OWSM - Logging in Custom Policy Step

Similar Messages

• Custom Policy steps in OWSM

  I am currenly implementing an integration systems between our systems and a third party system. There is a requirement for all messages sent across the interface to be acknowldeged by the other system. The transactions are synchronous so we have hand off approach where the receiving system must acknowledge message receipt by sending a synchronous response message back. This acknowledgement message will contain a boolean flag that either says true or false depending on whether they are receiving or rejecting the message. Messages could be rejected because they have an invalid digital certificate or failed message integrity. Is it possible to create custom policy step in the OWSM that allows me to send these acknoledgement messages. the message structure will contain only 3 elements:
  successfulDelivery (boolean)
  RejectedCode (Rejection ErrorCode)
  RejectedReason (Rejected Error Reason)
  Can any one help? I am still new to the OWSM.

  Here's an example on how to add a custom SOAP header to the request message inside a custom step.
  public IResult execute(IMessageContext messageContext) throws Fault {
  MessageContext msgCtxt = (MessageContext) messageContext;
  SOAPEnvelope senv = msgCtxt.getRequest().getAxisMessage().getSOAPEnvelope();
  ((org.apache.axis.message.SOAPEnvelope)senv).setDirty(true);
  Name header = factory.createName("CustomHeader", "http://foo.com/custom/header");
  SOAPHeaderElement headerElement = senv.getHeader().addHeaderElement(header);
  headerElement.addTextNode("My custom header data");
  OWSM uses AXIS implementation internally to represent the SOAP message.
  Cheers,
  Vikas Jain

• Extend OWSM with Custom Policy Step: MessageContext.setResponseMessage()?

  Hi,
  I intend to create a custom policy step for OWSM.
  In the execute method of my step (that extends AbstractStep) I want to set the Response Message using the setResponseMessage() method. According to the Extensibility Guide, this method should be passed a com.cfluent.ccore.message.SOAPMessage object as parameter.
  Basically, the code looks something like this:
  public IResult execute(IMessageContext messageContext) throws Fault {
  MessageContext msgCtxt = (MessageContext)messageContext;
  Result result = new Result();
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  result.setStatus(IResult.SUCCEEDED);
  return result;
  At compile time however, JDeveloper throws the following error:
  SOAPMessage not found in class nl.amis.soa.CustomStep
  and points to the line
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  Should I use AXIS SOAP objects (knowing OWSM is based on AXIS or uses it)? Or a MessageFactory? Or ... ?
  Any tips and preferably a code sample is much appreciated!
  Thanks, Sjoerd

  Hi Sjoerd ,
  Looks like documentation error. Are you importing the om.cfluent.ccore.message.SOAPMessage class? Try compiling without the import. I was able to compile your code with no issues. All I have is coresv-4.0.jar added to my jDev project.
  FYI MessageContext.get/setRequestMessage() really takes javax.xml.soap.SOAPMessage as parameter.
  Here is the code I can compile:
  package com.junk.wsm;
  import com.cfluent.pipelineengine.container.MessageContext;
  import com.cfluent.policysteps.sdk.AbstractStep;
  import com.cfluent.policysteps.sdk.IMessageContext;
  import com.cfluent.policysteps.sdk.IResult;
  import com.cfluent.policysteps.sdk.Result;
  public class junkStep extends AbstractStep {
  public junkStep() {
  public IResult execute(IMessageContext messageContext) {
  MessageContext msgCtxt = (MessageContext)messageContext;
  Result result = new Result();
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  result.setStatus(IResult.SUCCEEDED);
  return result;
  Regards,
  Rajesh

• OWSM Custom Policy Step: use of the setProcessingStage() method?

  Hello,
  When creating a Custom Policy Step for use in an OWSM pipeline the API provides the option to set the processing stage. Possible values are STAGE_PREREQUEST, STAGE_REQUEST, STAGE_RESPONSE and so on.
  Can anyone tell me the use of setting the processing stage. Would it allow me to literally take the message request to a different stagewhat, e.g. what should happen when in the Request Stage I set it to STAGE_RESPONSE?
  I have tried this and cannot see any effect.
  Thanks, Sjoerd

  Hi Vikas,
  Thanks for the reply.
  I suspect that the "fiddling with the Outgoing Transport Protocol that is between OWSM Gateway and actual service" as mentioned in my original post is probably the same as "creating a custom transport messenger between gateway and service" as mentioned by you.
  Any pointers to get me going, e.g. what interfaces te implement, classes to extend, how to register and manage with OWSM?
  Thanks and best regards,
  Sjoerd

• Custom Policy Step and the WS-Security header attibute "mustUnderstand"

  Hi there,
  I have some issues testing the custom policy step that comes with OWSM (CustomAuthenticationStep), which i describe next.
  I manage to compile/deploy the custom step successfully. I also restart the server and add the brand new step into the request pipeline. The pipeline only has two steps, a log step and a custom authentication step.
  I develop a client for the gateway service which use the "Username to Authenticate" option of the Proxy Security. The other options (inbound/outbound integrity/encryption) are all unchecked.
  When I test the client, the following SOAP message is produced:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:ns0="http://agesic.entidad/types/"
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <env:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  env:mustUnderstand="1">
  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:Username>test</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </env:Header>
  <env:Body>
  <ns0:reverseElement>
  <ns0:aString>Holas!</ns0:aString>
  </ns0:reverseElement>
  </env:Body>
  </env:Envelope>
  Which looks just fine. However I get the following exception:
  javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
       at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
       at agesic.cliente.gateway.proxy.runtime.EchoReverseSoapHttp_Stub.reverse(EchoReverseSoapHttp_Stub.java:78)
       at agesic.cliente.gateway.proxy.EchoReverseSoapHttpPortClient.reverse(EchoReverseSoapHttpPortClient.java:44)
       at agesic.cliente.gateway.proxy.EchoReverseSoapHttpPortClient.main(EchoReverseSoapHttpPortClient.java:33)
  If i look at the log produced by the custom step, it looks like the step was successfully passed.
  ********** Entering Custom Authentication execute method **********
  Processing stage is Request
  Request SOAP message is <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="h
  ttp://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-ins
  tance" xmlns:ns0="http://agesic.entidad/types/" xmlns:wsu="http://docs.oasis-ope
  n.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><env:Header><wsse
  :Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004
  /01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.or
  g/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://sche
  mas.xmlsoap.org/soap/envelope/"><wsse:UsernameToken xmlns:wsse="http://docs.oasi
  s-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http:/
  /docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ws
  se:Username>test</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/
  wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse
  :Password></wsse:UsernameToken></wsse:Security></env:Header><env:Body><ns0:rever
  seElement><ns0:aString>Holas!</ns0:aString></ns0:reverseElement></env:Body></env
  :Envelope>
  User locale is English
  Client ip address is rhel4.tecinfo.com.uy:7777
  Verified user is test
  The problems is with the mustUnderstand attribute. It looks like no step tells the OWSM that he understands the header, so the OWSM pass through the pipeline and when it ends it thinks that that header was not processed properly.
  I try to find documentation on this issue but I didn't find any.
  Any ideas? Is there any way to specify that the step actually understands the ws-security header?
  Thanks!
  Leo

  Ok. Thanks. The problem here is a little bit different. At the client side, we have the following:
  <?xml version="1.0" encoding="UTF-8"?>
  <oracle-webservice-clients xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:noNamespaceSchemaLocation='http://xmlns.oracle.com/oracleas/schema/oracle-webservices-client-10_0.xsd'>
  <webservice-client>
  <service-qname namespaceURI="http://agesic.entidad/" localpart="EchoReverse"/>
  <port-info>
  <wsdl-port namespaceURI="http://agesic.entidad/" localpart="EchoReverseSoapHttpPort"/>
  <runtime enabled="security">
  <security>
  <inbound/>
  <outbound>
  <username-token password-type="PLAINTEXT" add-nonce="false" add-created="false"/>
  </outbound>
  </security>
  </runtime>
  <operations>
  <operation name='reverse'>
  </operation>
  </operations>
  </port-info>
  </webservice-client>
  </oracle-webservice-clients>
  The <outbound> here is requered in order to use the WSS UserName token profile. I try to remove the <inbound/> to check if it was a problem like yours, but we still have the same exception.
  The problem seems to be with the gateway at the server side.
  Intercepting the communication between the client and the server, we are getting the following response:
  <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:ns0="http://agesic.entidad/types/">
  <env:Body>
  <env:Fault>
  <faultcode>env:MustUnderstand</faultcode>
  <faultstring>SOAP must understand error:
  {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  We need a way to instruct the gateway that he actually understands the wss header.
  Any ideas?
  Thanks!
  Leo

• Custom Policy Step calling EJB

  Hi there,
  I'm a newby to OC4J and need some help in regards to some library issues. I've created an EJB using spring and deployed it to the oc4j container. Then I created an owsm custom policy step which retrieves the EJB bean using spring and retrieves the custom security header, which I then add to the current SOAP header. I wasn't quite sure how to create the custom policy step jar as it contains my spring jar as well as my ejb jar, so I used maven to create the jar with all my dependent jars as well. Everything works great, as in, it retrieves the EJB calls the method on the EJB which will retrieve a value from LDAP and then uses that value to query our data store and then return the object, but when it returns the object it throws the following exception:
  java.lang.LinkageError: Class com/cochlear/erpsecurity/domain/ErpSoapHeader violates loader constraints
  Which is due to the fact that I have the ErpSoapHeader in my custom policy step jar as well as my ejb jar. When I don't include the ejb jar in my custom policy step jar however then it give a class not found exception when trying to load the ejb with spring. Then I tried something dodgy and added the ejb jar to my server.xml in oracle.wsm.gateway shared library, but this caused the linkage error as well.
  Any help on how I can resolve this library issue will be great appreciated.
  Thanks so much,
  Ida

  Here's an example on how to add a custom SOAP header to the request message inside a custom step.
  public IResult execute(IMessageContext messageContext) throws Fault {
  MessageContext msgCtxt = (MessageContext) messageContext;
  SOAPEnvelope senv = msgCtxt.getRequest().getAxisMessage().getSOAPEnvelope();
  ((org.apache.axis.message.SOAPEnvelope)senv).setDirty(true);
  Name header = factory.createName("CustomHeader", "http://foo.com/custom/header");
  SOAPHeaderElement headerElement = senv.getHeader().addHeaderElement(header);
  headerElement.addTextNode("My custom header data");
  OWSM uses AXIS implementation internally to represent the SOAP message.
  Cheers,
  Vikas Jain

• Retrieve Client IP Address in a Oracle WebServices Manager Custom Policy

  Hi everybody,
  For some reasons i had to implement a custom policy in the OWSM, to restrict the access to webservices by Client IP Addresses. I´ve been following the examples for custom policies mentioned in the books: "Oracle Web Services Manager, Oracle Web Services Manager" by Sitaraman Lakshminarayanan, and the "Oracle® Web Services Manager Extensibility Guide 10g (10.1.3.3.0)" by Oracle. I followed the examples mentioned in those books to implement my Custom policy, the policy is successfully deployed to OWSM and it works, only by the issue that when i want to retrieve the Client Ip address it returns null, and following the example by the Oracle Guide, the HttpServletRequest its also returns null, im desperated because in every site that i finally find some info about it, quotes any of these 2 examples in those books, and mine doesnt work! this is the code of the custom policy, i´ve combined the 2 aproaches:
  package project1;
  import com.cfluent.ccore.util.logging.ILogger;
  import com.cfluent.ccore.util.logging.Level;
  import com.cfluent.ccore.util.logging.LogManager;
  import com.cfluent.pipelineengine.container.MessageContext;
  import com.cfluent.policysteps.sdk.AbstractStep;
  import com.cfluent.policysteps.sdk.Fault;
  import com.cfluent.policysteps.sdk.IMessageContext;
  import com.cfluent.policysteps.sdk.IResult;
  import com.cfluent.policysteps.sdk.InvocationStatus;
  import com.cfluent.policysteps.sdk.Result;
  import java.util.HashMap;
  import java.util.Iterator;
  import java.util.Vector;
  import javax.servlet.http.HttpServletRequest;
  public class CustomPolicy extends AbstractStep {
  private static String CLASSNAME = CustomPolicy.class.getName();
  private static ILogger LOGGER = LogManager.getLogger(CLASSNAME);
  private String allowedIpAddress = null;
  private String allowedRoleName = null;
  private String protectedServiceMethodName = null;
  public CustomPolicy() {
  public void init() throws IllegalStateException {
  // nothing to initialize
  public void destroy() {
  * This is the main method which will validate that the request is coming from
  * the correct IP Address and has permission to access the specified metod.
  public IResult execute(IMessageContext messageContext) throws Fault {
  LOGGER.entering(CLASSNAME, "execute");
  Result result = new Result();
  result.setStatus(IResult.FAILED); //initialize result
  String processingStage = messageContext.getProcessingStage();
  LOGGER.log(Level.INFO, "Processing stage is " + processingStage);
  HttpServletRequest httpServletRequest = (HttpServletRequest)
  messageContext.getProperty("javax.servlet.request");
  String remoteAddr = httpServletRequest.getHeader("Host");
  LOGGER.log(Level.SEVERE, "Dir IP:"+remoteAddr);
  String remoteHost = httpServletRequest.getRemoteHost();
  LOGGER.log(Level.INFO, "ADDR" + remoteAddr+ "HOST"+remoteHost);
  boolean isRequest =
  (IMessageContext.STAGE_REQUEST.equals(messageContext.getProcessingStage()) ||
  IMessageContext.STAGE_PREREQUEST.equals(messageContext.getProcessingStage()));
  //Execute the step Only when its a Request pipeline else return success
  if (!isRequest) {
  result.setStatus(IResult.SUCCEEDED);
  return result;
  MessageContext msgCtxt = (MessageContext)messageContext;
  String _MethodName = msgCtxt.getRequest().getMethodName();
  LOGGER.log(Level.INFO,
  "Writing Allowed IP Addr before creating SOAP header " +
  allowedIpAddress);
  LOGGER.log(Level.INFO,
  "Writing Remote IP Addr before creating SOAP header " +
  msgCtxt.getRemoteAddr());
  /*LOGGER.log(Level.INFO,
  "Writing Remote IP Addr before creating SOAP header " +
  remoteAddr);*/
  String cadTempo = allowedIpAddress;
  Vector vect = new Vector();
  for (int i = 0; i < allowedIpAddress.length(); i++) {
  if (cadTempo.indexOf(",") != -1) {
  //vect.add(cadTempo.substring(0, cadTempo.indexOf(",") - 1));
  vect.add(cadTempo.substring(0, cadTempo.indexOf(",")));
  cadTempo =
  cadTempo.substring(cadTempo.indexOf(",") + 1, cadTempo.length());
  LOGGER.log(Level.INFO,
  "AQUI111");
  } else {
  if (!cadTempo.equalsIgnoreCase("")) {
  vect.add(cadTempo);
  LOGGER.log(Level.INFO,
  "AQUI222");
  break;
  for(int i=0;i<vect.size();i++){
  String temp = (String)vect.get(i);
  if (temp.equals(msgCtxt.getRemoteAddr()) &&
  _MethodName.equals(protectedServiceMethodName)) {
  LOGGER.log(Level.INFO,
  "AQUI333");
  result.setStatus(IResult.SUCCEEDED);
  break;
  } else {
  msgCtxt.getInvocationStatus().setAuthorizationStatus(InvocationStatus.FAILED);
  LOGGER.log(Level.INFO,
  "AQUI444");
  /*if(allowedIpAddress!=null){
  result.setStatus(IResult.SUCCEEDED);
  /*if (allowedIpAddress.equals(msgCtxt.getRemoteAddr()) &&
  _MethodName.equals(protectedServiceMethodName)) {
  result.setStatus(IResult.SUCCEEDED);
  } else {
  msgCtxt.getInvocationStatus().setAuthorizationStatus(InvocationStatus.FAILED);
  // Set the result to SUCCESS
  //result.setStatus(IResult.SUCCEEDED);
  return result;
  public String getIpAddress() {
  return allowedIpAddress;
  public void setIpAddress(String IpAddress) {
  this.allowedIpAddress = IpAddress;
  LOGGER.log(Level.INFO, "IP Address is.. " + allowedIpAddress);
  public String getServiceMethodName() {
  return protectedServiceMethodName;
  public void setServiceMethodName(String serviceMethodName) {
  this.protectedServiceMethodName = serviceMethodName;
  public String getRoleName() {
  return allowedRoleName;
  public void setRoleName(String roleName) {
  this.allowedRoleName = roleName;
  And the xml:
  <csw:StepTemplate xmlns:csw="http://schemas.confluentsw.com/ws/2004/07/policy"
  name="Custom authenticate step" package="project1"
  timestamp="Oct 31, 2005 05:00:00 PM" version="1"
  id="0102030405">
  <csw:Description>Custom step that authenticates the user against the
  credentials entered here. This step requires Extract
  credentials to be present before it in the request pipeline.</csw:Description>
  <csw:Implementation>project1.CustomPolicy</csw:Implementation>
  <csw:PropertyDefinitions>
  <csw:PropertyDefinitionSet name="Basic Properties">
  <csw:PropertyDefinition name="Enabled" type="boolean">
  <csw:Description>If set to true, this step is enabled</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>true</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  </csw:PropertyDefinitionSet>
  <csw:PropertyDefinitionSet name="Custom Access Rules">
  <csw:PropertyDefinition name="IpAddress" type="string" isRequired="true">
  <csw:DisplayName>IpAddress</csw:DisplayName>
  <csw:Description>IP Address that is allowed access</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>192.168.0.1</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  <csw:PropertyDefinition name="ServiceMethodName" type="string"
  isRequired="true">
  <csw:DisplayName>ServiceMethodName</csw:DisplayName>
  <csw:Description>Service Method Name that is Protected (Secured)</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>getTime</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  </csw:PropertyDefinitionSet>
  </csw:PropertyDefinitions>
  </csw:StepTemplate>
  Please any tip or idea is welcome, thanks in advance for the help.
  Carlos.

  Hi again
  copied your code for testing. And it works fine.
  So both the code and policy-step definition is fine, log output below.
  What is your log output?
  Using soapui to send the request will give the ip of my localhost, using the test client will give the ip of the server, because that is the actual client.
  I guess the server ip is 192.168.0.1 in your case, as you are testing from test console.
  <b>anyway, results from SOAPUI:</b>
  2009-05-19 09:52:15,096 FINE [HTTPThreadGroup-4] CSWComponent - Executing policy step. Policy='SID0003004', Step Name='Custom Policy Step', Step Class='com.*.soa.wsm.CustomPolicy'
  2009-05-19 09:52:15,096 FINER [HTTPThreadGroup-4] wsm.CustomPolicy - com.*.soa.wsm.CustomPolicy execute:ENTERING
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Processing stage is Request
  2009-05-19 09:52:15,096 SEVERE [HTTPThreadGroup-4] wsm.CustomPolicy - Dir IP:hostname.domain:8890
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - ADDRhostname.domain:8890HOST10.47.89.116
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - MethodName=getHostNameElement
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Allowed IP Addr before creating SOAP header 10.47.89.116, 192.168.0.1
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Remote IP Addr before creating SOAP header 10.47.89.116
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI111
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI222
  2009-05-19 09:52:15,097 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI333
  2009-05-19 09:52:15,097 FINER [HTTPThreadGroup-4] agent.Agent - com.cfluent.agent.Agent intercept:ENTERING
  <b>But if I use the test client the remote IP would be 10.47.137.50 and execution fails, as code is written</b>
  <i>
  2009-05-19 09:54:12,266 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Allowed IP Addr before creating SOAP header 10.47.89.116, 192.168.0.1
  2009-05-19 09:54:12,266 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Remote IP Addr before creating SOAP header 10.47.137.50
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI111
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI222
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI444
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI444
  2009-05-19 09:54:12,267 FINE [HTTPThreadGroup-4] CSWComponent - Step execution failed: Policy=[SID0003004] Pipeline=[Request] Step Name=[Custom Policy Step] Step Class=[com.tandberg.soa.wsm.CustomPolicy]
  2009-05-19 09:54:12,267 FINER [HTTPThreadGroup-4] common.PrepareForServiceStep - Step PrepareForServiceStep called
  </i>

• OWSM 11g: Custom policy implementation

  Hi all,
  I am unable to replicate the example as discussed in the section 14 of Security and Administrator’s Guide for Web Services 11g Release 1 (11.1.1) B32511-03, April 2010. I am applying the custom policy on a osb (11g r3) proxy service. Kindly take a look at the steps mentioned below & suggest suitably where i may be going wrong:
  1. Creation of the IpAssertionExecutor class which holds the implementation logic (same as Step 1)
  2. Creation of the policy-config.xml file (same as Step 2)
  3. oracle.logging-utils_11.1.1.jar was also added to compile the above class.
  4. IpAssertionExecutor Class & policy-config.xml were added as a jar file as mentioned in page no: 4 of the following link: http://www.scribd.com/doc/25941008/How-to-Create-OWSM-11g-Custom-Policy-Assertion (same as Step 4)
  5. Updation of classpath (same as Step 5)
  6. Creation of oracle/ip_assertion_policy file (same as Step 2)
  7. Importing the Custom Policy File (same as Step 6)
  8. Attaching the Custom Policy to a Web Service or Client (same as Step 7)
  For testing purpose, i used soapui and specified the bind address in the request properties. However, the policy is not working as desired.
  Additionally, i hardcoded the String ipAddr (ip address) in the IpAssertionExecutor class & redeployed the jar. But still couldn't get it working.
  I shall be obliged if someone can help me.
  Thanks in advance

  In the security tab for your OSB Service, ensure that you set the radio button for processing of ws header. Otherwise no policies appear to be called.

• OWSM customize policy step sign message

  Hi,
  is it possible to customize the OWSM policy step "sign message" ?
  - to set the attribute mustUnderstand of the element wsse:Security to 0 (default is 1)
  - to add the timestamp wsu:Expires to the security header (in addition to the wsu:Created timestamp)
  Bye,
  Markus

  Hi Vikas,
  Thanks for the reply.
  I suspect that the "fiddling with the Outgoing Transport Protocol that is between OWSM Gateway and actual service" as mentioned in my original post is probably the same as "creating a custom transport messenger between gateway and service" as mentioned by you.
  Any pointers to get me going, e.g. what interfaces te implement, classes to extend, how to register and manage with OWSM?
  Thanks and best regards,
  Sjoerd

• Stimulus profile stops logging immediately (Custom Steps)

  Greeting again all! I'm using 2012 versions of everything here (VS, TS, LV, and DIAdem), and I'm also using VS Custom Steps for TS. I have a main TS sequence that does all of the configuration and setup tasks via subsequences and VS Custom steps. The only thing I'm using the Stimulus Profile for is logging at the moment, and for some reason the resulting TDMS file only holds six data points (logging at 100Hz). It looks like it starts and stops immediately, and I can't figure out why. 
  The only steps I have in the stimulus profile are Start Logging and Channel Group steps. There's no Stop Log step, so the logging shouldn't stop until the TS sequence undeplous the project, as far as I understand it. Triggered Logging Trigger Condition is set to none, and File Segmenting is set to Do Not Segment.
  Can anyone shed any light on what's happening here? 
  Solved!
  Go to Solution.

  The best option would be to control data logging directly from the TestStand sequence, but I'm not very familiar with what steps are available. Newer versions of the steps seem to have some DataLogging palette available (just based on screenshots posted online), but they might not support VeriStand 2012.
  You could do this by calling a LabVIEW VI from TestStand that would set up the data logging session, and then calling another at the end of the TestStand sequence to stop it. We have example VIs that ship with Veristand to show you how to start and stop logging.
  Jarrod S.
  National Instruments

• Owsm policy step verify certificate

  We try to use the OWSM for client authentication using "verify certificate". for what i understand of it i have to send along the public certificate with my request and that certificate should be in the trusted store. Can this store be the same store as the wallet the http server is already using.
  when i look for the details of the verify certificate step i see that there are a few prerequisites
  Prerequisite Steps      Verify Signature, Decrypt and Verify, or if the transport security uses SSL.
  i use a https://<server>/gateway/services/SID0003006?wsdl as endpoint from within the webserviceproxy and added the following before setting the endpoint in de proxy.
  System.setProperty("javax.net.ssl.keyStore", "/home/maqish/keystore");
  System.setProperty("javax.net.ssl.keyStoreType", "JKS");
  System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
  System.setProperty("javax.net.ssl.trustStore", "/home/maqish/keystore");
  System.setProperty("javax.net.ssl.trustStoreType", "JKS");
  System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
  I have added the server certificate in my trusted keystore and the public key is send to the server to be added as a trusted certificate.
  using verify certificate it should be possible to verify that a request is from a trusted source. but this does not seem to work very well. or else there could be some other problem in my thoughts.
  anyone who tried the same? or has ever used the policy step verify certificate?

  i do use the soa suite and jdeveloper 10.1.3.3 i have created a webservice which i have deployed to the soa application server. using this webservice works using http and https
  when i use owsm to add this webservice as a service this also works. using http and https
  when i add the request policystep verify certificate i get the following error
  Failed to initialize pipeline 'Request' in policy 'repeater(0.1)

• Error during Custom Build - error PRJ0019: A tool returned an error code from "Performing Custom Build Step"

  Hi All,
  I was trying to develop C++ web service using GShop with Visual Studio 2005.I refered a tutorial :-
  http://guruce.com/blogpost/hosting-webservices-on-windows-embedded-compact-windows-ce-using-gsoap .
  AS per the tutorial i proceeded. But, i stuck-up when making a custom build with Helloworld.wsdl.Here is the output :
  1>------ Rebuild All started: Project: HelloWorldWebService, Configuration: Debug Pocket PC 2003 (ARMV4) ------
  1>Deleting intermediate and output files for project 'HelloWorldWebService', configuration 'Debug|Pocket PC 2003 (ARMV4)'
  1>Performing Custom Build Step
  1>'D:\Test' is not recognized as an internal or external command,
  1>operable program or batch file.
  1>Project : error PRJ0019: A tool returned an error code from "Performing Custom Build Step"
  1>Build log was saved at "file://d:\Test Code\HelloWorldWebService\HelloWorldWebService\Pocket PC 2003 (ARMV4)\Debug\BuildLog.htm"
  1>HelloWorldWebService - 1 error(s), 0 warning(s)
  ========== Rebuild All: 0 succeeded, 1 failed, 0 skipped ==========
  As given in the tutorial i kept my custom build command line as : -
  $(SolutionDir)\gsoap-2.8\gsoap\bin\win32\wsdl2h.exe -s $(InputPath) -o $(ProjectDir)$(InputName).h
  and outpouts : $(InputName).h
  I kept GSHOP in the project filder :- D:\Test Code\HelloWorldWebService
  Kindly help.
  Jyotiranjan

  Hi Jyotiranjan,
  I’m glad to hear that you got it working.
  Thank you for sharing your solutions
  experience here. It will be very beneficial for other community members who
  have similar questions.
  Best regards,
  Lucy
  Lucy Liu [MSFT]
  MSDN Community Support | Feedback to us
  Get or Request Code Sample from Microsoft
  Please remember to mark the replies as answers if they help and unmark them if they provide no help.

• Remote user received a "deny log on locally" policy - and is now locked out

  Hello,
  A traveling user who received a "deny log on locally" policy remotely.
  He was accidentally added to a wrong group and is now locked out. 
  What are the steps to clear this policy?  We have a backup local admin account I can remote into.
  I appreciate any suggestions or comments. 

  > What are the steps to clear this policy?  We have a backup local admin
  > account I can remote into.
  Resolve the wrong setting, remote into the machine and issue "gpupdate
  /target:computer". Reboot and go ahead :)
  Martin
  Mal ein
  GUTES Buch über GPOs lesen?
  NO THEY ARE NOT EVIL, if you know what you are doing:
  Good or bad GPOs?
  And if IT bothers me - coke bottle design refreshment :))

• Custom Policy Issue 10G

  Hi All,
  I have created a custom policy in OWSM 10g for WS-Header Insertion, that inserts user credentials(username/password) in UserToken of SOAP Headers.
  But I am getting following error while testing my web service on OWSM.
  SOAP-ENV:Envelope
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Body>
  <SOAP-ENV:Fault>
  <faultcode
  xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults"
  xmlns="">p:Client.PolicyInitializationFailure</faultcode>
  <faultstring
  xmlns="">Failed to initialize pipeline 'Request' in policy 'testCustom(1.0)'</faultstring>
  null</SOAP-ENV:Fault>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  Kindly help

  Hi All,
  Pls help

• Logging a custom StepType Property

  I followed the "Logging a New Step Property to a Database in TestStand" description but I get this answer back: An exception occurred calling 'LogResults' in 'ITSDBLog' of 'DBLog 1.0 Type Library'
  An error occurred while setting a column value.
  Schema: Copy of Generic Recordset.
  Statement: STEP_RESULT.
  Column: String.
  Unknown variable or property name 'String'.
  Source: TSDBLog
  How do I log these custom types?

  Hi Clausen,
  *Note: The following information only applies to TestStand 2.0.x and later.
  This error is being caused by the setup of your database schema not having a valid property name to be logged for the "String" column of the "STEP_RESULT" statement. If you look in your database schema under the STEP_RESULT statement and select the String column under the Columns/Parameters tab the "Expression" box probably contains a lookup string equal to -> String. This is the exact "unknown variable or property name" that is causing the problem. You need to have a property name that begins with "Logging.StepResult.*" in order to specify a valid lookup string for the logging process/schema. For instance if this String property of yours has a lookup string of "Step.String" the lookup string to use in the database schema would be "Logging.StepResult.String". If the property is inside another step property that is a container, like "Step.MyData.String", then you would use "Logging.StepResult.MyData.String". The one exception to this container rule is that if the property is in the "Step.Result" container, as "Step.Result.String", then you would use the lookup string "Logging.StepResult.String" (this is caused by the fact that the Logging property is pulled directly from your sequence execution's "Locals.ResultList" array and properties under Step.Result are extracted from the Result container and placed in ResultList as top level properties. For example, Step.Result.String gets copied into Locals.ResultList[n].String, where "n" represents the array index of the step result you want to modify.
  The main thing to also realize, is that this step property has to be copied to your sequence's Locals.ResultList array during execution as well, because only properties within the ResultList will be passed to the logging process. There are basically 3 different ways to do this.
  1) Use the Execution.AddExtraResult method (Check the TestStand Programmer's Help for further information. You can see an example of its use within the Sequential ProcessModel's Test UUTs execution entry point as well).
  2) Put the property you wish to record into the ResultList in your step's "Step.Result" container, as every property within Step.Result is automatically copied into the ResultList at run-time by the engine. You can place your property in the Result container as the default location for the property within the definition of the custom steptype, or you can use any one of the PropertyObject.SetVal* API methods to programmatically insert a new property into the step's result container at run-time by using the method's "InsertIfMissing" option (note that if you do this it needs to occur before the step executes, or else it won't be copied into the ResultList).
  3) You can also use the PropertyObject.SetVal* methods to insert a new property directly into the ResultList using the InsertIfMissing option AFTER the desired step has executed. For instance, you could specify the lookup string "Locals.ResultList[n].String" when using these methods.
  Jason F.
  Applications Engineer
  National Instruments
  www.ni.com/ask