLogic Server ■ Create a Web Service security configuration in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Help. Since this is a WS-Security 1.1 policy, you need to configure Confidentiality Key only.

5. Deploy the Web service.

See Oracle Fusion Middleware Deploying Applications to Oracle WebLogic Server. 6. Create a SAMLIdentityAsserterV2 authentication provider, as described in Configuring Authentication and Identity Assertion providers in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Help. In the WebLogic Server Administration Console, navigate to Security Realms RealmName Providers Credential Mapping page and create a New Credential Mapping Provider of type SAMLCredentialMapperV2. 7. Restart WebLogic Server. 8. Select the authentication provider created in step 5. 9. Create a SAML asserting party, as described in Create a SAML 1.1 Asserting Party in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Help. ■ Set Profile to WSSSender-Vouches. 10. Configure a SAML asserting party, as described in Configure a SAML 1.1 Asserting Party in Oracle Fusion Middleware Oracle WebLogic Server Administration Console Help. 4-22 Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager Configure the SAML asserting party as follows leave other values set to the defaults: a. Set Issuer URI to www.oracle.com. b. Set Target URL to url_used_by_client.

4.12.2.2 Configuring Oracle WSM 11g Client