Adding security to a web service then generating a proxy [SOLVED]

Hi
I generated a web service based on a very simple java program. I have deployed it to a local oc4j install and successfully called it from a proxy generated from jdev. I am using 10.1.3.3.0.
I added security to the web service and regenerated the proxy. I wanted to see the difference in the SOAP messages sent to the web service. However the proxy does not seem to have changed to take account of the new security settings on the web service.
The security options I set were:
On main security dialog: Ticked the port and "Text Password"
On Authentication: Ticked "Expect Username ti Authenticate"
"Password Required"
Password Type = "Plain Text"
"Nonce Required in Token"
"Creation Time Required in Token"
I have 2 questions:
1. How do I get the proxy to send SOAP messages that contain the security headers required to run the web service. Here is the main method from my proxy. I thought adding setUsername and setPassword would be the solution
    public static void main(String[] args) {
        try {
            gpn3.Getphonenum3SoapHttpPortClient myPort = new gpn3.Getphonenum3SoapHttpPortClient();
            System.out.println("calling " + myPort.getEndpoint());
            // Add your own code here
            myPort.setUsername("oc4jadmin");
            myPort.setPassword("welcome");           
            myPort.getNum("Lisa");
        } catch (Exception ex) {
            ex.printStackTrace();
2. When the web service receives a user name and password what does it check them against? I assume the oc4jadmin user will be allowed access but how do I set up other users?
many thanks
paul schweiger
Message was edited by:
[email protected]

I have figured this out now
1. I needed to set the same security settings in my proxy as I did for my web service. I had assumed that the proxy would generate the necessary security settings from the web service.
2. For some reason my web service application is using the system level jazn-data xml file
oc4j_extended_101330/j2ee/home/config/system-jazn-data.xml
This does include the oc4jadmin user and I am now able to use that account to call the web service. I also managed to add another user and use that account to call the web service successfully.
Thanks for the help
paul

Similar Messages

  • Adding Security Policy to web services .

    Hi,
    I am trying to create Java Webservice from JDeveloper and add policies(OWSM or WLS) to it . I am able to succesfully create web service from java code in Jdeveloper ,create a WAR out of it and can deploy it in weblogic server .But if I create Webservice by adding WLS policies or OWSM policies to it . The WAR fails to deploy in Weblogic server . Is there any pre - requisites I need to do before I deploy ? If any one has a tutorial for this , it will be nice .

    The solution suggested in link i have already done ....... But that had not resolved my issue
    Below is my sample code -
    it has three operations -
    package project6;
    import javax.jws.WebService;
    import weblogic.jws.Policy;
    @WebService
    @Policy(uri = "policy:Wssp1.2-2007-Https-BasicAuth.xml", direction = Policy.Direction.inbound)
    public class basicHello {
    public basicHello() {
    super();
    public String SayHello(String a)
    {return("Hello "+a);
    public String SayBye(String a)
    {return ("Bye "+a);
    public String SayHowAreYou(String a)
    {return("How are you "+a+" ??");
    When I deploy I am able to get a war file too . But when I install in weblogic server it fails . DO I HAVE TO DO ANY SETTING CHANGE IN WEBLOGIC SERVER ?

  • Problems invoking a secure 8.1 web service from a 6.1 client

    I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
    Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
    In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
    If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
    Any help would be GREATLY appreciated.

    Hi Paul,
    This sound familiar, but I cannot at the moment locate a reference to
    the issue. I would encourage you to seek the help of our super support
    team [1].
    Regards,
    Bruce
    [1]
    http://support.bea.com
    [email protected]
    Paul Merrigan wrote:
    >
    I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
    Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
    In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
    If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
    Any help would be GREATLY appreciated.

  • Web Service consumer using ABAP-PROXY

    Hello,
    I want to test Web Service consumer using ABAP-PROXY . So I do what is explain in the weblog :
    [http://wiki.sdn.sap.com/wiki/display/Snippets/WebServiceconsumerusingABAP-PROXY]
    But when I execute the programm, the message : 'No valid source context supplied'.
    But, proxy and port are ok and activate.
    Can you help me.
    Thanks.

    Hi Jitesh,
    Thanks for the link.  I checked but did not find helpful info there.
    I have managed to make it work yesterday.  Two issues were identified. 
    1. The namespace in the WSDL file imported into ESR as an external definition.  I need to create the same namespace in ESR before importing the WSDL and then import the WSDL into that namespace.
    2. The authentication method.  The authentication method in the IIS configuration of the .NET web service has to be set to Basic Authentication.  Then I set logical port of the consumer proxy in the OSAMANAGER to use Basic Authentication also.  So far only the Basic Authentication works in my test scenario.
    I am closing this question.
    Regards,
    Jiannan

  • Error While Consuming Public Web Service through Stand Alone Proxy

    Hi,
    I am getting the below error when I am consuming a public web service through Stand Alone Proxy.
    java.rmi.RemoteException: Service call exception; nested exception is:
         com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (407) Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  ).
         at com.mindtree.examples.GlobalWeatherSoapStub.getCitiesByCountry(GlobalWeatherSoapStub.java:159)
         at com.mindtree.examples.GlobalWeatherSoapStub.getCitiesByCountry(GlobalWeatherSoapStub.java:168)
         at com.mindtree.examples.WebServiceClient.main(WebServiceClient.java:18)
    Caused by: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (407) Proxy Authentication Required ( The ISA Server requires authorization to fulfill the request. Access to the Web Proxy filter is denied.  ).
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.handleResponseMessage(MimeHttpBinding.java:903)
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1346)
         at com.mindtree.examples.GlobalWeatherSoapStub.getCitiesByCountry(GlobalWeatherSoapStub.java:152)
         ... 2 more
    Regards,
    Venkatesh

    Hi,
    I am still facing the same issue.
    Regards,
    Venkatesh

  • How to secure a J2SE Web Service

    Hi,
    I have created a J2SE Web Service using JAX-WS and I now wish to secure it but I can't seem to work out how to do it in an automated manner.
    I have used the simple Java-First method, writing an annotated java class and then running wsgen to generate the WSDL and required artifacts.
    WSIT seems to be the solution, placing a WSIT config file in a META-INF directory on the classpath. However, in the examples that I have there seems to be a huge amount of overlap between the WSDL and the WSIT config file. Moreover, the content of the WSIT config seems to be dependent on the contents of the WSDL. This means that should I update the implementation class I would have to manually update the WSIT config (unlike the WSDL which would be autogenerated from the Java class).
    Ideally I would like to create two files:
    - myserviceImpl.java
    - wsit-config.xml (using the correct naming convention)
    Then run WSGEN and, hey presto, a full WSDL is generated complete ith security policy information. However, it seems that this is not the way it works.
    I'd be grateful for any advice you can give on how to automate this process. My current idea is to generate the WSDL and then use an XSLT step in the build process to drag the WSIT config into the WSDL.
    I'd also be interested in hearing how other people have created secure J2SE web services.
    I am using Eclipse (not NetBeans) and Maven.
    Thanks

    I am using Eclipse (not NetBeans) and Maven.I hate doing this, but have you tried Netbeans? Metro has really tight integration with it and pretty much can do what you want. However, making a programmer change IDE is like suggesting someone to try another religion.

  • Security issue with Web Services on Oracle SOA suite? (Serious?)

    Hi,
    I have recently installed and set up the SOA 10.1.3 on my local machine.
    I created a simple test web service and deployed - worked ok.
    I then added simple plain text security to the service, and again opened it up for testing using the test service function.
    Initially, it returns with the expected message 'missing soap header security'.
    However if you refresh the page / or test the service again, it is then invoked - seemingly bypassing the security !!!
    Oddly the 3rd attempt then shows the security message again, and it seems to alternate between allowing access to the service and imposing the security?!?!
    Has anyone else experience this ?
    Is it a bug ? (if so, its a pretty nasty one that could quite possibly catch alot of people out !)

    I have now created an independant client in Java to call the WS.
    The security is still bypassed on ever other call?!?!
    I have this over HTTPS also, and was hoping this would provide an adequate means of securing my web services.
    How is everyone else securing web services that are exposed to general consumers? Maybe i should find a new approach !

  • Extra Tag Getting Added while invoking a Web service

    Hi all,
    We are facing an issue while trying to invoke a web service. We are assigning values to invoke input variable of the invoke. The issue is that while invoking an Extra element named “input” is getting added.
    For Eg: The required one is
    <messages>
    <invoke_Webservice_Input>
    Payload
    </invoke_Webservice_Input>
    </messages>
    But what is getting passed is :
    <messages>
    *<input>*
    <invoke_Webservice_Input>
    Payload
    </invoke_Webservice_Input>
    *</input>*
    </messages>
    Due to this, the invoke is failing and we are not able to proceed. The error which we are getting is "*exception on JaxRpc invoke: unexpected null*"
    If any has faced similar issues, please share your experience.
    PS: The same wsdl is working in other environments. only thing we changed is the Endpoint URI and that endpoint URI is also accessible.
    Thanks
    Mohan

    can u re import the wsdl into the process and then change the endpoint uri... undeploy the previous process.. bounce the server and then deploy the new process and try

  • "Unknown error" when adding a page via web services

    I am trying to add a division (a Welcome page) to a section on another welcome page, in order to get a site structure that is one level deeper than what can be built using the iTunes interface. I am using Web Services, which is new to me, to try to do this, as I understand that web services allows this (see http://discussions.apple.com/thread.jspa?messageID=6786261&#6786261). I have build a login page that takes my institutional name and password, authenticates me, constructs the authorization token, requests, and successfully receives an upload URL from iTunes U.
    It sets the action on a file upload form to this received URL. I then, easily within 90 seconds, browse to the Web Services XML file I want to upload, select it in the file upload form field, and submit the form.
    Despite several change to my Web Services document, the text "Unknown error" is all I ever receive back, and my division is not added. Can anyone help?
    An the HTML output of the dynamically constructed page with the upload form, and the web services document I am trying to upload, may be found at:
    http://itc.boisestate.edu/iTunesU.zip
    Thanks,
    Eric Orton

    It's probably due to the unescaped ampersand in your division name. To be well-formed XML, it must be written as "&" (and, 'a', 'm', 'p', semicolon). In addition, the order of your parameters does not match the XSD. Here's a version that does:
    <ITunesUDocument>
    <Version>1.1</Version>
    <AddDivision>
    <ParentHandle>1525601603</ParentHandle>
    <ParentPath/>
    <TemplateHandle>1525143263</TemplateHandle>
    <Division>
    <Name>Modern Languages & Literature</Name>
    <ShortName>Modern Languages</ShortName>
    <Identifier>langlit</Identifier>
    <AllowSubscription>true</AllowSubscription>
    <Permission>
    <Credential>Authenticated@urn:mace:itunesu.com:sites:boisestate.edu</Credential>
    <Access>No Access</Access>
    </Permission>
    </Division>
    </AddDivision>
    </ITunesUDocument>

  • Web Service Call From Consumer Proxy in ABAP: Security Settings

    Hello All,
    Have a couple of questions:
    We are working on a scenario where we have to connect to a web service from ABAP. We have extracted the WSDL, and generated the client proxy, and configured a Logical Port. However, at the time of actual call, we receive an error message "Header http://schemas.xmlsoap.org/ws/2004/08/addressing:Action for ultimate recipient is required but not present in the message.". We suspect that this is a problem with the SOAP Header, which might be missing some tags, which are required by the Web Service. Problem is, we can not trace the Web Service SOAP Header. We can not see it in SOAMANAGER, or any other transaction as such.
    1. Does any body have an idea where to look for the complete SOAP Request, in case of a Consumer Proxy call?
    2. After re-configuring the Logical Port in SOAMANAGER, our scenario is now stuck at an error which says: 'SoapFaultCode:1  Security requirements are not satisfied because the security header is not present in the incoming message.'. This is probably happening because the target web service is WSE 3.0 compliant, and hence it is asking for UsernameToken and TimeStamp attributes in SOAP Header. In SOAMANAGER Logical Port configuration, we do not see a placeholder for providing this information. However, in earlier LPCONFIG transaction, there was a field for providing WS Security Profile for Operations. Where does this config lie in SOAMANAGER?
    Awaiting Replies.
    Thanks and Regards,
    Sid

    Hi Sid,
    The setting username/password in the manual logical port configuration will send the username and password in the http header as basic authentication. That's why you don't see a security header.
    To configure usernametoken you have to create the logical port out of a WSDL. This WSDL needs to contain WS-Security Policies . So in the policy section of the WSDL you see an XML element called UsernameToken.
    In order to let .Net generate a compatible WSDL you have to configure your WCF Web Service to use a CustomBinding with authentication "UsernameOverTransport". This is a username token in the security header send over SSL. So therefore you need an HTTPSTransport (instead of HTTPTransport) in the binding of your .Net WCF endpoint as well.
    For an example of such a WCF service configuration see my comment on http://weblogs.sdn.sap.com/cs/user/view/cs_msg/59671.
    Regards,
    Mathias

  • Security for a web service

    Hi everyone,
    Scenario :
    I want to securise a web service with SSL.
    I want to call this web service with Java standalone class (not servlet, JSP,...).
    Here is what I've done :
    1) I created a web service with "Secure SOAP" option.
    2) I created a <u>Standalone Proxy</u>.
    3) I created a Java Standalone client and tried to call the web service.
    Here is the code :
         public static void main(String[] args) {
              try {
              Hello1WebServiceImpl service = new Hello1WebServiceImpl();
              Hello1WebServiceViDocument port = (Hello1WebServiceViDocument)service.getLogicalPort();
              System.out.println(port.sayHello1());
              } catch (Exception e) {
                   e.printStackTrace();
    Here is the exception :
    java.rmi.RemoteException: Service call exception; nested exception is:
         java.net.ConnectException: Connection timed out: connect
         at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:80)
         at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:88)
         at SampleComponent.main(SampleComponent.java:23)
    Caused by: java.net.ConnectException: Connection timed out: connect
         at java.net.PlainSocketImpl.socketConnect(Native Method)
         at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
         at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
         at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
         at java.net.Socket.connect(Socket.java:452)
         at java.net.Socket.connect(Socket.java:402)
         at java.net.Socket.<init>(Socket.java:309)
         at java.net.Socket.<init>(Socket.java:124)
         at iaik.security.ssl.SSLSocket.<init>(Unknown Source)
         at com.sap.engine.services.webservices.jaxm.soap.SSLUtilImpl.createSSLSocket(SSLUtilImpl.java:43)
         at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.initStreamsFromSocket(HTTPSocket.java:500)
         at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.initializeStreams(HTTPSocket.java:422)
         at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getOutputStream(HTTPSocket.java:384)
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.getRequestStream(HTTPTransport.java:337)
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.outputMessage(MimeHttpBinding.java:433)
         at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1117)
         at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:73)
         ... 2 more
    Can someone please tell me the steps I must follow ?
    Thanks in advance.
    Message was edited by: David Fryda

    Ive ran into similar proples using normal ssl over http and the issues were with my environmet configuration ... yours may be with somthing totally different... but i fixed my probs by adding the folling code before creating the connection. 
    java.security.Provider provider[] =
      java.security.Security.getProviders();
    for (int i = 0; i < provider.length; i++) {
      java.security.Security.removeProvider(
        provider<i>.getName());
    java.security.Security.insertProviderAt(
    new com.sun.net.ssl.internal.ssl.Provider(), 2);
    java.security.Security.insertProviderAt(
    new sun.security.provider.Sun(), 1);
    System.setProperty(
    "java.protocol.handler.pkgs",
    "com.sun.net.ssl.internal.www.protocol");
    you can also accomplish this by modifying the java.security file found in \jre\lib\security directory.
    Also because this is a stand alone app be sure to have all the necessary jar files in you classpath ... you can accomplish this by using the -classpath option when calling your program or by moving the files into you \bin\lib\ext directory;

  • Question: Securing Communications in Web Services: A Tutorial

    Hi all,
    I have been following this tutorial:
    http://developers.sun.com/prodtech/identserver/reference/techart/secure-ws.html
    And it was a pissed-off experience. I have only spent 5 mins on it and I am already stuck.
    Anyway, when I try to deploy the StockServer project, I get the following error:
    am-init:
    am-deploy:
    /home/bwoo/Creator/Projects/webservicessecurity/samples/StockServer/nbproject/am-deploy.xml:46: Could not create task or type of type: amdeploy.
    Ant could not find the task or a class this task relies upon.
    This is common and has a number of causes; the usual
    solutions are to read the manual pages then download and
    install needed JAR files, or fix the build file:
    - You have misspelt 'amdeploy'.
    Fix: check your spelling.
    - The task needs an external JAR file to execute
    and this is not found at the right place in the classpath.
    Fix: check the documentation for dependencies.
    Fix: declare the task.
    - The task is an Ant optional task and the JAR file and/or libraries
    implementing the functionality were not found at the time you
    yourself built your installation of Ant from the Ant sources.
    Fix: Look in the ANT_HOME/lib for the 'ant-' JAR corresponding to the
    task and make sure it contains more than merely a META-INF/MANIFEST.MF.
    If all it contains is the manifest, then rebuild Ant with the needed
    libraries present in ${ant.home}/lib/optional/ , or alternatively,
    download a pre-built release version from apache.org
    - The build file was written for a later version of Ant
    Fix: upgrade to at least the latest release version of Ant
    - The task is not an Ant core or optional task
    and needs to be declared using <taskdef>.
    - You are attempting to use a task defined using
    <presetdef> or <macrodef> but have spelt wrong or not
    defined it at the point of use
    Remember that for JAR files to be visible to Ant tasks implemented
    in ANT_HOME/lib, the files must be in the same directory or on the
    classpath
    Please neither file bug reports on this problem, nor email the
    Ant mailing lists, until all of these causes have been explored,
    as this is not an Ant bug.
    BUILD FAILED (total time: 5 seconds)
    Have any of you had the same problem? I know there is a similar tutorial on NetBeans website but it's even more poorly written.

    No i have not really worked on it these last days...
    I wonder why so few answers to this post. Would we the only two people who want to do this (be able to access OCS fron a web app, reusing SSO session)
    My main problem, for these web services, is to pass a password. As we do actually, we should keep a password in clear text in the User session.. and i'm not fond of this.

  • WebServiceException When invoking secured ADF-BC web services on WebSphere

    We built web services using ADF 11.1.1.7 RC1, and deployed to WebSphere ND 7.0.0.23
    The web services are secured using OWSM policy:
    @SecurityPolicy( { "oracle/wss11_saml_or_username_token_with_message_protection_service_policy" })
    And we have a client java program which invokes the web services as follows:
    MTOMFeature mtom = new MTOMFeature();
    SecurityPolicyFeature sec_policy = new SecurityPolicyFeature("oracle/wss11_saml_token_with_message_protection_client_policy");
    if (lCMAMService == null) {
    generateFCMWebserviceUrl();
    URL url = new URL(fcmUrl);
    LCMAMService_Service lCMAMService_Service = null;
    try {
    lCMAMService_Service = new LCMAMService_Service(url);
    } catch (WebServiceException wse) {
    generateFCMWebserviceUrl(true);
    URL physicalURL = new URL(fcmUrl);
    lCMAMService_Service = new LCMAMService_Service(physicalURL);
    lCMAMService = lCMAMService_Service.getLCMAMServiceSoapHttpPort(mtom, sec_policy);
    Everything works fine in WebLogic. However, when running on WebSphere ND 7.0.0.23, the following exception were thrown:
    javax.xml.ws.WebServiceException: Invalid or unsupported WebServiceFeature feature http://www.w3.org/ns/ws-policy
         at org.apache.axis2.jaxws.ExceptionFactory.createWebServiceException(ExceptionFactory.java:173)
         at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:70)
         at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:118)
         at org.apache.axis2.jaxws.feature.ClientFramework.addFeature(ClientFramework.java:56)
         at org.apache.axis2.jaxws.binding.BindingImpl.setFeatures(BindingImpl.java:138)
         at org.apache.axis2.jaxws.BindingProvider.initialize(BindingProvider.java:167)
         at org.apache.axis2.jaxws.BindingProvider.<init>(BindingProvider.java:73)
         at org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.<init>(JAXWSProxyHandler.java:123)
         at org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.<init>(JAXWSProxyHandler.java:114)
         at org.apache.axis2.jaxws.spi.ServiceDelegate.getPort(ServiceDelegate.java:615)
         at javax.xml.ws.Service.getPort(Service.java:133)
         at oracle.apps.epm.fcc.lcm.proxy.LCMAMService_Service.getLCMAMServiceSoapHttpPort(LCMAMService_Service.java:59)
         at oracle.apps.epm.fcc.lcm.common.FCMExportImportHandler.instantiateFCMService(FCMExportImportHandler.java:703)
    It seems that in WebSphere, the security policy are not supported. Any idea what needs to be changed for the client code to work in WebSphere?
    Thanks.

    Hi,
    as you are from Oracle, can you reach out to internal forums and mailing lists? JDeveloper 11.1.1.7 RC1 is not available outside of Oracle and therefore should not have questions posted on this public forum.
    Frank

  • LDAP security provider and web service authentication

    Background: we are currently developing web services to our existing weblogic application. Our users can configure user/password authentication in one of three ways: database, LDAP, or SSO. Setting SSO aside, we need to implement the same authentication for database and LDAP that we use in our existing logon servlet in our web services. In our servlet we detect which they are configured for and, if database, authenticate the encrypted password to a database table we have for user id/password. If LDAP we use weblogic.servlet.security.ServletAuthentication and the weak() method to authenticate.
    We've to use SOAP headers to communicate username/password from the client to the web service. We want to code a SOAP message handler to grab the username/password and do the authentication there. We've successfully put something together that handles the database authentication no problem and are now struggling with how to handle the LDAP authentication. We distribute a LDAP security provider we've coded for LDAP authentication. I guess what I am looking for is an equivalent functionality provided with weblogic.servlet.security.ServletAuthentication. Note that I realize the weblogic.servlet.security package has been deprecated starting with Weblogic 9.0 but cannot find what functionality replaces it. Any help there would be appreciated as well.
    Note that I am fairly new to web service development (about 10 months now) and definitely new to web service security and Weblogic security. I tried digging into the volumes of documentation out there regarding these two topics but am simply having a difficult time sorting it all out and figuring out how to do what I want to do.
    Thanks in advance!
    Julia

    Hi,
    Add Provider (LDAP Credentials) in Admin console Security Realm --> defaultrealm -->Providers. Configuring Ldap in Admin Console will enable Admin Server to connect to LDAP. All the LDAP preconfigured Users/Groups will be available in Users and Groups Tab of Security Realms >defaultrealm >Users and Groups. Add Roles using Security Realms >defaultrealm > Roles and Policies > Global Roles > Roles. Add Role Conditions to the role by specifying users/groups configured in LDAP. If your webservice runs with SSL Anotate the Webservice file something like this below.
    @RolesAllowed({
    @SecurityRole(role="test")
    @Policy(
    uri="policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml",
    attachToWsdl=true)
    Here the role is Preconfigired role in AdminConsole. Add the following tag in the soapenv:header.
    <soapenv:Header>
    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken>
    <wsse:Username>test</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>
    </soapenv:Header>

  • Axis securing seemingly public web services

    Hi,
    Their may be an obvious answer to this question, but I've done some searching and come up blank so far.
    I am wondering if you can restrict which domains are allowed to access the web services on your axis web application (I am running axis on tomcat).
    It is my understanding that anyone who know the address of a servlet that generates a WSDL file will be able to consume this service. I want to be able to prevent this and only allow my own domain access to web service.
    Any advice would be most appreciated.
    :|

    use HTTP basic authentication? In addition if you don't want the public internet to access it, hide it behind a firewall.

Maybe you are looking for

  • Unable to install Windows 7 on MacBook Pro with Retina

    Hi, After trying to install via Bootcamp, I get this problem: Windows cannot be installed to this disk. This computer's hardware may not support booting to this disk. Ensure that the disk's controller is enabled in the computer's BIOS menu. Any ideas

  • Problem with previews browser and email clients vs DW

    Hey everyone.  I am having an issue with DW.  I wanted to see if I could get some quick help.  I am having a problem with the DW Design looking fine and great on my screen in DW, but when I go to preview in a browser or upload to an Email client, it

  • Any thoughts on new keyboard?

    So what are your thoughts on the new keyboard? Like it? Dislike it? Tell me why. I was wondering this because I want to upgrade from my 12inch 1.33 Powerbook, but I LOVE the keyboard on this thing. The keyboard on the PB is so satisfying to type on -

  • DPS content viewer for custom app

    Our company has a dedicated app built for an ipad which we use to get PDF documents and video's out to our sales staff.  I am wanting to incorporate DPS folios and need to understand what viewer is required for the app to recognise DPS folios?

  • Adding logos to footage - Title ? or direct to timeline ?

    Good morning gentlemen, I've got a good topic for discussion this morning. I've got 2 logos which I wish to add to a series of videos. I'm debating on what is proper technique here. - Do I create a new Title and add both logos (.png) to the title, an