Custom WS-Policy Files in Console Service Endpoint Polices List

Similar Messages

• Osb 10gR3 - Active Intermediary proxy with custom WS-Policy files

  I'm setting up an Active Intermediary proxy, and the Security option on the proxy to "Process WS-Security header" is only usable when Custom Policy Bindings are assigned to the proxy. But I don't want to use the default Oracle policies.
  The "Select WS-Policy" popup within OSB only shows entries under the Predefined Policy tab. Yet I have custom WS-Policy files which have been imported into OSB.
  So what's the trick?

  Hi,
  Below are the steps followed
  - OSB Proxy service has 'oracle/wss_username_token_service_policy' attached to it.
  - Iam invoking this from BPEL. BPEL process has 'oracle/wss_username_token_client_policy' attached.
  - I can invoke the osb proxy from bpel by passing credentials - No Issues.
  Now I need to put some authorization restriction to the proxy service, so only specific users can access that.
  -I used Role=Admin as a policy condition restriction under security in Proxy service.
  -Then I went to proxy test console and I added the 'oracle/wss_username_token_client_policy' credentials and weblogic/xxxxx at Transport section and I was able to invoke the process. Here weblogic has a Admin Role.
  -I cannot invoke the same proxy service from BPEL in Jdeveloper now.
  All Iam trying to do is to protect my proxy by authrorization policy.
  Thanks
  Jagan.

• Unable to find the policy file with 12C, with old version 10.3.4 works fine

  Hi !
  Iam using 12 C(12.1.1.0) and when i deploy the app, iam getting below error. I have this policy file under %WL_HOME%\common\lib\policies. And this setting works fine with 10.3.4.
  Unable to find policy: "abc.xml", please make sure to use dynamic wsdl when initializing the service stub
       at weblogic.wsee.policy.runtime.PolicyServer.loadPolicy(PolicyServer.java:183)
       at weblogic.wsee.policy.runtime.PolicyServer.getPolicy(PolicyServer.java:118)
       at weblogic.wsee.policy.deployment.PolicyRef.getPolicy(PolicyRef.java:207)
       at weblogic.wsee.policy.deployment.PolicyReferenceWsdlExtension.getEffectivePolicy(PolicyReferenceWsdlExtension.java:125)
       at weblogic.wsee.policy.deployment.WsdlPolicySubject.getEffectivePolicyFromWsdlExtensible(WsdlPolicySubject.java:485)
       Truncated. see log file for complete stacktrace
  Regards
  Edited by: user13649523 on Mar 19, 2012 11:01 AM

  Hi !
  Iam using 12 C(12.1.1.0) and when i deploy the app, iam getting below error. I have this policy file under %WL_HOME%\common\lib\policies. And this setting works fine with 10.3.4.
  Unable to find policy: "abc.xml", please make sure to use dynamic wsdl when initializing the service stub
       at weblogic.wsee.policy.runtime.PolicyServer.loadPolicy(PolicyServer.java:183)
       at weblogic.wsee.policy.runtime.PolicyServer.getPolicy(PolicyServer.java:118)
       at weblogic.wsee.policy.deployment.PolicyRef.getPolicy(PolicyRef.java:207)
       at weblogic.wsee.policy.deployment.PolicyReferenceWsdlExtension.getEffectivePolicy(PolicyReferenceWsdlExtension.java:125)
       at weblogic.wsee.policy.deployment.WsdlPolicySubject.getEffectivePolicyFromWsdlExtensible(WsdlPolicySubject.java:485)
       Truncated. see log file for complete stacktrace
  Regards
  Edited by: user13649523 on Mar 19, 2012 11:01 AM

• How to configure service endpoints of custom webservice in SharePoint 2013?

  Hi,
  I have created a custom webservice in SharePoint 2013. I placed it in a sub folder under the ISAPI folder. I followed the instructions of this article: http://msdn.microsoft.com/en-us/library/office/ff521581(v=office.14).aspx. The webservice works
  great, however when I try to send a large file I get the message "413 Request entity is too large".
  After some searching I found out that you can create a web.config in the subfolder and define the endpoints and bindings, after which I get an error that there is already an endpoint defined for the specified URI. I believe this has something to do with
  the BasicHttpBindingServiceMetadataExchangeEndpointAttribute but I'm not sure.
  Can anyone help me solve this issue?
  Regards,
  Sander

  Hi,
  According to your post, my understanding is that you want to configure service endpoints of custom webservice in SharePoint 2013.
  Per my knowleadge, after you add a reference to Microsoft.SharePoint.Client.ServerRuntime, you can use the BasicHttpBindingServiceMetadataExchangeEndpointAttribute.
  In VS  go to the add reference and paste the following: C:\Windows\assembly\GAC_MSIL\Microsoft.SharePoint.Client.ServerRuntime.
  In addition, please make sure you create the custom web service correctly.
  For more information, you can refer to:
  SharePoint 2013: Create a Custom WCF REST Service Hosted in SharePoint and Deployed
  in a WSP
  How to create Custom Web Service WCF (REST) in SharePoint 2013
    Adding custom WCF services to a SharePoint 2013 farm solution using Visual Studio 2012
  "BasicHttpBindingServiceMetadataExchangeEndpointAttribute" could not be found
  Best Regards,
  Linda Li
  Linda Li
  TechNet Community Support

• ClassNotFoundException with Custom OWSM Policy in Oracle Service Bus

  Hi All,
  I have a situation where I have created a custom web service manager policy. When I attach this policy to an Oracle Service Bus Proxy Service and invoke the service I get a ClassNotFoundError
  Caused By: java.lang.ClassNotFoundException: au.com.MyClass
  at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
  at java.security.AccessController.doPrivileged(Native Method)
  at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
  at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
  at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
  at oracle.wsm.policy.util.Loader.loadClass(Loader.java:369)
  at oracle.wsm.policy.util.Loader.loadClass(Loader.java:389)
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.populateAssertionExecutors(WSPolicyRuntimeExecutor.java:238)
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.populateAssertionExecutors(WSPolicyRuntimeExecutor.java:279)
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.init(WSPolicyRuntimeExecutor.java:162)
  at oracle.wsm.policyengine.impl.PolicyExecutionEngine.getPolicyExecutor(PolicyExecutionEngine.java:137)
  at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:101)
  at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:937)
  at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:454)
  at oracle.wsm.agent.handler.WSMEngineInvoker.handleRequest(WSMEngineInvoker.java:366)
  at com.bea.wli.sb.security.wss.wsm.WsmInboundHandler.processRequest(WsmInboundHandler.java:150)
  at com.bea.wli.sb.security.wss.WssHandlerImpl.doInboundRequest(WssHandlerImpl.java:223)
  at com.bea.wli.sb.context.BindingLayerImpl.addRequest(BindingLayerImpl.java:289)
  at com.bea.wli.sb.pipeline.MessageProcessor.processRequest(MessageProcessor.java:87)
  at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:593)
  at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:591)
  The jar file is in the user_projects/domains/mydomain/lib directory.
  Attaching the policy to BPEL services has no issue and the policy is invoked successfully.
  I am unable to determine why the OSB would behave differently in this regard, or what I need to configure differently in order to have it found by the class loaders for the OSB.
  Any help or suggestions appreciated.
  I am using 11.1.1.4.0
  The jar file has the necessary policy_config.xml file and the META-INF/mylabel/mypolicy.xml files in situ. As I said, it is working in the soa_server but not the OSB.

  Have you restarted servers after putting jar in $Domain_Home/lib directory? Also try after explicitly adding this jar in classpath by editing server startup script (startManagedWeblogic.cmd or .sh) or in domain env setting script (setDonainEnv.cmd or .sh) and restarting the servers.
  Regards,
  Anuj
  Edited by: Anuj Dwivedi on Mar 21, 2011 1:10 PM

• Custom WS Policy with Service account in OSB while invoking a https service

  Hi,
  I need your help on one of my issue in invoking an https service from OSB. I read through various posting and tried the below steps in this forum
  -Added the certificate for the https site to soa domain
  -Registered the https webservice as a Business service
  -Registerd a proxy service on top of this Business service
  -In the service call out on Proxy service I did a replace operation on the entire soap header with the below string
  <soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
       <wsse:UsernameToken wsu:Id="UsernameToken-4" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:Username>sysuser@yahoo</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">ABIHAIKLPLKLPMLERLER</wsse:Password>
       </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>
  -After doing all the above steps my call out worked from the test console, If you see closely the userid(sysuser@yahoo) and password(ABIHAIKLPLKLPMLERLER) is hard coded here.
  I need a way to mask the credentials and have the user pass them when they invoke the proxy service. I read through some posting and it was listed that we can create a custom policy and attach that custom policy to the Business service. But my problem here is the userid has an extra char @, so I wasn't able to create the user account with those credentials in OSB, but I was able to create the userid and password using a service account. Iam not sure how I can use this service account along with the custom policy.
  Can you please provide me a suitable approach, which will solve my issue. I appreciate your time and help
  Thanks
  Jagan.

  Hi,
  Below are the steps followed
  - OSB Proxy service has 'oracle/wss_username_token_service_policy' attached to it.
  - Iam invoking this from BPEL. BPEL process has 'oracle/wss_username_token_client_policy' attached.
  - I can invoke the osb proxy from bpel by passing credentials - No Issues.
  Now I need to put some authorization restriction to the proxy service, so only specific users can access that.
  -I used Role=Admin as a policy condition restriction under security in Proxy service.
  -Then I went to proxy test console and I added the 'oracle/wss_username_token_client_policy' credentials and weblogic/xxxxx at Transport section and I was able to invoke the process. Here weblogic has a Admin Role.
  -I cannot invoke the same proxy service from BPEL in Jdeveloper now.
  All Iam trying to do is to protect my proxy by authrorization policy.
  Thanks
  Jagan.

• How to create a custom java client Security Policy File?

  I have a stand-alone java client which invokes a .NET WSE 3.0 enabled web service. The web service SOAP header requires username token to be passed from my java client.
  Could some one kindly provide a sample of a client-side Security Policy File?
  Your help is very much appreciated.
  Mike

  This is still a workaround...
  But if you put checks on all your forms to see if the user has accepted the terms (assumes there is an attribute tracking this) then you can redirect the user to the terms/conditions forms. Still not spoof-proof, but it would be bookmark proof. (and a pain if you have too many forms)

• How to define Migration Definition File in Shared Services Console

  Hi expert,
  I have seen the document and it says that user can define Migration Definition File in Shared Services Console. How to do it? Can you show me the steps? Thanks.
  Best Regards
  Rick

  Hi Rick,
  I think what you are referring to is the "Save Migration Definition" button in LCM within the Shared Services web.
  Basically, any thing that you do within Shared Services LCM utility (GUI) can be saved to .xml file for reusing the migration properties another time.
  See this post for more information
  http://www.in2hyperion.com/websites/in2hyperionblog/post/2011/03/20/Learning-Life-Cycle-Management-%28LCM%29-Command-Line-Security-Synchronization.aspx
  Thanks
  Nick

• Error encountered while polling the resource for the service endpoint

  Hello everyone
  I'm a newbie on OSB world. Yesterday, I've tried to test OSB with FTP transport and got some problems.
  As you see in the title, I've search this forum to get a solution already, but I couldn't find anything. So that I create a new thread.
  I created a new OSB project, create a new Proxy service to connect to my FTP server:
  - service type: messaging service
  - request message type: Text, response message type: None
  - FTP transport: external user (I used a Service account), Post read action: archive, transfer mode: ascii, some directories needed were created in /tmp directory
  - Message flow: Start node -> pipeline pairs
  in request pipeline of pipeline pairs node: i created a new stage: Assign action -> Log (to get file contents, error severity) -> Assign -> Log (get file name)
  The expected results are: file file content and file name (display in osb console) after I submit a text file to ftp server (using test console or ftp client)
  But, some error occur continuously after I submit a text file (I can get the file content because error raise and log catch it). The error message is show below:
  <Jun 6, 2011 10:04:59 AM EDT> <Error> <ALSB Logging> <BEA-000000> < [PipelinePairNode1, PipelinePairNode1_request, show_text_info, REQUEST] file contents: li
  ag
  a
  glakjgk
  >
  <Jun 6, 2011 10:05:30 AM EDT> <Error> <WliSbTransports> <BEA-381602> <Error encountered while polling the resource for the service endpoint ProxyService$FTPTestProject$ProxyServices$FTPTestPS: *javax.naming.NameNotFoundException:* While trying to lookup *'wlsb.internal.transport.task.queue.ftp'* *didn't find subcontext 'wlsb'. Resolved ''; remaining name 'wlsb/internal/transport/task/queue/ftp'*
  *javax.naming.NameNotFoundException: While trying to lookup 'wlsb.internal.transport.task.queue.ftp' didn't find subcontext 'wlsb'. Resolved ''; remaining name 'wlsb/internal/transport/task/queue/ftp'*
       at weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1139)
       at weblogic.jndi.internal.BasicNamingNode.lookupHere(BasicNamingNode.java:247)
       at weblogic.jndi.internal.ServerNamingNode.lookupHere(ServerNamingNode.java:182)
       at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:206)
       at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:254)
       Truncated. see log file for complete stacktrace
  >
  <Jun 6, 2011 10:06:30 AM EDT> <Error> <WliSbTransports> <BEA-381602> <Error encountered while polling the resource for the service endpoint ProxyService$FTPTestProject$ProxyServices$FTPTestPS: javax.naming.NameNotFoundException: While trying to lookup 'wlsb.internal.transport.task.queue.ftp' didn't find subcontext 'wlsb'. Resolved ''; remaining name 'wlsb/internal/transport/task/queue/ftp'
  javax.naming.NameNotFoundException: While trying to lookup 'wlsb.internal.transport.task.queue.ftp' didn't find subcontext 'wlsb'. Resolved ''; remaining name 'wlsb/internal/transport/task/queue/ftp'
       at weblogic.jndi.internal.BasicNamingNode.newNameNotFoundException(BasicNamingNode.java:1139)
       at weblogic.jndi.internal.BasicNamingNode.lookupHere(BasicNamingNode.java:247)
       at weblogic.jndi.internal.ServerNamingNode.lookupHere(ServerNamingNode.java:182)
       at weblogic.jndi.internal.BasicNamingNode.lookup(BasicNamingNode.java:206)
       at weblogic.jndi.internal.WLEventContextImpl.lookup(WLEventContextImpl.java:254)
       Truncated. see log file for complete stacktrace
  >
  ...There are many BEA-381602 errors that occur continuously.
  My question is how to solve this problem.
  Any suggestion is appreciated.
  Thank in advance.
  Regards, CuongPT
  Edited by: Doubt_Man on Jun 6, 2011 11:17 AM

  Thank atheek1, I remember that I didnt do any manual configuration on my domain :). I use that domain for testing so that I will create a new domain for comparison.

• Distributing software with unlimited strength JCE policy files

  I'm about to release some software that uses AES 256-bit encryption. I had to download the "Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6" to do this level of encryption. I'd like to distribute my software with a bundled version of the JRE that includes these policy files. The software will be available to download from the Internet for those who pay for the service. Placing it on the Internet is technically an export because it's available to anyone in the world.
  I've talked to the Bureau of Industry and Security and they said I need to file for a classification number (ECCN). Is this necessary if I'm using Sun's software? The JCE has already been through the export approval process so it would make sense if just including it in my software required nothing. I haven't been able to find any information about what to do legally if using the unlimited strength policy files. What laws do I need to know about or comply with to do this? Also, are there any legal ramifications of including the JRE with my software? I'm using a custom jre launcher that lets me bundle whatever jre I want with my software, so I assume it's a common practice, but I'm not sure.
  Any help would be appreciated.

  I posted this question on other sites as well, but never heard any good answers.
  I've had to do some research and I've heard a few different things, but this is what I've learned:
  Software being exported (putting on the Internet is an export) that contains symmetric encryption above 64-bit requires filling out a BIS-748P form. I had to first of all request a PIN and CIN (company id number) from the BIS so that I can access their SNAP-R system which is where you fill out and submit all the paper work (including the BIS-748P) online. I haven't filled that out yet, but once you do they will review your software and classify it with an ECCN number and depending on what if falls under they will require you to obtain a license or license exception. For what I'm doing (and what most probably need this for), a license is not needed. It's simply classified as a type of encryption software and they know who you are and what you're doing with it.
  Until this is filed, the software is under a certain statute as to what you can do with it and there's a lot of legalities behind this entire process that I don't fully understand, but I think filling this paperwork out and talking to those who receive it is a good place to start.
  I'm not a lawyer by any means and I could be missing some details, but this is what I understand about the process. If you learn anything else (or find some of this to be untrue), let me know.

• Custom Eviction Policy

  Hello,
  I am storing a few Maps into Coherence - each map might have a few hundred entries. The problem i have at this point is with the eviction policies. If i set the high units on the front map of a near cache to be 100 - it never works. It sees 1 entry per map.
  I created a custom eviction policy where it will remove items from my map when the size of the map reaches the high units of that particular near cache. The problem is that this item is no longer present in the front or back map.
  Is there a way to create a custom eviction policy where i can evict entries out of the front map but not the back map?
  Thanks

  When i put my maps into tangosol i just do:
  NamedCache mCache = CacheFactory.getCache(cacheName);
  mCache.put(cacheKey, deepCopy(cacheObj));
  where cacheObject is a Map and i make a deep copy of that map for thread safety.
  The map contains over 100 entries.
  Here is my cache config file:
            <cache-mapping>
                 <cache-name>CouponCache</cache-name>
                 <scheme-name>content-near-with-eviction</scheme-name>
            </cache-mapping>
            <!--
                 Near caching scheme for all Content Caches
            -->
            <near-scheme>
                 <scheme-name>content-near-with-eviction</scheme-name>
                 <front-scheme>
                      <local-scheme>
                           <scheme-ref>default-front-eviction</scheme-ref>
                      </local-scheme>
                 </front-scheme>
                 <back-scheme>
                      <distributed-scheme>
                           <backing-map-scheme>
                                <local-scheme>
                                     <scheme-ref>default-back-eviction</scheme-ref>
                                </local-scheme>
                           </backing-map-scheme>
                      </distributed-scheme>
                 </back-scheme>
                 <!--
                      Specifies the strategy used keep the front-tier in-sync with the back-tier
                 -->
                 <invalidation-strategy>present</invalidation-strategy>
                 <!--
                      It specifies whether or not the cache services associated with this cache scheme should be automatically started at a cluster node.
                 -->
                 <autostart>true</autostart>
            </near-scheme>
            <!--
                 Default front cache eviction policy scheme.
            -->
            <local-scheme>
                 <scheme-name>default-front-eviction</scheme-name>
                 <!--
                      Least Frequently Used eviction policy chooses which
                      entries to evict based on how often they are being
                      accessed, evicting those that are accessed least
                      frequently first. (LFU)
                      Least Recently Used eviction policy chooses which
                      entries to evict based on how recently they were
                      last accessed, evicting those that were not accessed
                      the for the longest period first. (LRU)
                      Hybrid eviction policy chooses which entries
                      to evict based the combination (weighted score)
                      of how often and recently they were accessed,
                      evicting those that are accessed least frequently
                      and were not accessed for the longest period first. (HYBRID)
                 -->
                 <eviction-policy>
                      <class-scheme>
                           <class-name>com.att.uma.cache.eviction.MyEvictionPolicy</class-name>
                      </class-scheme>
                 </eviction-policy>
                 <eviction-policy>LRU</eviction-policy>
                 <!--
                      Used to limit the size of the cache.
                      Contains the maximum number of units
                      that can be placed in the cache before
                      pruning occurs.
                 -->               
                 <high-units>100</high-units>     
                 <expiry-delay>12h</expiry-delay>
            </local-scheme>
  I did not list all of the methods specified by the interface - as they are irrelevant to my issue.
  Here is my eviction class:
  public class MyEvictionPolicy extends AbstractMapListener implements EvictionPolicy
       private final static Log log = LogFactory.getLog(DefaultUnitCalculator.class);
       LocalCache m_cache = null;
       public MyEvictionPolicy() {}
       public void requestEviction(int cMaximum)
            int cCurrent = m_cache.getHighUnits();
            if(log.isDebugEnabled())
                 log.debug("* requestEviction: current:" + cCurrent + " to:" + cMaximum);
            // eviction policy calculations
            Iterator iter1 = m_cache.entrySet().iterator();
            while(iter1.hasNext())
                 Entry entry = (Entry) iter1.next();
                 if (cCurrent > cMaximum)
                      if((entry.getValue() instanceof Map))
                           Map map = (Map) deepCopy(entry.getValue());
                           Iterator iter2 = ((Map) entry.getValue()).keySet().iterator();
                           while(iter2.hasNext())
                                if(cCurrent == map.size())
                                     entry.setValue(map);
                                     break;
                                String key = (String) iter2.next();
                                map.remove(key);
                                if(log.isDebugEnabled())
                                     log.debug("* requestEviction: current:" + cCurrent + " to:" + cMaximum);
                 else
                      break;
  }

• Difficulties loading custom security Policy object.....

  I just finished reading the white paper entitled �When java.policy Just Isn�t Good Enough� and I found a lot of good information for creating my own extension of java.security.Policy. I�m having a difficult time figuring out how to (best) load the policy, and I�ll explain why, but first I�d like to make sure that I�m extending the Policy class correctly. Don�t worry, I�ll be as brief as possible. My class looks something like this with a few more permissions than what i've included here (for brevity):
  public class MyPolicy extends Policy {
              private static MyPolicy INSTANCE = new MyPolicy();
              private PermissionCollection perms = new Permissions();
              private MyPolicy() {
                          constructPerms();
              public static MyPolicy getInstance() {
                          return INSTANCE;
              public PermissionCollection getPermissions(CodeSource arg0) {
                          return perms;
              public void refresh() {
                          // permissions won't change, so nothing necessary here!
              public void constructPerms() {
                          // I�m adding other permissions, but here are a few basic ones just for the idea:
                          perms.add(new PropertyPermission("java.version", "read"));
                          perms.add(new PropertyPermission("java.vendor", "read"));
                          perms.add(new PropertyPermission("java.vendor.url", "read"));
  }I have this class in a package that will reside inside of a jar on the target machine. The jar will be wrapped in an executable, and we�ll be distributing a JRE directory that will reside in the same (installation) directory as the executable. I�m not sure how to specify this as my Policy implementation on startup of the JVM. For security reasons, I want to rely as little as possible on security stuff outside of my exe-wrapped-jarfile. I can pass whatever parameters I want to the JVM, including �Xbootclasspath, but I�m not sure what I need to get things working this way.
  I tried another approach. I don�t really like it, but I just wanted to try it this way to test my Policy implementation. I edited my java.policy file to look like this:
  grant {
              // Custom permissions to allow app to load
              // and then set MyPolicy as Policy object:
              permission java.security.SecurityPermission "getPolicy";
              permission java.security.SecurityPermission "setPolicy";
              permission java.util.PropertyPermission "stuff.*", "read,write";
  };And then in my main() method, I loaded it like this:
  Policy myPolicy = MyPolicy.getInstance();
  Policy.setPolicy(myPolicy);But that doesn�t seem to work because I�m getting an AccessControlException: access denied (java.awt.AWTPermission replaceKeyboardFocusManager)
  Even though I have this permission in my implementation:
  perms.add(new AWTPermission("replaceKeyboardFocusManager"));Do you have any ideas what I�m doing wrong, or how I could fix them? Any information would be greatly appreciated. Thanks in advance!
  Steve

  Hey
  I have just finished such a policy implemention - boy could I have done with your help!
  I've never seen the java.security.debug property before - not to say it doesn't exist, but don't confuse system properties and security properties. Try setting it programmatically via Security.setProperty() or the Java Admin console [if you can], or even in the JRE WebStart uses via the java.security file.
  When you run it locally with security switched on, do you observe the 3-to-1 behaviour also? I'm not sure if this is important - depends on your answer. As for the checks being performed from the same stack frame, the AC iterates over the protection domains as it checks them; the 3-to-1 behaviour is the result of there being 3 extra frames to check, possibly due to the fact your executing from JWS [although I'd expect JWS to be considered system code]. If the execution in AC gets to return null; then Debug.isOn("failure") must evaluate to true [...I'd slump in my chair at this point] but there's no way to figure out accurately what the semantics of this is AS THERE'S NO FRICKIN SRC AVAILABLE [...this really annoys me]. The only thing I can suggest for that is to not try and switch debugging on.
  I suspect you are using JAAS [hence the dynamic policy need]? I have an idea if you are.
  I totally know what you mean about the sleepless nights mate - I'm glad I done it all now, learnt all about security within Java which I knew nothing about 6 months ago.
  Warm regads,
  D

• How do you use .wsse policy file from Java Client?

  I'd like to call a WSSE enabled web service from my Java client but setup my encryption/signing requirements with a .wsse policy file.
  I know how to call a web service by programmatically setting up the security headers as described in:
  http://e-docs.bea.com/workshop/docs81/doc/en/core/index.html
  But how can I do the same thing by simply using a .wsse file?

  import java.awt.*;
  import java.applet.Applet;
  import java.awt.event.*;
  import java.net.*;
  public class links extends java.applet.Applet {
     Panel panel = new Panel();
     public links(){
        super();
        add(panel);
        Link link = new Link(this,"Answers for programmers;- ","http://forum.java.sun.com");
        panel.add(link);
     public void init(){
        setVisible(true);
     public class Link extends Label implements MouseListener {
        Applet applet;
        Color fcolor = Color.blue;
        Color lcolor = Color.pink;
        String text;
        String word;
     public Link(Applet ap, String s, String s1){
        super(s);
           this.applet = ap;
           this.text = s;
           this.word = s1;
           addMouseListener(this);
        setForeground(fcolor);
     public void paint(Graphics g){
     super.paint(g);
        if (getForeground() == lcolor){
           Dimension d = getSize();
           g.fillRect(1,d.height-5,d.width,1);
     public void update(Graphics g){paint(g);}
     public void mouseClicked(MouseEvent e){
        try{
           URL url = new URL(word);
           applet.getAppletContext().showDocument(url,"_self");
        catch(MalformedURLException er){ }
     public void mouseEntered(MouseEvent e){
        setForeground(lcolor);
        setCursor(Cursor.getPredefinedCursor(Cursor.HAND_CURSOR));
        repaint();
     public void mouseExited(MouseEvent e){
        setForeground(fcolor);
        setCursor(Cursor.getDefaultCursor());
        repaint();
  public void mousePressed(MouseEvent e){}
  public void mouseReleased(MouseEvent e){}
     public static void main (String[] args){
        new links(); 
  }

• How to use a file transport proxy service as trigger for a webservice

  Hi,
  I've implemented a alsb file transport proxy service. This proxy is watching a common directory and detects new files. After detection, the proxy move them in an archive folder.
  After that I want call an external webservice with the filename as input parameter.
  How can I comfigure that with the alsb console.
  best regards
  Oliver
  with the to extract the filename after it was renamed by the proxy service.

  How do you invoke/ instantiate the file based proxy service. Does it just run on activation in sb console? Does it continue to detect files or does it stop after detecting one file?
  Also what is the format of the URL that points to the file folder.
  For Ex: I have a folder named "TestFiles" on the C:\drive of the server.
  Edited by premkumr at 10/31/2007 3:26 PM

• How to specify a policy file in a WS client (AXIS2)

  I am trying to access a dot net web service and i want to make use of the policy file they gave me. i read that AXIS2 supports WS-Policy in the client side but i still can not figure out how to tell the client to use the file. I searched thouroghly for examples and searched through diffirent forums with no success. I found only similar questions with no answer. if somebody could help it would be appreciated.
  Thank you

  We you codegen a Policy annotated WSDL, the policies are get included in the stub. Hence you don't have to specify a separate Policy file.
  But if you need to use a separate policy then you need to set them in the AxisDescription object that you use in the ServiceClient and OperationClient.
  e.g.
  ServiceClient serviceClient = new ServiceClient();
  OperationClient operationClient = serviceClient
  .createClient(ServiceClient.ANON_OUT_IN_OP);
  FileInputStream fis = new FileInputStream("path-to-policy.xml");
  Policy servicePolicy = PolicyEngine.getPolicy(fis);
  AxisService axisService = serviceClient.getAxisService();
  axisService.getPolicyInclude().setPolicy(servicePolicy);
  If you need more information please repost this to [email protected] with a [AXIS2] subject prefix.