Managing Security 2-13 ■ Section 2.3.7, Configuring Oracle Single Sign-On for Oracle IPM ■ Section 2.3.8, Configuring Oracle IPM and Single Sign-On for Windows Native Authentication For additional information, see the following:

2.3.1 Configuring a Fusion Middleware Application to use SSL

You can configure Oracle Fusion Middleware to secure communications between Oracle Fusion Middleware components using SSL, which is an industry standard for securing communications. Oracle Fusion Middleware supports SSL version 3, as well as TLS version 1:

2.3.1.1 Configuring an SSL Oracle Content Server Repository Connection

To connect to an Oracle Content Server repository over SSL, the following steps must be taken:

1. Enable SSL on the

Content Server Connection Content Server Settings Page

2. Add and configure an SSL incoming socket provider to the Oracle Content Server.

See Connecting to Outside Entities with Providers in the Oracle Fusion Middleware System Administrators Guide for Oracle Content Server for additional information.

2.3.2 Integrating with a Workflow

Workflow integration is detailed in Section 10, Understanding Workflow Agents and Section 7.2, Creating a Workflow Connection.

2.3.2.1 Integration Points

Oracle IPM connects to a workflow process at the following times, using different mechanisms for each: ■ Configuration ■ Runtime Configuration Oracle IPM connects to a workflow server when application fields are mapped to workflow payload elements. To connect, the provider, port, and credential information are passed using Web Services Inspection Language WSIL. WSIL uses the HTTP protocol and a specific XML format to allow for the discovery of the web Task Where to Go For More Information Administering Oracle WebLogic Server Oracle Fusion Middleware Administrators Guide Configuring SSL with Oracle WebLogic Server Oracle Fusion Middleware Securing Oracle WebLogic Server: Chapter 12, Configuring SSL Table 2–2 SSL Documentation For Information On... See The Following Guide... Configuring SSL with Oracle Fusion Middleware: Web Tier, Middle Tier, and Data Tier Oracle Fusion Middleware Administration Guide: Chapter 6, SSL Configuration in Oracle Fusion Middleware 2-14 Administrators Guide for Oracle Imaging and Process Management service end points on a server. Oracle IPM follows links in the WSIL that meet certain criteria in order to discover deployed composites. Once a composite and service are selected, the WSDL document is read from the server and parsed to obtain the list of available operations as defined by the service bindings in the WSDL. The protocol for reading the WSDL is HTTP and the address and port used are contained in part of the WSDL URI. Note that the address and port used may be different than the connection hostname and port if the workflow server is configured with an HTTP front end load balancer such as Oracle HTTP Server OHS. Once read, the WSDL is used to obtain the schema of the operation payload so that application fields can be mapped to it. Details of the connection, composite name, service name, operation name, and application field to payload mapping are stored in the Application.BpelConfig section for use at runtime. Runtime Runtime communication occurs when Workflow Agent has received a notification that a document has been created in Oracle IPM and a workflow process instance must be created for the document. For this communication, the connection, composite, and service name stored in BpelConfig is first used to obtain the service WSDL URI. The WSDL URI is read to obtain the operation payload schema. The payload schema is used to construct the XML for the payload and the application field values are then inserted into the XML as defined by the mapping. Once the payload is fully defined to include the mapped field values, the payload is submitted to the workflow service operation as a web service call using the address as specified in the WSDL document. The web service call is submitted using the HTTP protocol.

2.3.2.2 Workflow Connection Configuration