Working with Oracle Security Token Service in an Architecture Involving Oracle WebLogic and Oracle Service Bus by Ronaldo Fernandes
June 30, 2014 1 Comment
Using Oracle Security Token Service to generate Security Assertion Markup Language (SAML) tokens.
Downloads
Oracle Security Token Service
Oracle WebLogic Server
Oracle Service Bus
Recently, I’ve worked on a proof of concept for the use of Oracle Security Token Service (OSTS) in an architecture involving Oracle Fusion Middleware, focused on Oracle WebLogic Server (WLS), Oracle Web Service Manager (OWSM) and Oracle Service Bus (OSB). There are many security scenarios in which OSTS can be used, but the initial objective was to provide single sign-on between WLS and OSB using OSTS to generate Security Assertion Markup Language (SAML) tokens. This article describes the steps to implement this solution.
Scenario
The solution was applied on OWSM with OSB 11g (11.1.1.6), Oracle Access Manager (OAM) 11gR2 (11.1.2) and WLS 11g (10.3.6). A Security Token Service (STS) creates and validates security tokens, using protocols such as WS-Trust, acting as a centralizer point in security infrastructure architecture and simplifying identity propagation between heterogeneous environments.
OSTS is an Oracle Identity Management access management solution. For more information on OSTS, consult the following articles by Oracle Fusion Middleware A-Team solution architect Andre Correa:
The proof of concept required a client on WLS accessing a service provided by OSB using SAML. The SAML Assertion should be generated from OSTS.
WLS can use WS-Trust policies and communicate with OSTS, but OSB 11g still doesn’t support WS-Trust policies. To work around this issue, configure OSB to trust messages signed by an OSTS certificate. Here is the complete scenario: Read the complete article here.
For regular information on Oracle SOA Suite become a member in the SOA & BPM Partner Community for registration please visit www.oracle.com/goto/emea/soa (OPN account required) If you need support with your account please contact the Oracle Partner Business Center.
![image[7][2][2][2]](https://paascommunity.com/wp-content/uploads/2013/04/image7222.png?w=20&h=20 "image[7][2][2][2]"){kind=small}
![clip_image002[8][4][2][2][2]](https://paascommunity.com/wp-content/uploads/2013/04/clip_image00284222.jpg?w=26&h=23 "clip_image002[8][4][2][2][2]"){kind=small}
There is a new excellent Virtual Box VM for the latest SOA/BPM 11.1.1.7.1. This one is my favourite, it includes latest Oracle products for SOA/BPM and WebCenter. All is configured, fine tuned and ready to use. Read more and download from Oracle OTN site – 
The growth of smart phone adoption and its implications on banking is certainly the most significant trend in banking today. Mobile payment start-ups, like Square, LevelUp, and Dwolla, are introducing new services that offer alternatives to the traditional bank/merchant credit/debit card model. Google, Facebook and Apple all want to be your trusted credential holder and “mobile wallet”, threatening the bank-centric model. Banks have a big advantage here; they have detailed information about customers’ buying habits and banks are more trusted to secure private customer information. Banks have a big opportunity to capitalize on this trend and leverage their advantages as end-to-end payment providers. One example is to leverage their mobile applications and card services capabilities to include location-based offers and mobile wallet mechanisms. Banks are uniquely positioned to provide a complete, end-to-end offer presentment and payment solution that is both more personalized to the needs of the consumer and tied to the existing merchant and payment ecosystems banks dominate today.
Internet of Things (IoT) Whitepaper and online Webcast & Utility presentation
PaaS Community Blog 