How can I authenticate and authorize with Web Service on ESB ?

Hello,
I want to authenticate and authorize client with Web Service published
by HTTP/SOAP BC.
Simply if it is an Web Service as J2EE application, I will use
Basic Authentication with JAX-RPC and Realm.
But I think that Web Service published by HTTP/SOAP BC is not belong
to J2EE Application. Threre is no place to describe security role mapping
(like web.xml).
JBI 1.0 the section "5.5.1.1.3 Normalized Message Properties" comments
JAAS Subject is given in the NM Properties. Really in this package
com.sun.jbi.internal.security.*
implements JAAS autentication and authorization (at JaasAuthenticator).
But I can't see how to configure my Service to use this.
How can I authenticate and authorize with Web Service on ESB ?
I referred to the resources.
Mutual Authentication for Web Services: A Live Example
http://developers.sun.com/prodtech/appserver/reference/techart/mutual_auth.html
XML and Web Services Security
http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security7.html
JAAS Authentication Tutorial
http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html
Thanks,
Takurou
- environment ---------------------------------------------
OpenESB : Project Open ESB Starter Kit
AppServer : Sun Java Systems Application Server 9.0 PE
OS : Windows XP
I don't assume to use SSL (if It's necessary I will try).
User information is stored in a LDAP Server.
-----------------------------------------------------------

Hello,
I read this resource.
SecurityDesign
http://www.glassfishwiki.org/jbiwiki/Wiki.jsp?page=SecurityDesign
Then I think [non-ssl and ssl/tls and so on] securing by basic authentication is ongoing feature at this time.
But I can't see well why this page comments 'HTTP over SSL, TLS'.
HTTP/SOAP Binding Component Overview
http://download.java.net/general/open-esb/docs/jbi-components/httpsoap-bc.html
Does BC support only "SSL server authentication" ?
Doesn't BC support "SSL client authentication" by username/password ?
Thanks,
Takurou

Similar Messages

  • How can I create a query with web service data control?

    I need to create a query with web service data control, in WSDL, it's query operation, there is a parameter message with the possible query criteria and a return message contains the results. I googled, but cannot find anything on the query with web service. I cannot find a "Named Criteria" in web service data control like normal data control. In Shay's blog, I saw the topics on update with web service data control. How can I create a query with web service data control? Thanks.

    Hi,
    This might help
    *054.     Search form using ADF WS Data Control and Complex input types*
    http://www.oracle.com/technetwork/developer-tools/adf/learnmore/index-101235.html

  • How to integrate Microsoft and SAP using Web Services?

    Hi All
    How to integrate Microsoft and SAP using Web Services? If any one has document please send it to me. My id is [email protected]... Please
    Help me
    Best Regards
    Ravi Shankar

    Hi Ravi,
    This is for Customizing Email and Other Web Services.
    Create addresses
    The address maintenance of R/3 users is carried out either via the R/3 User Maintenance (Transaction SU01) or the Private office settings (Transaction SO12):
    Address --> Other communication...
    Selection of the required communication service.
    Enter address.
    Copy or save.
    b) Configuration of SAPconnect (Transaction SCOT)
    Set communication method
    4.0 + 4.5: Goto --> Customizing --> Communication methods
    as of 4.6: Settings --> Communication methods
    Set the method of the required communication service to the value 'SAPCONNECT' and save the setting.
    Customized the same for Internet mailing.
    C) If you want to Transfer Table Structure Values from SAP R/3 to Web Services then
           1. Create BAPI and Transfer whichever things you want.(Note: The Structure
               of BAPI should be similar to Web Structure (Datatypes).
           2. Create a BDC and Schedule it in the Background.
    Hope it helps you, Awaiting for the Reward Points.
    Thanks
    Subrato Chowdhury

  • How to create items and BOMs using web services

    Hi All,
    I need to create, change and read Items and BOMs through web services (using SOA Gateway, right). I found this one here: "Process Item (convenience wrapper version)" or "Process Item" within
    Internal Name     EGO_ITEM_PUB
    Type               PL/SQL
    Product          Advanced Product Catalog
    Status          Active
    Business Entity     Catalog Item
    Right now, I don't know how to use it. If somebody has a simple example to create a single item, this would be perfect! Which one would be the right one to read detailed information about an existing item?
    The second object I need to maintain (create, change and read) is BOM. Which API can I use here?
    btw: I use EBS 12.1.1 on windows.
    Many thanks,
    Konrad

    Hi!
    Thanks for your quick answer but unfortunately, I must admit that I'm an absolute beginner with Oracle and EBS and so things like:
    Enable trace and generate the tkprof file or open the form using forms builder to get the name of the API used in thta screen.or
    Please check e-trm site for your question do not help me to much :-(
    Any other advice?
    Konrad
    Api's in EBS
    Re: Api's in EBS
    http://sairamgoudmalla.blogspot.com/2009/05/script-to-find-oracle-apis-for-any.html
    API
    Fixed Asset API
    List of API
    Re: List of APIs
    Regard
    Helios

  • How can I use XMLBeans in a Web Services client?

    How can I use XMLBeans in a standalone Java client with a Web Service?
    I posted the message below earlier in the year, but have not yet been successful
    in my
    attempts.
    regards
    Eddie
    Hi,
    I'm trying to using XMLBeans to send a document to a web service from a standalone
    Java client. I'm using the PurchaseOrder (easypo) example document, and the service
    expects a parameter of type PurchaseOrderDocument. The client proxy class generated
    by WebLogic Workshop, however, expects to send a parameter of type PurchaseOrder.
    In the client, I can instantiate a PurchaseOrderDocument, and then obtain a PurchaseOrder
    (e.g. pod.getPurchaseOrder() ), but the returned class is not compatible with
    the PurchaseOrder type that the client proxy expects.
    In a previous attempt (not using Workshop), the client would not compile because
    it expected to send a non-abstract class with a public default constructor (presumably
    a JAX-RPC requirement), and XMLBeans had generated an interface.
    Any help would be greatly appreciated!
    thanks & regards
    Eddie

    I have been experiencing similar problems with the HTML Editor and have managed to find an answer that should start to answer some of my questions. The Apex HTML Editor Standard is actually an HTML editor called FCKeditor. The FCKeditor has a Javascript API that can be found at http://docs.fckeditor.net/FCKeditor_2.x/Developers_Guide/JavaScript_API. Unfortuately this doesn't seem to give the whole answer and I found more at http://www.houseoffusion.com/groups/cf-talk/thread.cfm/threadid:49607.
    I needed to get the text entered within my html editor standard (e.g. P1_MYTEXT) and use it within my javascript function. I did this by using the following script
    <script language="JavaScript" type="text/javascript">
    function showtext(){
    var oEditor = FCKeditorAPI.GetInstance('P1_MYTEXT');
    var editortext = escape(oEditor.GetXHTML(oEditor.FormatOutput));
    alert(editortext);
    </script>
    Hope this helps.
    Matthew

  • How to get up and run a Web Services/RESTful functionality?

    Hello there,
    The DBAs just completed the upgrade for the APEX 4.2 in our organization. I was asked to work with APEX and build some application. This morning I was asked by my boss to take a look at getting the Web Services/RESTful API Functionality up and running. I am new to this environment. When I check the RESTful Services I found out the are no RESTful Services. What do I do to get this running? as a Developer, I do not have access to any schema or web services. How do I go about making this work? can any one point me to some blog or site that will help me make this work?

    Hello,
    You can consume Web-Services from APEX, but you can't produce. So first ask your boss which web-service you want to implement.
    There are 2 types of web services in general, SOAP based and RESTful. APEX provides simplified API's to invoke both types web-service.
    Identify web-service you want to TEST
    Create ACL for APEX_XXXX schema to access web-service
    Create ACL for Proxy Server as-well, if required
    If web-service is SSL-enabled then configure wallet. See 17.7 Implementing Web Services
    Use APEX API's to invoke Web-Services. See APEX_WEB_SERVICE
    You can process XML response from Web-Service using Using XQuery with Oracle XML&amp;nbsp;DB
    If Web-Service returns JSON data either you can use PL/JSON | Free software downloads at SourceForge.net to process response, or you can process response at client side using jQuery
    Regards,
    Hari

  • How to implement the odata model with web service

    hi dear all,
    i am trying to expose the web service as odata service in gwpa (not the NW Gateway) and i want to deploy it into smp 3.0
    but cannot find any helpful materials on it.
    could you give me some guide?
    thank you very much
    best regards
    lawrence

    Hi Lawrence,
    There are plenty blogs available. You can check either
    Marvin Hoffmann
    How to use Integration Gateway with SMP 3.0 (Part 1)
    Let me know if you face any issues.
    Rgrds,
    Jitendra

  • Single Sign On and Application with Web Services

    My Application Server is set as partner application for SSO so for example this address: http://myserver:80 is SSO enabled.
    I have two ADF applications on it with jspx pages and the ADF security is enabled on them. SSO works for these applications (for jspx files).
    I added a new application with a web service and deployed this new application. It is on the same application server as those two applications and its security provider in identity management, SSO enabled. Its address is something like:
    http://myserver:80/newWebService-Project1-context-root/MyWebService1SoapHttpPort
    So I expect to be unable to test web service, but I can and I am not prompted for user name and password.
    Regards
    Farbod

    Thank you.
    Yes I had cleared the cache and in these cases I always use a new browser also.
    I deployed a third application without declarative security options (ADF application, no security settings) and this application also didn't ask me for user information though it was under SSO.
    Regards
    Farbod

  • How to create Folder and subFolder using web services

    Hi,
    Today I've been working with some Share Point develompment but the truth is that I can't just get it.
    Can any body help me with some easy links to start Share Point Development?
    Here is wath I'm trying: I need to create a new folder (lets say Folder1) inside a Document library. After Folder1 is created, I need to create a new Folder inside Folder1 (lets say Folder1.1) and so on.
    Until now, I'm able to create Folder1 but after that I don't know how to continue creating subfolders.
    It's important to say that I would like to solve this problem by using webservices and let de Microsoft.Sharepoint.dll as just in case.
    I hope somebody help me.
    Thanks.

    Hi Steve,
    I need to create a folder structure(e.g folder1/folder2) by the running the program once.I tried calling the UpdateListItemCreateFolder recursively and passed an extra rootFolder parameter.I changed the RootFolder attribute as shown below but the code isnt working.Please let me know the right procedure to create a folder structure in a list.
    public
    static void UpdateListItemCreateFolder(string folderName, string rootFolder)
    ListService.
    Lists listProxy = new ListService.Lists();
    string location = "http://localhost:414/Documents/one" + rootFolder.ToString();
    string xmlconst = "<Batch OnError='Continue' RootFolder='" + location.ToString() + "'><Method ID='1' Cmd='New'><Field Name='ID'>New</Field><Field Name='FSObjType'>1</Field><Field Name='BaseName'>!@foldername</Field></Method></Batch>";
    listProxy.Url =
    "http://localhost:414/_vti_bin/lists.asmx";
    listProxy.UseDefaultCredentials =
    true;
    XmlDocument doc = new XmlDocument();
    xmlconst.Replace(
    "!@root", location);
    string xmlFolder = xmlconst.Replace("!@foldername", folderName);
    doc.LoadXml(xmlFolder);
    XmlNode batchNode = doc.SelectSingleNode("//Batch");
    XmlNode resultNode = listProxy.UpdateListItems("Documents", batchNode);

  • I have a hp laserjet p1102w and i don´t know how can i get a conection with web site

    Tengo una impresora hp laserjet p1102 y no he podido lograr la conección al sitio web, 

    Voy a necesitar un poco más de información con el fin de ayudar. La impresora está configurada de forma inalámbrica con un router, ¿correcto? ¿Cuál es el mensaje de error que recibe cuando intenta conectarse a servicios web? ¿Qué es la dirección IP de la impresora? Para que lo sepas, estoy usando el traductor de google para responder a su mensaje. Te aconsejo algo de esto por si acaso escrito en el hilo no tiene sentido.
    Yo soy un empleado de HP
    I am a former employee of HP...
    How do I give Kudos?| How do I mark a post as Solved?

  • How can I use AND's with OR's in the smartlists?

    SO what is the trick in combining OR's and AND's within a smartlist? like
    "(hip/hop OR Rap) AND (My Rating over 3 stars)"
    Is that possible?

    If there are two or more rules, a drop down box will
    appear next to Match rules.
    Change it to Match Any instead of Match All.
    Right, this makes it an OR. So with two rules:
    1. genre equals hip hop
    2. genre equals rap
    and I pick the ANY, then my list will be a combo of both (and yeah statistically speaking could be all of 1 or 2)
    HOWEVER, the next part is where I am stuck - How do I make sure the selections from 1 or 2 are ALL 3 stars or better in rating??
    So with three rules:
    1. genre equals hip hop
    2. genre equals rap
    3. Rating at least 3 stars
    Now with using ANY (aka OR) I could get a 4 star heavy metal song in my list - right? because the above is not the same as
    (1 or 2) and 3 <<-- which is what I really want to do.
    Any ideas how to do that? somewhere a while back I saw a thread talking about some trick that would do that, but I cant find it again. I am not even sure I read it on this site. But anyway - any one know how to make a smartlist to do
    (1 or 2) and 3
    thanks
    Gc

  • How can I read and work with the e-mail on one IMAC (running 10.7.3) from my MacPro Power PC5 (running 10.5.8)

    I would like to be able to work the e-mails on my IMAC (Lion 10.7.3) from my Mac Pro Power PC5 (running Leopard 10.5.8).  I want to be able to see all the folders and have actions show up on the other computer.  In other words, if I delete the e-mail I want it to disappear in real time from the other computer.  The same would be for moving messages in and out of different folders.  Can this be done without setting a server?  If not, then what server version could I install on the MacPro that would let me do this?

    That is the way IMAP should work.
    Like gMail or iCloud, both of which can be setup on both Macs...
    Do not delete the old account yet. sign up for an iCloud account if you haven't.
    I understand .mac mail will still come through. Do not delete the old account yet.
    You cannot use .mac or MobileMe as type of Account, you have to choose IMAP when setting up, otherwise Mail is hard coded to change imap.mail.me.com to mail.me.com & smtp.mail.me.com to smtp.me.com, no matter what you try to enter.
    iCloud Mail setup, do not choose .mac or MobileMe as type, but choose IMAP...
    On second step where it asks "Description", it has to be a unique name, but you can still use your email address.
    IMAP (Incoming Mail Server) information:
    • Server name: imap.mail.me.com
    • SSL Required: Yes
    • Port: 993
    • Username: [email protected] (use your @me.com address from your iCloud account)
    • Password: Your iCloud password
    SMTP (outgoing mail server) information:
    • Server name: smtp.mail.me.com
    • SSL Required: Yes
    • Port: 587
    • SMTP Authentication Required: Yes
    • Username: [email protected] (use your @me.com address from your iCloud account)
    • Password: Your iCloud password

  • How can we authenticate and receive token from Flicker from Our IPhone Application using OAuth Protocol?

    IPhone Programming

    You have a better chance of getting your question answered in the Developers Forum.
    Suggest you repost there:
    Developer Forums

  • How can I find and eliminate duplicates in iTunes 11?

    I can't seem to find the "Find exact duplicates" item in the File Menu in version 11. How can I find and deal with duplicates?

    Shift-View-Show Exact Duplicates should reveal them. Keep one of each repeated group of files and don't send to the recycle bin unless you are sure that there are multiple files on the disc as opposed to multiple entries to the same file.
    There is also my DeDuper script if you don't want to do it by hand. This can preserve ratings, play counts, playlist membership, etc. which are lost in a manual clean up. Please take note of the warning to backup your library before deduping. See this thread for background on deduping and the script.
    tt2

  • How to access HTTP Header from within Web service?

    Hello,
    Is there a way to access HTTP header variables like CONTENT_TYPE, CONTENT_LENGTH from within Web Logic web service.
    I was able to get the HTTP header variable from within Apache AXIS services by calling context.getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST
    How can i do this from weblogic web service.
    I need this to verify the client SSL_CLIENT_DN
    In access I can get the header as follows.
    HttpServletRequest req = (HttpServletRequest) context
              .getProperty(HTTPConstants.MC_HTTP_SERVLETREQUEST);
    clientID = req.getHeader("SSL_CLIENT_S_DN_Email");
    Thanks
    --Arun                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                   

    hi
    the following link may helpful to you
    http://e-docs.bea.com/wls/docs81/webserv/anttasks.html#1111537
    Regards
    Prasanna Yalam

Maybe you are looking for