Tuesday, March 15, 2011

setOutboundHeader function obsoleted in SOA Suite 11g

If you have SOA Suite 10g code (specifically ESB) that uses the "ehdr:setOutboundHeader" function, it will no longer work in SOA Suite 11g as the function is obsoleted.

Your 10g code may include the following statements like this:
select="ehdr:setOutboundHeader('/shdr:ESBHeader/wsse:Security/wsse:UsernameToken/wsse:Username',$Username,'shdr=http://xmlns.oracle.com/esb;wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;')"
select="ehdr:setOutboundHeader('/shdr:ESBHeader/wsse:Security/wsse:UsernameToken/wsse:Password',$Password,'shdr=http://xmlns.oracle.com/esb;wsse=http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd;')"

Using the new "setProperty" function to set the header in the transformation in 11g will not work:
select="mhdr:setProperty('out.header.wsse_Security/wsse:Security/wsse:UsernameToken/wsse:Username', $Username)')"
select="mhdr:setProperty('out.header.wsse_Security/wsse:Security/wsse:UsernameToken/wsse:Password', $Password)"

You must move use the "Assign" feature in Mediator 11g (which is in the .mplan file):
<assign>
  <copy
    target="$out.header.wsse_Security/wsse:Security/wsse:UsernameToken/wsse:Username"
    expression="<your lookup value>"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  />
  <copy
    target="$out.header.wsse_Security/wsse:Security/wsse:UsernameToken/wsse:Password"
    expression="<your lookup value>"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  />
</assign>

Even though using "mdhr:setProperty" to dynamically set the endpoint works when used in XSL files, the same is not true for setting WS-Security headers. For example, the following will work in your transformation:
select="mhdr:setProperty('out.property.endpointURI',$endpoint)"


Applicable Versions:
  • Oracle SOA Suite 11g (11.1.1.x)


Ahmed Aboulnaga

1 comment:

lakshminadh@gmail.com said...

Im also planning to use the security Headers. Is there any way i can access Security Headers from Java Embedding in BPEL ..