Call a Webservice with SAML securty in PI 7.0

Hi experts,
I need to call a Webservice with SAML security from PI 7.0, Is It possible? or only It is possible with PI 7.1?
Thanks in advance,
Jose Manuel

Hi Jose,
Let me answer your questuion first :
No, using PI 7.0 I dont think its posible..
Below is a brief overview on SAML.
SAML: It stands for Security Assertion Markup Language, it is an XML standard which is used to exchange security information between a service provider and an identity provider.
Why we need it ???
We have a concept called Principal Propagation in PI 7.1, Principal Propagation allows to securely pass the identity of a user from a sender application to a receiver application. There are various adapters and protocols which support the Principal Propagation and one protocol amongst them is the Webservice Reliable Messaging Protocol or WS-RM. Principal Propagation solution for WS-RM protocol is based on SAML and uses the SAML assertions.
There are some video recordings available for configuration and you can view the same as below,
Configure a Trust Relationship between Sender and Integration Server: Exchange sender's digital certificate between sender and Integration Server.
Configure Trusted Issuer: Map user in the Integration Server, and specify issuer. Default issuer is the sender's system ID, default attester is the sender's certificate.
Configure Sender Agreement and Sender Communication Channel: In Integration Directory, select SAML Sender Vouches Assertion as authentication method.
Regards,
Divya

Similar Messages

  • Is it possible to call a webservice with just the url to its WSDL

    hi all
    can anyone tell me if it is possible to call a webservice with just the url to its WSDL file. must we create the proxy class for webservice client? thanks

    if you are in the context of a J2EE 1.4 container, you do not need to generate any stub, you can use either a dynamic proxy mechanism or dynamic invocation.
    check JWSDP tutorial.

  • Calling a webservice with SOAP Receiver

    Hi Guys,
       Im calling web service from XI using SOAP. I could call the webservice using XML Spy, It is working fine.In XML spy I could se the response (variable out , type double).
       When i call the same web service from XI It doesnt give any error in the beginning and later it would convert the same to "Acknowledment contains system errors" in Ack staus(SXMB_MONI). I configured my scenario as Asyn.However there is a response from webservice. Is it mandatory to create a sync scenario in this case? If so I couldnt configure as Im sending an Idoc as a SOAP request.But Response of Webservice is of double type( some integer it returns) So I couldnt map both as it was giving some problems in message mapping.
       I would like to know how XI sends a soap request ? I mean in SXMB_MONI some where it must be there. I wanted to copy the same from XI n paste in XML spy so that i can test whether it would go throgh.
        In plance of that webservice, We created an asp page and configured IIS. I wrote the ASP in such a way that It would read the SOAP request and dump into my default website area. I Could see the SOAP request coming up from XI.When i paste this in XML spy its working fine but not from XI Im wondering what went wrong?
       Appriciate your help.
    Thanks a lot
    Kiran

    Hi Raghavesh,
       My id is [email protected]
    Hi Vijay,
        As Bhavesh said,
             I can handle the response by makign async message interface , I did it but in SOAP adaptor I dont see any option of setting QOS?
            Ya WS is responding So by doing like asyn i can go ahead with that right? Now its throwing error in ask status as :
      <SAP:AdditionalText>com.sap.aii.af.ra.ms.api.MessagingException: SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: Not enough message parts were received for the operation.: com.sap.aii.af.ra.ms.api.RecoverableException: SOAP: response message contains an error XIAdapter/PARSING/ADAPTER.SOAP_EXCEPTION - soap fault: Not enough message parts were received for the operation.</SAP:AdditionalText>
      <SAP:ApplicationFaultMessage namespace

  • Securing webservices with SAML

    Hi everybody,
    I'm trying to protect web services with SAML assertions using AM 7.1, I've alredy try to deploy some tutorials and samples provided by netbeans 6.0, AM7.1 and Java EE SDK, but I'm facing a lot of problems, I also found many contradictions between the tutorials and official Sun documentation and at this point I'm very confused
    It's really possible to implement web services security with SAML using AM 7/7.1 +AppServer 8.1/8.2 in the way Securing Identity Web  Services tutorial/lab (http://www.javapassion.com/handsonlabs/IdentityWebServices/) do it???
    in many tutorials and official Sun documents I found the library amWebServicesProvider.jar that is supposed to be the Sun Java Access Manager Policy Agent 2.2, this library it's supposed to implement the JSR196(Java Authentication Service Provider Interface for Containers), using this library imply modifications to the server.policy and domain.xml files, in order to add support for SOAP and HttpServlet message security providers.
    I've tryed to modify the server.policy in AppServer 8.1/8.2, but I found it's only possible to add support for SOAP message security providers, trying to add HttpServlet mesage security providers makes AppServer crash at the init. How can I add support for HttpServlet message security provider???
    library amWebServicesProvider.jar its supposed to be the Policy Agent 2.2 and its currently bundled with Java EE SDK, but the currrent relese of the Policy Agent 2.2 for SJAS 8.1/8.2 does not includes this library. Does someone know where to download this release of Policy Agent and also at least an installation guide???
    in the AM side, I'm refering to AM ( shall I say "THE HALF AM" ?) bundled with Java EE SDK I found that many agents are created at the installation time, this agents in combination with the library amWebServicesProvider.jar supposly protect the web services, these agents are not common agents, I'm refering to the agents usually we create following the Policy Agent installation guide where we only put agent name, password, a description (optional) and checkbox Device Status to true, the agents created in "THE HALF AM" are created with a lot of aditional properties despite the fact that Sun Java System Access Manager 7.1 Administration Guide(http://docs.sun.com/app/docs/doc/819-4670/gavwo?a=view)
    says that only one property (agentRootURL) is valid and all other properties will be ignored
    my real question is:
    It's really possible_+ to implement web services security with SAML using AM 7/7.1 +AppServer 8.1/8.2, I mean, using REAL TECHNOLOGIES+_, in the way Securing Identity Web  Services tutorial/lab (http://www.javapassion.com/handsonlabs/IdentityWebServices/) do it???
    Any help is aprecciated
    regards

    Hi,
    I have installed Glashfish 9.1 and NetBeans 6.0 seperately on Windows XP, and want to configure the Access Manager 7.1 and Policy Agent 2.2 to run the Blue Prints for Secured WebServices.
    If I install the Access Manager from jdk15 version of AccessManager7_1RTM from Sun site, AM gets installed properly, but StockQuoteService blueprint not deployed properly (throws exceptions even after configuring the amWebServicesProvider.jar and amclientsdk.jar manually). But the AM documentation refers to the installation for Solaris not for Windows platform. I am not sure my configuration of amWebServicesProvider.jar is valid or not.
    I ran the blueprint StockQuoteService and StockQuoteClient successfully with all the variations of WSSecurities when I installed using the "java-tools-bundle-update3-beta-windows.exe" application which installs all the Glashfish, NetBeans, AM, OpenESB, Portal etc and configures automatically after installation and Start of Glasfish server.
    I have even tried to install the AM and configure from the "access_manager-7_1-p1-ea-b5" download installer, but it throws "ClassNotFoundException: com.sun.identity.setup.AMSetupFilter" exception when i deployed the amserver.war file.
    My requirement is, to run the AccessManager and have secured WebServices working properly when installed individually the Glashfish, AccessManager etc.
    Can anyone point me where i get the AccessManager 7.1 for Windows XP, and integrate with Glashfish 9.1, and able to run the blueprints StockQuoteService and StockQuoteClient with SAML and LibertyBeareToken security pofiles.
    Thanks in advance for the help,
    krishna

  • How To call java WebService with flex.

    Hi Friends
                         can any body guide me how to use webservices that call java at server side.i have experience of http service dont know how to call the webservices.please give me a basic demo on both side(java and flex).i am using eclipse ide for java and flex.
    Thanks in advance
       Vineet osho

    The ADF Mobile Container Utilities API may be used from JavaScript or Java.
    Application Container APIs - 11g Release 2 (11.1.2.4.0)

  • Invalid request when calling REST-webservice with UTL_HTTP.

    Hello,
    When i try to send some data to a REST-webservice i get as response "INVALID REQUEST"
    I Think it is about the request-body that seems to be no UTF-8.
    I tried to set the characterset with utl_http.set_body_charset(t_http_req, 'UTF-8').
    But when i read the characterset with utl_http.get_body_charset(t_charset);, is still get "ISO-8859-1"
    I am using: Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product
    Some help would realy be appreciated because i am out of options trying to get the code working..
    ======MY CODE==========
    create or replace procedure ipm40_send_bekendmaking(p_bdmg_id in number)
    as
    r_bekendmaking ipm40_bekendmakingen%rowtype;
    r_gemeente ipm40_gemeenten%rowtype;
    l_url httpuritype;
    t_http_req utl_http.req;
    t_http_resp utl_http.resp;
    t_request_body varchar2(32767);
    t_respond varchar2(32767);
    -- t_teller integer := 1;
    -- t_output varchar2(2000);
    t_start number := 1;
    t_body_lengte number;
    t_chunkdata varchar2(4000);
    t_tijd_1 varchar2(256);
    t_tijd_2 varchar2(256);
    t_timeout integer;
    t_length number;
    t_charset varchar2(256);
    begin
    select *
    into r_bekendmaking
    from ipm40_bekendmakingen
    where id = p_bdmg_id;
    select *
    into r_gemeente
    from ipm40_gemeenten
    where gmte_code = r_bekendmaking.gmte_code;
    l_url := httpuritype.createuri('http://zwolle.stadsbeheer.com:82/apex/ipm40bekendmaking?p_bdmg_id='||r_bekendmaking.id);
    t_request_body := l_url.getClob();
    /* request that exceptions are raised for error Status Codes */
    --Utl_Http.Set_Response_Error_Check ( enable => true );
    /* allow testing for exceptions like Utl_Http.Http_Server_Error */
    --Utl_Http.Set_Detailed_Excp_Support ( enable => true );
    utl_http.set_transfer_timeout(300);
    t_http_req:= utl_http.begin_request( r_gemeente.url_webservice_bekendmakingen
    , 'POST'
    , 'HTTP/1.1');
    utl_http.set_body_charset(t_http_req, 'UTF-8');
    utl_http.get_body_charset(t_charset);
    utl_http.set_authentication(t_http_req,r_gemeente.user_webservice_bekendmakingen,r_gemeente.pw_webservice_bekendmakingen);
    t_length := length(t_request_body);
    utl_http.set_header(t_http_req, 'Content-Type', 'application/xml charset=UTF-8');
    utl_http.set_header(t_http_req, 'Content-Length', t_length);
    utl_http.set_header(t_http_req, 'Transfer-Encoding', 'chunked' ); --
    t_body_lengte := dbms_lob.getlength(t_request_body);
    loop
    t_chunkdata := dbms_lob.substr(t_request_body, 2000, t_start);
    utl_http.write_text ( t_http_req, t_chunkdata );
    t_start := t_start + 2000;
    if t_start > t_body_lengte
    then
    exit;
    end if;
    end loop;
    t_http_resp:= utl_http.get_response(t_http_req);
    utl_http.read_text(t_http_resp, t_respond);
    utl_http.end_response(t_http_resp);
    if instr(t_respond,'Successfully document processed') != 0
    then
    update ipm40_bekendmakingen
    set ind_status = 'S'
    , datum_verzonden = sysdate
    , response = t_respond
    where id = r_bekendmaking.id;
    else
    update ipm40_bekendmakingen
    set ind_status = 'F'
    , datum_verzonden = null
    , response = t_respond
    where id = r_bekendmaking.id ;
    end if;
    commit;
    exception
    when others
    then
    t_tijd_2 := to_char(sysdate,'HH24:MI:SS');
    t_respond := substr(sqlerrm,1,2000);
    update ipm40_bekendmakingen
    set ind_status = 'F'
    , datum_verzonden = null
    , response = t_respond
    where id = r_bekendmaking.id ;
    commit;
    end;
    ===THE RESPOND=============
    <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
    <HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
    <TITLE>ERROR: The requested URL could not be retrieved</TITLE>
    <STYLE type="text/css"><!--BODY{background-color:#ffffff;font-family:verdana,sans-serif}PRE{font-family:sans-serif}--></STYLE>
    </HEAD><BODY>
    <H1>ERROR</H1>
    <H2>The requested URL could not be retrieved</H2>
    <HR noshade size="1px">
    <P>
    While trying to process the request:
    <PRE>
    POST /pushxml/pushxml-bm HTTP/1.0
    Authorization: Basic Ymtfc21hcnRob2xkaW5nOllyZXMzdlFR
    Content-Type: application/xml charset=UTF-8
    Content-Length: 2096
    Transfer-Encoding: chunked
    Connection: close
    </PRE>
    <P>
    The following error was encountered:
    <UL>
    <LI>
    <STRONG>
    Invalid Request
    </STRONG>
    </UL>
    <P>
    Some aspect of the HTTP Request is invalid. Possible problems:
    <UL>
    <LI>Missing or unknown request method
    <LI>Missing URL
    <LI>Missing HTTP Identifier (HTTP/1.0)
    <LI>Request is too large
    <LI>Content-Length missing for POST or PUT requests
    <LI>Illegal character in hostname; underscores are not allowed
    </UL>
    <P>Your cache administrator is [email protected].
    <BR clear="all">
    <HR noshade size="1px">
    <ADDRESS>
    Generated Fri, 12 Aug 2011 17:33:24 GMT by asd2cc001.asp4all.nl (squid)
    </ADDRESS>
    </BODY></HTML>

    Always check the access_log and error_log files of the Apache web server in such a case. This will identify whether the error comes from Apache itself, mod_plsql, the Apex run-time engine, or the Oracle database.
    I see that you're creating a HTTP/1.1 in PL/SQL - however, the web server response indicates a HTTP/1.0 call was received. Unusual. And could be part of the problem.

  • Call ABAP WebService with Elips Studio /Flex

    Hi everybody,
    Does somebody has experience with Elips Studio for Flex? I can't find much about it..
    I would lik to call my SAP Webservices into my Elips project. (I know it's not the same as a regular Flex project, there are some differents...)
    Can somebody help me out with this?
    Tanks a lot guru's! Really appriciate it!

    He is not asking about Eclipse
    its Elips
    http://www.openplug.com/products/elips-studio
    consuming Elips is similar to flex.
    check this out
    http://developer.openplug.com/about/blog/180-elips-studio-helps-mashing-up-the-web-20-on-smartphones

  • How to develop a webservice with SAML on Weblogic 8.1

    I will develop some webservices on Weblogic 8.1. On the security part, we will
    use SAML. Is there somebody who can tell me how to do it? Do I need third party
    product? And where I can find samples?
    Thanks.
    Jian

    I will develop some webservices on Weblogic 8.1. On the security part,
    we will use SAML. Is there somebody who can tell me how to do it? Do I
    need third party product? And where I can find samples?Currently, we don't offer any support for SAML in WLS -- so you would
    have to use a third party product. Depending on how you want to use it,
    you may be able to use a third party product to create a handler for your
    service or client.
    However, if you want to use the handler in the server to set the subject
    for the invoke, the handler architecture will prevent you from doing
    this -- the API you use to set the user
    (weblogic.security.service.SecurityManager.runAs() -- see
    http://edocs.bea.com/wls/docs81/javadocs/weblogic/security/service/SecurityManager.html)
    cannot be successfully used in handler methods. If you wish to do this,
    I'm afraid the only way we have to support this is to use a servlet filter.
    -Pete

  • How to call a webservice with SOAP Binding Style RPC

    Hi Guys,
    I'm pretty new to the LiveCycle ES product and I'm trying to call a web service that is of SOAP binding style 'RPC'. After some research I found out that Adobe LC ES only support WSDL files of doc/literal type.
    My question is, is there a workaround for calling RPC style web services? can RPC style web services be converted into doc/literal type?
    Any information regarding this would be greatly appreciated.
    Kazz.

    Hello,
    I had the same problem and I've regenerated my WSDL ( Apache Axis ) with docu/litteral parameters.
    I think it's the only way...
    thomas

  • Database call out webservices with JDeveloper - help

    Hi all,
    I am using JDeveloper 10.1.3.0 to generate java proxies for web services and deploy them to my Oracle 10g Enterprise Edition database.
    I am able to create the proxy and test the web service, it works fine. When I create a deployment profile and deploy, everything succeeds, I am able to see the PL/SQL wrapper function in the database. However, when I execute the function, I get an error class name <my java classname> not found. This is a case when I execute a web service that runs on our server and requires authentication. I have provided the authentication in the setUsername and setPassword methods of the java proxy.
    When I try to do the same with a stock quote web service, I do not get an error, but there is no output either. It returns nothing.
    Is this an issue because of the jdk version problem? My database jvm is jdk1.4 compliant and the JDeveloper is 1.5 compliant. But I think there is somehting very basic that I am missing. Can experts please help me with this, I have been struggling for long!
    Thank you very much. Any help is greatly appreciated.
    Regards,
    Nithya

    I have still not figured this one out. Any help please?
    Regards,
    Nithya

  • Calling the webservice with request xml

    Hi all
    I have table with the fields Requestxml and the url to which Requestxml needs to be submitted.how can dynamically submit the requestxml to the corresponding url
    can any one tell me the approach how can i achieve the above scenario
    i am using jdev 11.1.1.5.0
    Thanks in advance
    Edited by: 926968 on May 4, 2012 2:08 AM

    Hi,
    in HTML the form action element determines where a form field is submitted to. So in your case I would probably try using a managed bean to send the request from Java.
    Frank

  • Re-coding calls to webservices from 6.1 to 7.0

    I have several web services that were coded in WL 6.1 that leverage the weblogic.soap.*
    classes.
    WL 7.0 does not have these classes and I have only been able to find two new classes:
    weblogic.webservice.client and weblogic.webservice.encoding that do not appear
    to offer the same functionality.
    Does anyone have any experience calling external webservices with 7.0?

    [att1.html]

  • InfoPath unable to call OOTB webservices in a SAML claims web application

    We have InfoPath Path forms with Nintex workflows that we are planning to move to SharePoint 2013. The SharePoint 2013 web app is using SAML claims , ping federate is the identity provider.
    We are unable to make a call from InfoPath to the OOTB webservices. We tried using the Secure store and UDCX file but that also does not seem to work with SAML based claims. Has anyone come across this scenario who can suggest an alternate solution?

    Hi Supriya,
    From the link below, InfoPath forms service does not work with SAML authentication.
    Features that do not work with forms-based authentication or SAML security tokens:
    http://technet.microsoft.com/en-us/library/hh706161(v=office.14).aspx
    There is no dedicated clarify for SharePoint 2013. However, I found some threads that also reports that InfoPath form won't work with claim-based except NTLM claim, such as:
    http://social.msdn.microsoft.com/Forums/sqlserver/en-US/707b0a7b-8a2c-4b5c-b7f3-a3ba928a8d07/do-infopath-soap-calls-work-in-a-saml-environment?forum=sharepointdevelopmentlegacy
    Regards,
    Rebecca Tu
    TechNet Community Support

  • OSB calling BPM with SAML

    Hi all
    I have a composite service in my PBM server which has security WS-Policy forcing a SAML token to be passed together with the request (oracle/wss10_saml_token_with_message_protection_service_policy - method should be sender-vouches).
    In OSB, when I try to create my business service pointing to the WSDL with SAML, I receive this error (environment is 11g):
    *[OSB Kernel:398133]WSSP 1.2 policy assertions (Web Services Security Policy 1.2) are not allowed on this service*
    So what is the right way to make an OSB call to a BPEL/BPM SAML-protected service? Do i need to install OWSM on the same server as OSB and use the same policies?
    When I tested OSB proxy service calling a another OSB PS protected with SAML, I was able to add to the SAML WSDL this policy and it worked fine.
    +<wsp:Policy+
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wssp="http://www.bea.com/wls90/security/policy"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part"
    wsu:Id="SAMLSenderVouches">
    +<wssp:Identity>+
    +<wssp:SupportedTokens>+
    +<wssp:SecurityToken+
    TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile-1.0#SAMLAssertionID">
    +<wssp:Claims>+
    +<wssp:ConfirmationMethod>sender-vouches</wssp:ConfirmationMethod>+
    +</wssp:Claims>+
    +</wssp:SecurityToken>+
    +</wssp:SupportedTokens>+
    +</wssp:Identity>+
    +</wsp:Policy>+
    But on BPEL/BPM side, I have only a pre-defined set of policies and no matter what I chose I can't create my Business service based on that.
    Please, need some advice here.
    Regards
    Giovani

    Hi all
    I have a composite service in my PBM server which has security WS-Policy forcing a SAML token to be passed together with the request (oracle/wss10_saml_token_with_message_protection_service_policy - method should be sender-vouches).
    In OSB, when I try to create my business service pointing to the WSDL with SAML, I receive this error (environment is 11g):
    *[OSB Kernel:398133]WSSP 1.2 policy assertions (Web Services Security Policy 1.2) are not allowed on this service*
    So what is the right way to make an OSB call to a BPEL/BPM SAML-protected service? Do i need to install OWSM on the same server as OSB and use the same policies?
    When I tested OSB proxy service calling a another OSB PS protected with SAML, I was able to add to the SAML WSDL this policy and it worked fine.
    +<wsp:Policy+
    xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
    xmlns:wssp="http://www.bea.com/wls90/security/policy"
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    xmlns:wls="http://www.bea.com/wls90/security/policy/wsee#part"
    wsu:Id="SAMLSenderVouches">
    +<wssp:Identity>+
    +<wssp:SupportedTokens>+
    +<wssp:SecurityToken+
    TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile-1.0#SAMLAssertionID">
    +<wssp:Claims>+
    +<wssp:ConfirmationMethod>sender-vouches</wssp:ConfirmationMethod>+
    +</wssp:Claims>+
    +</wssp:SecurityToken>+
    +</wssp:SupportedTokens>+
    +</wssp:Identity>+
    +</wsp:Policy>+
    But on BPEL/BPM side, I have only a pre-defined set of policies and no matter what I chose I can't create my Business service based on that.
    Please, need some advice here.
    Regards
    Giovani

  • Call Webservice with XI SOAP Adapter

    Hi there,
    I can't find sufficient information in the other posting about my scenario therefore I start a new again about XI and webservice.
    These parts are working:
    file adapter to XI and the SOAP Adapter is calling the Webservice (in the logfile I see the request from the XI)
    These parts aren't working:
    the response from the webservice
    Now my question:
    Is it necessarily to create a new Message Interface with communication channel from the webservice to XI or is it sufficient with an synchrony Message Interface and can I take a look of the response in the XI_Monitor.
    Where I can find information about an similarly scenario?
    THX for helping comments
    Kind Regards Johann

    Hi Johann,
             As others have adviced you dont need a seperate communication channel for the response message. Declaring your message interface as synch is enough.
    Also can you check <b>SXMB_MONI</b> for the request and the response messages. Just use transaction SXMB_MONI. and see if you get checked flags(successfull) or a red flag (error) for your messages.
    But Could you pls tell me if your are using the BPM for your scenario?? 
    If you are not getting response from the web service it could aalso be that the WEB Service is not working properly.
    First try to access the web link for the website using IE.
    Pls read the following for your reference:
    <b>In the SENDER SOAP ADAPTER, you will need to put the URL provided by the company and the SOAP ACTION to invoke a particular WEB METHOD. You will also need to provide URL Authorization, Proxy settings.
    make sure you are using the right SOAP ACTION.</b>
    Hope this helps or revert back.
    Regards,
    Ashish

Maybe you are looking for