3-22 Oracle Fusion Middleware Interoperability Guide for Oracle Web Services Manager

5. Click Integrity tab of the Outbound Policies page and deselect all options.

6. Click Confidentiality tab of the Inbound Policies page and deselect all options.

7. Click Confidentiality tab of the Outbound Policies page and deselect all options.

8. Edit the wsmgmt.xml deployment descriptor file, as described in Edit the wsmgmt.xml File .

3.7.2.2 Configuring Oracle WSM 11g Client

1. Configure the server for two-way SSL.

For more information, see Configuring SSL on WebLogic Server Two-Way in Oracle Fusion Middleware Security and Administrators Guide for Web Services.

2. Create a client proxy to the OC4J 10g Web service.

Ensure that the Web service endpoint references the URL with HTTPS and SSL port configured on Oracle WebLogic Server.

3. Attach the following policy: oraclewss_saml_token_over_ssl_client_policy.

For more information about attaching the policy, see Attaching Policies to Web Service Clients in Oracle Fusion Middleware Security and Administrators Guide for Web Services.

4. Configure the policy, as described in oraclewss_saml_token_over_ssl_client_

policy in Oracle Fusion Middleware Security and Administrators Guide for Web Services.

5. Invoke the Web service.

Edit the wsmgmt.xml File Editing the wsmgmt.xml file in ORACLE_HOMEj2eeoc4j_instanceconfig, as follows: 1. In the outbound signature, specify that the timestamp should be signed, as follows and remove all other tags: outbound signature add-timestamp created=true expiry=Expiry_Time signature ... 4 Interoperability with Oracle WebLogic Server 11g Web Service Security Environments 4-1 4 Interoperability with Oracle WebLogic Server 11g Web Service Security Environments This chapter contains the following sections: ■ Overview of Interoperability with Oracle WebLogic Server 11g Web Service Security Environments ■ Username Token With Message Protection WS-Security 1.1 ■ Username Token With Message Protection WS-Security 1.1 and MTOM ■ Username Token With Message Protection WS-Security 1.0 ■ Username Token Over SSL ■ Username Token Over SSL with MTOM ■ SAML Token Sender Vouches Over SSL ■ SAML Token Sender Vouches Over SSL with MTOM ■ SAML Token 2.0 Sender Vouches With Message Protection WS-Security 1.1 ■ SAML Token Sender Vouches with Message Protection WS-Security 1.1 ■ SAML Token Sender Vouches with Message Protection WS-Security 1.1 and MTOM ■ SAML Token Sender Vouches with Message Protection WS-Security 1.0 ■ Mutual Authentication with Message Protection WS-Security 1.0 ■ Mutual Authentication with Message Protection WS-Security 1.1

4.1 Overview of Interoperability with Oracle WebLogic Server 11g Web Service Security Environments

In Oracle Fusion Middleware 11g, you can attach both Oracle WSM and Oracle WebLogic Server Web service policies to WebLogic Java EE Web services. For more details about the predefined Oracle WSM 11g policies, see the following sections in Oracle Fusion Middleware Security and Administrators Guide for Web Services: ■ Attaching Policies to Web Services ■ Configuring Policies ■ Predefined Policies For more details about the predefined Oracle WebLogic Server 11g Web service policies, see: