I was debugging a OSB 11.1.1.5 proxy service which had a OWSM UserName token policy attached to it (read this blogpost how to configure your OSB). When I noticed the $inbound variable had some interesting information which I never noticed before.
The $inbound variable holds a big data-set regarding transport and usually a small data-set regarding security. In a “normal” unsecured proxy services this would result in something like this:
<inbound> <con:endpoint name="mySomething" xmlns:con="http://www.bea.com/wli/sb/context"> <con:service> <con:operation>getEmployeeDetails</con:operation> </con:service> <con:transport> ........ </con:transport> <con:security> <con:transportClient> <con:username>anonymous></con:username> </con:transportClient> </con:security> </con:endpoint> </inbound>
So there is just a transportClient reference which normally just contains the value “anonymous”. Not really interesting.
However in the situation where the proxy service uses the OWSM policy it contains a new messageLevelClient element:
<inbound> <con:endpoint name="mySomething" xmlns:con="http://www.bea.com/wli/sb/context"> <con:service> <con:operation>getEmployeeDetails</con:operation> </con:service> <con:transport> ........ </con:transport> <con:security> <con:transportClient> <con:username>anonymous></con:username> </con:transportClient> <con:messageLevelClient> <con:username>weblogic</con:username> <con:principals> <con:group>AdminChannelUsers</con:group> <con:group>Administrators</con:group> <con:group>IntegrationAdministrators</con:group> </con:principals> </con:messageLevelClient> </con:security> </con:endpoint> </inbound>
Pretty good information for tracing/logging your service calls.
