HOw to Call WSSE secured web service from BPEL

1.Create partner link to the gateway that is wrapping the actual service as shown below.




2.Create a new BPEL variable as shown

The username and password that should be provided to the service gateway should be in the SOAP header of the partner link call. For this we need a BPEL variable that is based on an XSD that is provided by OASIS.

Please click for XSD here

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd




Now create a BPEL Security_header variable based on the Security variable defined in this schema. This variable is of type: ANY_TYPE, but I will address that later.



3. Provide the authentication details to the new security variable The Security_header variable of type security is of ANY_TYPE type. But are now going to assign a piece of XML as the variables value. This piece of XML will contain the username and password; in this case username/password.
Create an assign activity and copy the following XML to the variable

4. The value of the variable should be inserted in the SOAP header of the partner link call.

Loging details have to be provided in the SOAP header, that’s how WS-Security provides authentication details. That can be done by providing the the Security_header variable as a header variable during the Invoke activity. Of course you need to provide the proper input and output variables on the invoke activity.

That’s it. We have created a variable, provided our username and password to the variable. We have then put that variable in the SOAP header. The BPEL process we have now created looks like:



Test the BPEL process confirm the same.