A simple web service security scheme
I've been doing some prototyping for a public web service. Because some of the operations involve confidential data, I'm particularly concerned with ensuring that I have a reasonable security scheme in place. At the same time I want to ensure the broadest possible access to my service, regardless of web platform or environment that clients may use.
I took a look at the security schemes of some big web service providers and tried to concoct something that is at least as secure in the context of JAX-WS 2.0. The prototype is spread across a few posts in my blog:
http://xocoatl.blogspot.com/2006/09/web-service-security.html
http://xocoatl.blogspot.com/2006/10/implementing-web-service-security.html
http://xocoatl.blogspot.com/2006/10/implementing-web-service-security_23.html
http://xocoatl.blogspot.com/2006/10/implementing-web-service-s_116166891860478135.html
Any and all feedback is appreciated. Thanks.
I am getting the same error as describes in this thread.
http://forum.java.sun.com/thread.jspa?threadID=715624&messageID=4152590
How can i solve this error.
Message was edited by:
Ajaxrand
Similar Messages
-
Mine is PROXY to SOAP asynchronous.
PI consumes the service, my requirement is when PI calls the service I need to pass web service security in SOAP header.
so that at receiver statem they can validate the user using these.
When i am calling webservice from soapui with the header parameters
Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>xxxxx</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>
<wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
<wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
What configuration needs to be done in PI.I got this in Runtime work bench
<SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
- <SOAP:Header>
- <sap:Main xmlns:sap="http://sap.com/xi/XI/Message/30" versionMajor="3" versionMinor="0" SOAP:mustUnderstand="1" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">
<sap:MessageClass>ApplicationMessage</sap:MessageClass>
<sap:ProcessingMode>asynchronous</sap:ProcessingMode>
<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
<sap:TimeSent>2009-07-15T15:46:10Z</sap:TimeSent>
- <sap:Sender>
<sap:Party agency="" scheme="" />
<sap:Service>test2310</sap:Service>
</sap:Sender>
- <sap:Receiver>
<sap:Party agency="" scheme="" />
<sap:Service>test_serivce</sap:Service>
</sap:Receiver>
<sap:Interface namespace="urn:Publish">msgIF_publish_I_Async</sap:Interface>
</sap:Main>
- <sap:ReliableMessaging xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
<sap:QualityOfService>ExactlyOnce</sap:QualityOfService>
</sap:ReliableMessaging>
- <sap:Diagnostic xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
<sap:TraceLevel>Fatal</sap:TraceLevel>
<sap:Logging>On</sap:Logging>
</sap:Diagnostic>
- <sap:HopList xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
- <sap:Hop timeStamp="2009-07-15T15:46:10Z" wasRead="false">
<sap:Engine type="BS">test_serivce</sap:Engine>
<sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
<sap:Info>3.0</sap:Info>
</sap:Hop>
- <sap:Hop timeStamp="2009-07-15T15:46:11Z" wasRead="false">
<sap:Engine type="IS">is.68.devai020</sap:Engine>
<sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
<sap:Info>3.0</sap:Info>
</sap:Hop>
- <sap:Hop timeStamp="2009-07-15T15:46:12Z" wasRead="false">
<sap:Engine type="AE">af.dxi.devai020</sap:Engine>
<sap:Adapter namespace="http://sap.com/xi/XI/System">XIRA</sap:Adapter>
<sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
</sap:Hop>
</sap:HopList>
</SOAP:Header>
Edited by: Vamsi on Jul 15, 2009 7:06 PM -
SOAP Request with Web Service Security
Hi masters of XI,
the Oasis standard for web services security saids that exists three levels of security for web services, at higher level is Encryption, middle level is signature and at lower level is authentication with username and password inside the soap envelope.
I need to do a SOAP Request signed with a X.509 certificate and username and password too in SAP PI 7.0 SP11. I can sign the request with X.509 certificate without problems but i can't authenticate the request with username and password in usernametoken element like saids the Oasis standard
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>XXXX</wsse:Username>
<wsse:Password>XXXXXXXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
How can we send UserNameToken's elements inside SOAP web service envelope
signing with X.509 certificate also? There are any way to do it in the
receiver agreement or receiver SOAP adapter?
thanks.Hi,
thank you very much for your answers.
I have solved the SSL comunication and i can sign with X.509 certificates. My problem is that in the SOAP envelope of resquest signed only travels the X.509 certificate and I need to send the username security token (wsse:UsernameToken) also.
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>XXXX</wsse:Username>
<wsse:Password>XXXXXXXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
I can't find the solution to do it. The Netweaver documentation says that Netweaver is able to sign SOAP request with X.509 certificates and is able too for using UsernameToken as part of Oasis standard for web service security. In abap stack of NW you can assign a security profile to a web service call for signing the message or authenticate it with username/password inside SOAP envelope, but in java stack of XI i think that there is no way to do it.
This is my Request:
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-71968700">MIIHdTCCBl2gAwIBAgIQOq4nmg5zi4NGsIGjPUZVuTANBgkqhkiG9w0BAQUFADCCAT4xCzAJBgNVBAYTAkVTMTswOQYDVQQKEzJBZ...8d4pAJYk=</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-104376803">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-104309952">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>R6WE9gs+l496jHCgslgALWswEnE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-104310599">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>aiCTZ0WwiZQEv8zVmmf8GLu/bYA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>YR9Q5oUA6kFFmPYOIOQPTOgTgapMbkmgdlDM/TZJ2CS8ENAntfsnmpEbpUgOPUVMkgaECog0OKvlADHP0HvJtPdm2NJljZNCCgrk3hlmmtkXkRauVuH5KRiHE5NeWT4+Uspp3ashebu0IuOO66zt4Q=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-104377209">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-104377346">
<wsse:Reference URI="#CertId-71968700" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-104310599">
<wsu:Created>2008-01-16T21:28:44.081Z</wsu:Created>
<wsu:Expires>2008-01-16T21:33:44.081Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soapenv:Header>
And this is the request I need:
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-71968700">MIIHdTCCBl2gAwIBAgIQOq4nmg5zi4NGsIGjPUZVuTANBgkqhkiG9w0BAQUFADCCAT4xCzAJBgNVBAYTAkVTMTswOQYDVQQKEzJBZ...8d4pAJYk=</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-104376803">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-104309952">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>R6WE9gs+l496jHCgslgALWswEnE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-104310599">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>aiCTZ0WwiZQEv8zVmmf8GLu/bYA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>YR9Q5oUA6kFFmPYOIOQPTOgTgapMbkmgdlDM/TZJ2CS8ENAntfsnmpEbpUgOPUVMkgaECog0OKvlADHP0HvJtPdm2NJljZNCCgrk3hlmmtkXkRauVuH5KRiHE5NeWT4+Uspp3ashebu0IuOO66zt4Q=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-104377209">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-104377346">
<wsse:Reference URI="#CertId-71968700" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<!-- THIS IS THE PART I NEED -->
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-104312926">
<wsse:Username>xxxxxxx</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"/>
</wsse:UsernameToken>
<!-- -->
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-104310599">
<wsu:Created>2008-01-16T21:28:44.081Z</wsu:Created>
<wsu:Expires>2008-01-16T21:33:44.081Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soapenv:Header> -
SAP Sybase ESP - Error: Invalid URI at Example: Using a Simple Web Services (SOAP) Input Adapter
Hello all,
we need our help regarding the StockTrader example project that is delivered with SAP Sybase Event Stream Processor (Sybase ESP 5.1).
we want to build a simple Web Service and follow the instructions as described in the Sybase Infocenter. We have attached a screenshot ("Sybase InfoCenter") that contains the described steps (as copying the URL always lead to a wrong page).
We have problems with Step 10 ("Start the ESP project by running the start_project.bat or start_project.sh script."). We get the error message "Invalid URI" as you can see in screenshot "[error] Invalid Uri". Previously we started the "start_node.bat" (Step 9) - see also screenshot "[error] Invalid Uri".
Like in steps 6 and 7 mentioned, we have changed the parameters "USER" and "PASSWORD" of the adapter_config.xml files and the parameters "ADAPTER_EXAMPLE_USERNAME"and "ADAPTER_EXAMPLE_PASSWORD" of the
set_example_env.bat files. Here, we were a bit confused wether we should change these parameters in all those files as there are 4 adapter_config.xml and 4 set_example_env.bat files. Please refer to the attached screenshot ("changed files").
Does anyone know why this error occurs and how to continue to complete the Web Service?
Later we want to push data with this Web Service into a SAP HANA database table.
We are thankful for any input and help.
Regards, AndreasHello Neal,
thanks a lot for your help.
The solution for us was to change the column names inside Sybase ESP Studio to the column names in StockTraderMappings.xml.
After compiling and running the project we could see the data and were also able to push it to SAP HANA.
This is the CCL Code that worked for us:
CREATE SCHEMA tradesSchema (
transaction_buyerId INTEGER,
transaction_sellerId INTEGER,
transaction_supervisorIds INTEGER,
transaction_tradeTime LONG,
transaction_trades_amount INTEGER,
transaction_trades_price FLOAT,
transaction_trades_symbol STRING
CREATE INPUT STREAM tradesIn SCHEMA tradesSchema;
CREATE OUTPUT STREAM tradesOut SCHEMA tradesSchema
AS SELECT * FROM tradesIn;
* mapFilePath is currently ignored and must be set via the mappingFile configuration parameter
* in the given adapter configuration file (configFilePath).
ATTACH INPUT ADAPTER Web_Services_SOAP_Input_Adapter TYPE soapinput TO tradesIn PROPERTIES configFilePath =
'C:/Sybase/ESP-5_1/adapters/webservices/examples/input/adapter_config.xml' ,
mapFilePath = 'C:/Sybase/ESP-5_1/adapters/webservices/examples/input/stockTraderMappings.xml' ,
jdkHome = 'C:/Software/Java/jdk' ,
discoveryWsdl = 'http://localhost:8080/axis2/services/StockTraderService?wsdl' ,
discoveryWorkingDir = 'C:/tmp/adapter/soap' ,
discoveryServiceName = 'StockTraderService' ;
Regards, Andreas and Maik -
Configuring OpenSSO Web Service Security on Tomcat
Dear All,
I want to configure a simple OpenSSO Web Service security for my application. My web service is on Tomcat and I have used JAX-WS.
Please let me know if there is something we can develop just by configuring OpenSSO properties, instead of writing the WSC and WSP SOAP message handlers.
Regards,
TarakDear All,
I want to configure a simple OpenSSO Web Service security for my application. My web service is on Tomcat and I have used JAX-WS.
Please let me know if there is something we can develop just by configuring OpenSSO properties, instead of writing the WSC and WSP SOAP message handlers.
Regards,
Tarak -
Hi all, I'd like to make simple web service. I made a desktop (swing) application, which requires access to database. The database is not accessible from outside of the server.
But I have web application on this server, so I can create a servlet (or jsp), which could operate as web service. Afterwards I can create a connection in my desktop application directed to this service page. The page downloads required data and grants them for my desktop application.
But I don't know the way I could do it. Can you help me please? Thank you :-).Hi again, after several days, I'm back. It seems to be very good solution for me, but I have a problem. I can't catch it :-(. I've read the manual pages maybe twenty-times and I've looked for another tutorials and so on. Nothing helped. I don't know, how I can run it :-(. I create following:
My web.xml:<web-app version="2.4"
xmlns="http://java.sun.com/xml/ns/j2ee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee
http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
<servlet>
<servlet-name>EOTService</servlet-name>
<servlet-class>services.EOTService</servlet-class>
<init-param>
<param-name>enabledForExtensions</param-name>
<param-value>true</param-value>
<description>Sets, whether the servlet supports vendor extensions for XML-RPC.</description>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>EOTService</servlet-name>
<url-pattern>/service</url-pattern>
</servlet-mapping>
</web-app>In package services I have two .java files. The first one, Calculator.java:package services;
public class Calculator {
public int add(int a, int b) {
return a + b;
public int sub(int a, int b) {
return a - b;
}and the second one, EOTService.java:package services;
import org.apache.xmlrpc.*;
import org.apache.xmlrpc.common.*;
import org.apache.xmlrpc.server.*;
import org.apache.xmlrpc.webserver.*;
public class EOTService extends XmlRpcServlet {
private boolean isAuthenticated(String pUserName, String pPassword) {
return pUserName.equals("username") && pPassword.equals("password");
protected XmlRpcHandlerMapping newXmlRpcHandlerMapping() throws XmlRpcException {
PropertyHandlerMapping mapping = (PropertyHandlerMapping) super.newXmlRpcHandlerMapping();
AbstractReflectiveHandlerMapping.AuthenticationHandler handler =
new AbstractReflectiveHandlerMapping.AuthenticationHandler() {
public boolean isAuthorized(XmlRpcRequest pRequest) {
XmlRpcHttpRequestConfig config = (XmlRpcHttpRequestConfig) pRequest.getConfig();
return isAuthenticated(config.getBasicUserName(), config.getBasicPassword());
mapping.setAuthenticationHandler(handler);
try {
mapping.addHandler("Calculator", Class.forName("services.Calculator"));
} catch (ClassNotFoundException e) {
e.printStackTrace();
return mapping;
}In the myapp/WEB-INF/lib I have these files:xmlrpc-common-3.1.3.jar
xmlrpc-server-3.1.3.jarAnd now, I'd like to connect to this servlet and download data. So I have another application and in main method of the application I call this:public static void main(String[] args) {
try {
XmlRpcClientConfigImpl config = new XmlRpcClientConfigImpl();
config.setServerURL(new URL("http://127.0.0.1:8080/service"));
XmlRpcClient client = new XmlRpcClient();
client.setConfig(config);
Object[] params = new Object[]{new Integer(33), new Integer(9)};
Integer result = (Integer)client.execute("Calculator.add", params);
System.out.println("33 + 9 = " + result);
} catch (java.net.MalformedURLException e) {
System.out.println(e.getMessage());
} catch (org.apache.xmlrpc.XmlRpcException e) {
e.printStackTrace(System.out);
}But following exception is thrownException in thread "main" java.lang.NoClassDefFoundError: org/apache/ws/commons/serialize/DOMSerializer
at org.apache.xmlrpc.serializer.NodeSerializer.<clinit>(NodeSerializer.java:30)
at org.apache.xmlrpc.common.TypeFactoryImpl.<clinit>(TypeFactoryImpl.java:88)
at org.apache.xmlrpc.common.XmlRpcController.<init>(XmlRpcController.java:31)
at org.apache.xmlrpc.client.XmlRpcClient.<init>(XmlRpcClient.java:51)
at main.Main.main(Main.java:51)
Caused by: java.lang.ClassNotFoundException: org.apache.ws.commons.serialize.DOMSerializer
at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
at java.security.AccessController.doPrivileged(Native Method)
at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
at java.lang.ClassLoader.loadClass(ClassLoader.java:307)
at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
at java.lang.ClassLoader.loadClass(ClassLoader.java:248)
... 5 moreI'm trying to implement it for five days and my failure is very stressful. Help me please... please :-[. -
I don't see Web Services Security in Visual Administrator
Iu2019m setting up ADS and when I start the Visual Administrator and select the node Server <x> / Services / Web Services Security from the Cluster tab, I donu2019t see any web service and the tab runtime is completely in gray and it doesnu2019t show me any data.
It only show me, in the status bar, the message u201CGetting schema to java mapping for Web Service: AdobeDocumentServicesSec, style =u201D
Thanks in advance for your awnsers.Hello Fernando,
Please use the following link to get more info on Web Services Security.
http://help.sap.com/saphelp_erp2005/helpdata/en/50/a5d13f83a14d21e10000000a1550b0/frameset.htm
https://www.sdn.sap.com/irj/sdn/advancedsearch?cat=sdn_library&query=webservicessecurityinvisual+administrator&adv=true&sdn_author_name=&sortby=cm_rnd_rankvalue
Hope it is helpful..
Cheers,
Satish. -
BPEL Process Manager says that My Simple Web Service returns null !
Hi every body,
I am deploying a process which invokes a simple web service (TheaterWS) running on Tomcat.This service simply accepts a string input and returns it concatenated with other string . I tested it with a client that I made with JDeveloper, every thing is O.K, But after deploying the process to a BPEL server, I got the following Assign Activity error on BPEL Console:
( Error in <assign> expression: <from>-Value is empty in row "43".The part "return" is Null, as shown in the following snippet:
<Invoke_Theater_getBooked_OUT>
<part xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="return">null</part>
</Invoke_Theater_getBooked_OUT>
Here is my files:
The TheaterBP.bpel
<process name="TheaterBP" targetNamespace="http://xmlns.oracle.com/TheaterBP" xmlns="http://schemas.xmlsoap.org/ws/2003/03/business-process/" xmlns:xp20="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.Xpath20" xmlns:bpws="http://schemas.xmlsoap.org/ws/2003/03/business-process/" xmlns:ldap="http://schemas.oracle.com/xpath/extension/ldap" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns2="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns:client="http://xmlns.oracle.com/TheaterBP" xmlns:bpelx="http://schemas.oracle.com/bpel/extension" xmlns:ora="http://schemas.oracle.com/xpath/extension" xmlns:orcl="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.ExtFunc">
<partnerLinks>
<partnerLink name="client" partnerLinkType="client:TheaterBP" myRole="TheaterBPProvider" partnerRole="TheaterBPRequester"/>
<partnerLink name="TheaterPartnerLink" partnerRole="TheaterWS_Role" partnerLinkType="ns2:TheaterWS_PL"/>
</partnerLinks>
<variables>
<variable name="inputVariable" messageType="client:TheaterBPRequestMessage"/>
<variable name="outputVariable" messageType="client:TheaterBPResponseMessage"/>
<variable name="Invoke_Theater_getBooked_IN" messageType="ns2:getBookedRequest"/>
<variable name="Invoke_Theater_getBooked_OUT" messageType="ns2:getBookedResponse"/>
</variables>
<sequence name="main">
<receive name="receiveInput" partnerLink="client" portType="client:TheaterBP" operation="initiate" variable="inputVariable" createInstance="yes"/>
<assign name="Assign_1">
<copy>
<from variable="inputVariable" part="payload" query="/client:TheaterBPProcessRequest/client:input"/>
<to variable="Invoke_Theater_getBooked_IN" part="a"/>
</copy>
</assign>
<invoke name="Invoke_Theater" partnerLink="TheaterPartnerLink" portType="ns2:TheaterWS" operation="getBooked" inputVariable="Invoke_Theater_getBooked_IN" outputVariable="Invoke_Theater_getBooked_OUT"/>
<assign name="Assign_2">
<copy>
<from variable="Invoke_Theater_getBooked_OUT" part="return"/>
<to variable="outputVariable" part="payload" query="/client:TheaterBPProcessResponse/client:result"/>
</copy>
</assign>
<invoke name="callbackClient" partnerLink="client" portType="client:TheaterBPCallback" operation="onResult" inputVariable="outputVariable"/>
</sequence>
</process>
</definitions>
The TheaterPartenerLink1.wsdl
targetNamespace="http://139.25.6.39:8080/axis/TheaterWS.jws"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:bpws="http://schemas.xmlsoap.org/ws/2003/03/business-process/"
xmlns:intf="http://139.25.6.39:8080/axis/TheaterWS.jws"
xmlns:plnk="http://schemas.xmlsoap.org/ws/2003/05/partner-link/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
<import namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" location="http://139.25.6.39:8080/axis/TheaterWS.jws?wsdl"/>
<plnk:partnerLinkType name="TheaterWS_PL">
<plnk:role name="TheaterWS_Role">
<plnk:portType name="intf:TheaterWS"/>
</plnk:role>
</plnk:partnerLinkType>
</definitions>
and here is the TheaterWS.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions targetNamespace="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:impl="http://139.25.6.39:8080/axis/TheaterWS.jws-impl" xmlns:intf="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsdl:message name="getBookedResponse">
<wsdl:part name="return" type="xsd:string"/>
</wsdl:message>
<wsdl:message name="getBookedRequest">
<wsdl:part name="a" type="xsd:string"/>
</wsdl:message>
<wsdl:portType name="TheaterWS">
<wsdl:operation name="getBooked" parameterOrder="a">
<wsdl:input message="intf:getBookedRequest"/>
<wsdl:output message="intf:getBookedResponse"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="TheaterWSSoapBinding" type="intf:TheaterWS">
<wsdlsoap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="getBooked">
<wsdlsoap:operation soapAction=""/>
<wsdl:input>
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" use="encoded"/>
</wsdl:input>
<wsdl:output>
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" use="encoded"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TheaterWSService">
<wsdl:port binding="intf:TheaterWSSoapBinding" name="TheaterWS">
<wsdlsoap:address location="http://139.25.6.39:8080/axis/TheaterWS.jws"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
I apprecitae any hints,Hi every body,
I am deploying a process which invokes a simple web service (TheaterWS) running on Tomcat.This service simply accepts a string input and returns it concatenated with other string . I tested it with a client that I made with JDeveloper, every thing is O.K, But after deploying the process to a BPEL server, I got the following Assign Activity error on BPEL Console:
( Error in <assign> expression: <from>-Value is empty in row "43".The part "return" is Null, as shown in the following snippet:
<Invoke_Theater_getBooked_OUT>
<part xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" name="return">null</part>
</Invoke_Theater_getBooked_OUT>
Here is my files:
The TheaterBP.bpel
<process name="TheaterBP" targetNamespace="http://xmlns.oracle.com/TheaterBP" xmlns="http://schemas.xmlsoap.org/ws/2003/03/business-process/" xmlns:xp20="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.Xpath20" xmlns:bpws="http://schemas.xmlsoap.org/ws/2003/03/business-process/" xmlns:ldap="http://schemas.oracle.com/xpath/extension/ldap" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:ns2="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns:client="http://xmlns.oracle.com/TheaterBP" xmlns:bpelx="http://schemas.oracle.com/bpel/extension" xmlns:ora="http://schemas.oracle.com/xpath/extension" xmlns:orcl="http://www.oracle.com/XSL/Transform/java/oracle.tip.pc.services.functions.ExtFunc">
<partnerLinks>
<partnerLink name="client" partnerLinkType="client:TheaterBP" myRole="TheaterBPProvider" partnerRole="TheaterBPRequester"/>
<partnerLink name="TheaterPartnerLink" partnerRole="TheaterWS_Role" partnerLinkType="ns2:TheaterWS_PL"/>
</partnerLinks>
<variables>
<variable name="inputVariable" messageType="client:TheaterBPRequestMessage"/>
<variable name="outputVariable" messageType="client:TheaterBPResponseMessage"/>
<variable name="Invoke_Theater_getBooked_IN" messageType="ns2:getBookedRequest"/>
<variable name="Invoke_Theater_getBooked_OUT" messageType="ns2:getBookedResponse"/>
</variables>
<sequence name="main">
<receive name="receiveInput" partnerLink="client" portType="client:TheaterBP" operation="initiate" variable="inputVariable" createInstance="yes"/>
<assign name="Assign_1">
<copy>
<from variable="inputVariable" part="payload" query="/client:TheaterBPProcessRequest/client:input"/>
<to variable="Invoke_Theater_getBooked_IN" part="a"/>
</copy>
</assign>
<invoke name="Invoke_Theater" partnerLink="TheaterPartnerLink" portType="ns2:TheaterWS" operation="getBooked" inputVariable="Invoke_Theater_getBooked_IN" outputVariable="Invoke_Theater_getBooked_OUT"/>
<assign name="Assign_2">
<copy>
<from variable="Invoke_Theater_getBooked_OUT" part="return"/>
<to variable="outputVariable" part="payload" query="/client:TheaterBPProcessResponse/client:result"/>
</copy>
</assign>
<invoke name="callbackClient" partnerLink="client" portType="client:TheaterBPCallback" operation="onResult" inputVariable="outputVariable"/>
</sequence>
</process>
</definitions>
The TheaterPartenerLink1.wsdl
targetNamespace="http://139.25.6.39:8080/axis/TheaterWS.jws"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:bpws="http://schemas.xmlsoap.org/ws/2003/03/business-process/"
xmlns:intf="http://139.25.6.39:8080/axis/TheaterWS.jws"
xmlns:plnk="http://schemas.xmlsoap.org/ws/2003/05/partner-link/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>
<import namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" location="http://139.25.6.39:8080/axis/TheaterWS.jws?wsdl"/>
<plnk:partnerLinkType name="TheaterWS_PL">
<plnk:role name="TheaterWS_Role">
<plnk:portType name="intf:TheaterWS"/>
</plnk:role>
</plnk:partnerLinkType>
</definitions>
and here is the TheaterWS.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions targetNamespace="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:impl="http://139.25.6.39:8080/axis/TheaterWS.jws-impl" xmlns:intf="http://139.25.6.39:8080/axis/TheaterWS.jws" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<wsdl:message name="getBookedResponse">
<wsdl:part name="return" type="xsd:string"/>
</wsdl:message>
<wsdl:message name="getBookedRequest">
<wsdl:part name="a" type="xsd:string"/>
</wsdl:message>
<wsdl:portType name="TheaterWS">
<wsdl:operation name="getBooked" parameterOrder="a">
<wsdl:input message="intf:getBookedRequest"/>
<wsdl:output message="intf:getBookedResponse"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="TheaterWSSoapBinding" type="intf:TheaterWS">
<wsdlsoap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="getBooked">
<wsdlsoap:operation soapAction=""/>
<wsdl:input>
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" use="encoded"/>
</wsdl:input>
<wsdl:output>
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://139.25.6.39:8080/axis/TheaterWS.jws" use="encoded"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TheaterWSService">
<wsdl:port binding="intf:TheaterWSSoapBinding" name="TheaterWS">
<wsdlsoap:address location="http://139.25.6.39:8080/axis/TheaterWS.jws"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
I apprecitae any hints, -
How to make my Portal Web Service SECURED?
Hi Experts,
I created one portal Service and exposed it as Portal Web Service.
Everything is working fine, as i deployed my Portal Web Service on to the SAP J2EE Engine ie SAP Server.
I m able to access functions of Web Service from my StandAlone Java Application.
but the problem is my Web Service is not SECURED.
How can i make my Portal Web Service SECURED?
Please help me out.
Help will be appreciated and rewarded!!!!!user13046122 wrote:
I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
I now need to make SOAP Web Service calls - from an 8.1.7.4 database
But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess. -
I have created a web service in the NetWeaver portal using a Portal Service. I have marked the service as requiring basic http authentication. However, when I call the web service from the Enterprise Portal Web Services Checker in NWDS it just let's me supply the params of the web service and no authentication. Any ideas?
I also noticed that my web service does not appear under the Web Services Container or Web Services Security section in Visual Administrator. Anybody have any idea why this is?
Thanks in advance.
CurtisHi Curtis,
My guess is that since you are logged into the Portal while calling this web service, it will use the current session cookie to authenticate automatically. I'm not sure on the second question, tried a restart?
Regards,
Raj -
Web Service Security with SAML - Invalid XML signature
Hello together,
we want to build a scenario where we want to use Web Service Security with SAML.
The scenario will be
WS Client (Java Application) -> WS Adapter -> Integration Engine -> WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
SAP PI release is 7.11 (SP Level 4)
We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
But we get following error at calling the CRM system when we want to communicate with SAML:
<E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
Has somebody an idea of the possible reason for the error.
Thanks in advance
StefanError Messages in the Trace/Log Viewer:
CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48 with internal error id 1001 and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1 ).
Invalid XML signature -
Need Suggestion to build a simple web service demo
I'm planning to build a demo using java packages JAX* for my team using my workstation and another standalone box.
I got a Sun One Web Services Platform DVD from JavaOne, but it only support Win200 or XP, too bad our company still using Win NT SP6.
I only need a very simple web service that will bring data from server DB. I knew I can download the JWSDP1.2, but there is no tutorial right now. And I have tried JWSDP1.1 but not really understand what it is doing(because only Hello world service is working). I need to do some modification to change the default server port from 80 to 81, and I need to modified localhost to [my-machine-name] so that the other machine can talk to the JWSDP server.
My question is how can I build up a web service demo really easy and quick and what tool should I used, any suggestion will be appreciated! Thanks in advance!
Henry1. Use XML Spy Enterprise edition editor.
2. Goto www.xmethods.com, select service you want to create demo of.
3. Get its WSDL url.
4. In XML Spy SOAP menu there is a command 'create new soap request'. Press that, enter the WSDL url. You will get a SOAP request.
5. Edit SOAP request parameters. Type parameters of your choice.
6. Press 'send request to server'. You will get SOAP response. It will contain result from the requested method.
7. Paste that response inside a JSP.
8. Write a local method which will return same response (remote method's return value) that came from remote web service.
9. Paste that method inside abovementioned JSP. Replace static response in that JSP with the response generated by local method. The method parameters will come from client's SOAP request. Parse SOAP request to get request parameters. (As it's your demo, you know the data types of the parameters).
10. Host that JSP on any Servlet/JSP engine.
That makes your Web Service.
You can use any package like Aapche SOAP, AXIS or JAX-RPC to generate a SOAP client. Use the URL of JSP(step 10) as "endpoint".
Note: Indside JSP make sure that there in no endline and carriage return character. Otherwise it won't be a valid SOAP response.
Good luck. -
Details for 'Is Web service security available?'
Hi i am working on scenario rfc to webservice.Its as secued webserivce i need to do ssl configuration.
In component monitoring..for the integration engine its in yellow...
Details for 'Is Web service security available?'
Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client)
can any one please help me out..
Thanks
sriramI have already installed certificates on the j2ee engine & i have given the paramaters for keystore entry & keystore value.Still i have the same error
In component monitoring
For integration engine
Details for 'Is Web service security available?'
Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client)
In message monitoring
Audit Log for Message: f614df00-e9e0-11da-95ef-0004ac577b32
Time Stamp Status Description
2006-05-22 15:18:58 Success The message was successfully received by the messaging system. Profile: XI URL: http://saptst01:51000/MessagingSystem/receive/AFW/XI
2006-05-22 15:18:58 Success Using connection AFW. Trying to put the message into the request queue.
2006-05-22 15:18:58 Success Message successfully put into the queue.
2006-05-22 15:18:58 Success The message was successfully retrieved from the request queue.
2006-05-22 15:18:58 Success The message status set to DLNG.
2006-05-22 15:18:58 Success Delivering to channel: ZCH_VERISIGNPPGR
2006-05-22 15:18:58 Success SOAP: request message entering the adapter
2006-05-22 15:18:58 Success SOAP: call failed
2006-05-22 15:18:58 Error SOAP: error occured: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter
2006-05-22 15:18:58 Error Exception caught by adapter framework: Peer sent alert: Alert Fatal: illegal parameter
Can any one please help me out.
Thanks
sriram -
hi all,
I am publishling the BC4J Component(Application module) as a webservice. The particular web service method will be as follows. The method is returning the element object.
public Element getEmp(String searchString,String selectedItem, int pageNoInput)
return (Element)hits.writeXML(1,Row.XML_OPT_LIMIT_RANGE);
I am securing the web service by the instructions which are given in the following link
http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
Then i am creating the proxy client. when i run the proxy client it gives me the following exception
javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:553)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:390)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:111)
at aptuitclient.runtime.ReviewProtocolAppModuleServiceSoapHttp_Stub.getEmp(ReviewProtocolAppModuleServiceSoapHttp_Stub.java:91)
at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.getEmp(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:58)
at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.main(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:44)
When i am removing the security for the web service it is giving the Element object.
The Problem is when i am securing the web service it is giving the above said exception.
Please help me regarding this... this is very urgent...
rgds
ParameswaranHello,
When you are using WS-Security you need to secure the client too. So in your case the client is the ADF Data Control.
The way you should configure your data control is documented here:
- Web Services Security and ADF Data Control
Regards
Tugdual Grall -
Web Service Security using OpenSSO
Hi,
I have a question regarding the usage of the OpenSSO in order to secure web services.
I have read the documentation and it states the OpenSSO enables web service security.
However, in the docs the main scenario is where the WSC and WSP are protected by the agent.
In my scenario, I would like to use agents only on the WSP side, but leave the implementation of the client side open to the partners. Partners will have the interface from the OpenSSO for the authentication and saml token retrieval. The client will have to create soap by itself. This is the case since the WSC are to be standalone applications on client computers.
To set the actual question; what are web service interfaces that OpenSSO as a STS offers for authentication and saml token issuance. Is there same sort of a referential architecture for this case where only the STS and WSP can be configured and the WSC implementation of the WSS left to the partner. Any pointers and directions would be appreciated.
Thanks!Hi
Thanks for your reply
I downloaded OC4J 10.1.2.0.2 and ran it as as a standalone server.
I read the blog you linked and made the changes to the web.xml for the webservice. All of which I was able to do using the property palette in jdev 10.1.2.1.0.
I deployed my webservice to my oc4j standalone server and it appeared as a new application. I editied the orion-web.xml for the new application manually.
When I point my browser at the webservice I get the test page which allows me to pass parameters to the webserive. I invoke the webservice (which does a HTTP GET according to the test page) and the webservice runs. No user and password is needed though.
What is the expected behaviour? I was hoping that the webservice wouldn't run until I supplied the admin user name and password
paul
Maybe you are looking for
-
I knew this has been asked thousand times and I read the anwser and follow all steps. I uninstall and resintall, I reset my iPod, i change to another USB port, I run iPod updater. I have done all these but still, it isnt show up in iTunes nor Windows
-
Is mandatory upgrade XI 3.0 to PI 7.0?
Hi everybody... Actually in our landscape there is a R/3 system in 4.6 C version and eventually this system will be upgrade to a ECC 6.0 version. My question... Is mandatory to make an upgrade from our integraton plataform (XI 3.0) to a PI 7.0 versio
-
Connecting oracle using Directory Naming Method
Hi, I am just checking the possibilities of implementing Directory Naming Method in our organization. currently we are using Local Naming method (using tnsnames.ora). I did google to find the pre-requsites to use directory naming method and I couldnt
-
Program compiles, but does not run
To: XCode Users <[email protected]> From: Brigit Ananya <[email protected]> Subject: Program compiles, but does not run I am trying to port a Java application from the PC to the Mac. I am using XCode and the program compiles, but it does no
-
Pricing error: Mandatory condition Taxes via TTE (0TTE) is missing
Hello All, For Complaint in CRM change in default item category gives the captioned error. The error is there for all Sales Organisations. Any suggestion how this error can be removed. Thanks & Regards, DP