As discussed in my previous post, another common type of integration between Oracle BPM and Oracle Service Bus is exposing BPM processes as web services. In the diagram below you can see the highlighted path that is taken in this case.
Oracle BPM Process Web Services
Oracle BPM provides a feature to expose any process as a web service without any code. You can simply right click on a process and select Process Web Service. Once on the process web service page you can add multiple web services for this process of the following types:
- Process Creation - This will create an instance of the process and return the instance id of the created process instance.
- Process Execution - This will attempt to execute the processes as a synchronous web service. This should only be used with processes that are all automatic activities or else the web service call will time out while waiting at an interactive activity.
- Process Notification - This will allow you to expose a notification wait from your process.
With any of these web services will expose the relevant argument sets, including primitive types, BPM Objects and XML Objects. You should be using Doc/Literal style for all web services because RPC/Encoded is now deprecated. For security you also have the three following options:
- None - If you choose this there will also be an authentication method on the service exposed, that will return a token needed for subsequent calls. This is not the recommended approach as it will require 2 service calls for each call you want to make.
- Username Token Profile - This is the recommended approach for security on process web services. This will add a WS-Security policy to the exposed web service.
- HTTP Basic Authentication - This will use HTTP Basic Authentication to authenticate with a plain text user and password.
Oracle Service Bus Security
Exposing a Synchronous Process with Pass Through Security
Exposing an Asynchronous Process with Static Security