Keep the binding with the TaskQueryServicePortSAML and delete the other one. This is the composite:
Next, add some OWSM policies. By default, the TaskQueryServicePortSAML uses oracle/wss10_saml_service_policy. As the getUserToken composite is the client of the TaskQueryService, add the oracle/wss10_saml_client_policy to the external reference. Right-click on the TaskQueryService reference and choose “Configure WS Policies...”.
Add oracle/wss10_saml_token_client_policy.
Before the
composite is able to use the SAML policy, a security context has to be set. Do
this by securing the composite with another policy, in this case use
oracle/wss_username_token_service_policy. Right-click on the exposed service
bpelprocess1_client_ep and choose “Configure WS Policies...”. Add
oracle/wss_username_token_service_policy.
The BPEL process itself is quite simple. The input is used to invoke the operation authenticateOnBehalfOf of the partnerlink TaskQueryService. The output is returned in the response.
The AssignOutput activity:
The AssignInput activity requires extra care:
It is
essential to remove the element workflowContext before invoking the
TaskQueryService. If left in, this error will pop up:
<bpelFault><faultType>1</faultType><processingErrorFault
xmlns="http://xmlns.oracle.com/bpel/workflow/taskQueryService"><part
name="payload"><taskQueryServiceFaultResponse
xmlns="http://xmlns.oracle.com/bpel/workflow/taskQueryService"><message
xmlns="http://xmlns.oracle.com/bpel/workflow/taskQueryService">ORA-30010:Error
in creating reply message for Web Services. Error in creating reply message for
Web Services. The Web Service input could be invalid causing this exception.
Check the Web Service input for correctness. The input could also be validated
against XML schema definition that describes the operation input. It being
valid, this is a system error.
</message></taskQueryServiceFaultResponse></part></processingErrorFault></bpelFault>
Deploy the
composite to the server and test it. I have used the test console in the
Enterprise Manager but you can use any soap client you like, e.g. SoapUI.
Do not forget to enter the security credentials. As input string I have entered “samltestcase”, this is a user that I have created via the Weblogic Administration Console. After invoking the web service, this is the response: