3-20 Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager ■ Configuring SSL on OC4J, see http:download.oracle.comdocscdB14099_ 19web.1012b14013configssl.htm .

3.7.1 Configuring OC4J 10g Client and Oracle WSM 11g Web Service

To configure OC4J 10g client and Oracle WSM 11g Web service, perform the following steps:

3.7.1.1 Configuring Oracle WSM 11g Web Service

1. Configure the server for two-way SSL. For more information, see Configuring SSL on WebLogic Server Two-Way in Oracle Fusion Middleware Security and Administrators Guide for Web Services. 2. Attach the following policy to the Web service: oraclewss_saml_token_over_ssl_service_policy OR oraclewss_username_or_saml_token_over_ssl_service_policy. For more information about attaching the policy, see Attaching Policies to Web Services in Oracle Fusion Middleware Security and Administrators Guide for Web Services.

3.7.1.2 Configuring OC4J 10g Client

1. Configure the server for two-way SSL.

For more information, see http:download.oracle.comdocscdB14099_ 19web.1012b14013configssl.htm .

2. Create a client proxy for the Web service above using Oracle JDeveloper.

Ensure that the Web service endpoint references the URL with HTTPS and SSL port configured on Oracle WebLogic Server.

3. Add the following code excerpt to initialize two-way SSL at the beginning of the

client proxy code: HostnameVerifier hv = new HostnameVerifier httpsURLConnection.setDefaultHostnameVerifierhv; System.setPropertyjavax.net.ssl.trustStore,trust_store; System.setPropertyjavax.net.ssl.trustStorePassword,trust_store _password; System.setPropertyjavax.net.ssl.keyStore,key_store; System.setPropertyjavax.net.ssl.keyStorePassword,key_store_password; System.setPropertyjavax.net.ssl.keyStoreType,JKS; 4. Use the Oracle JDeveloper wizard to secure the proxy by right-clicking on the proxy project and selecting Secure Proxy.

5. Click Authentication in the Proxy Editor navigation bar and set the following

options: ■ Select Use SAML Token. ■ Click SAML Details. ■ Select Sender Vouches Confirmation. ■ Enter a valid username as the Default Subject Name. Interoperability with Oracle Containers for J2EE OC4J 10g Security Environments 3-21

6. Click Inbound Integrity in the Proxy Editor navigation bar and set the following