Quick Introduction to PeopleSoft Web Services


Web Services are getting popular day by day and as developers we are constantly getting requirements to intergrate our PeopleSoft application with thrid-party system to interchange data between systems. In fact PeopleSoft system delivers web services so that we can leverage those web services, extend or create our own web services esaily within our PeopleSoft system. Some examples of PeopleSoft delivered web services are (in Campus Solutions) , List of Values WS, AAWS (Admission Applications Web Services). In addition to the conventional SOAP based web services PeopleSoft now facilitate to develop RESTful web services using PeopleSoft Intergreation Broker.

Web Service Overview

A web service provides external applications a web-services-based means of accessing PeopleSoft data. Web services are implemented through the PeopleTools Integration Broker (IB) framework. The Integration Gateway web application receives all the web service requests and forwards them to the Integration Engine (application server) for processing.

Following process occurs when you use web service with a client application

1. The client application invokes one of the service operations from the API (application programming interface) published by PeopleSoft application.

For example in in Campus Solutions, Admission Applications Web Service contains the following web service operations
  • SAD_ADMISSIONS – Main Admissions Web Service
    • SAD_CREATEAPPL: Create Application
    • SAD_GETAPPL: Find Application
    • SAD_GETAPPLS: Find Applications
    • SAD_SAVEAPPL: Save Application (for later modification or submission)
    • SAD_SUBMITAPPL: Submit Application
    • SAD_GETATTACH: Get Attachment
The service operation SAD_CREATEAPPL is shown below;

2. PeopleSoft Integration Broker receives the service operation request and validates the WS security credentials.

Web services security (WS-Security) is implemented on the integration gateway for inbound and outbound integrations with third-party systems. WS-Security adds a layer of security to sending and receiving service operations by adding a UsernameToken that identifies the sender and authenticates its identity to the web service provider. On inbound processing, PeopleSoft Integration Broker can process requests received from integration partners that contain WS-Security UsernameToken and passwords in the SOAP (Simple Object Access Protocol ) header of the inbound SOAP request. The user name and password should be encrypted via PKI (public key infrastructure).

Some web service operations require a user ID and password. If a user ID and password are not supplied in the SOAP header, Integration Broker rejects the request.
If the request is received from another PeopleSoft system, the user ID associated with the requesting PeopleSoft node is used when the SOAP header does not specify a user name.
When a request is received, PeopleSoft Integration Broker validates the user ID and password in the SOAP header to determine whether the user has the proper security to invoke the service operation requested.

Generally you implement WS security in PeopleSoft via Permission Lists.
in the above screen shot the permission list HCSPSERVICE gives full access to the individual service operations in the SAD_ADMISSIONS WS.
Depending on the requirements, in the service operation level you can specify authentication mechanism so that users who has proper privileges can access to your service operations.

3. The request is passed to Application Server for processing. The Application Server authenticates the service operation and routes it to the respective handler. The handler executes the PeopleCode and sends the response to Integration Gateway.

Handler is basically a application class which has your PeopleCode logic (or business logic) to execute when the service operation is called. handlers can be define in the Handler section in the service operation as follows;

4. Integration Broker sends the response to the client application.

Client application who invoke WS will get XML response message (SOAP based WS). Sometimes client application may get error response messages so that clients can correct and resubmit the WS.
Client application then process this XML response message and present in their Front-end application in a suitable format.

Ayesha Wee