Process Design

The wrapper process (CredentialMapper) is the service consumer. The main business process (Claim) is the service provider. When designing a credential mapping service like this, you could choose to develop the two processes in either order - consumer first or provider first.

Prerequisites

Ensure that youi understand:

  • how to implement a call to a web service in a business process application, and then how to deploy and test that application. If you are not already familiar with these topics, run through the How to Call an External Web Service From a Process tutorial before attempting this one.
  • web service security concepts and techniques.
  • use of a UsernameToken policy to map credentials.

However, if you develop and deploy the service provider first, problems can occur in the service consumer with duplicate BOM objects when you import the concrete WSDL from the service provider. (The concrete WSDL can be generated using the Administrator interface in the BPM runtime.)

To avoid this, TIBCO recommend that you follow this procedure to develop the service:

Procedure

  1. Create the CredentialMapper process.
  2. Generate a concrete WSDL for the Call ClaimBusinessProcess service task.
  3. Create the Claim process, using the concrete WSDL generated from the CredentialMapper process. However, if the Claim process already exists and is already deployed:
    1. Create a new PassThrough process.
    2. Implement credential mapping between the CredentialMapper and PassThrough processes, so that the PassThrough process always runs using the "SysUser" credentials.
    3. Call the Claim process from the PassThrough process, over a virtualization binding. This automatically passes the "SysUser" credentials to the Claim process, as shown.

Result

Next topic: Creating a Keystore Containing the Security Credentials to Run the Business Process
Previous topic: Credential Mapping