Add username token to SOAP Service in ESB

Similar Messages

• URGENT ::: How to add UserName Token to SOAP Message Header.

  Hi,
  I created a webservice client using CLIENTGEN utility of weblogic from the WSDL file. When I am trying to call a webservice which is hosted on TOMCAT server, I am getting the following exception::
  5/12/2008 06:09:02 com.sun.xml.wss.impl.filter.DumpFilter process
  INFO: ==== Sending Message Start ====
  <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-
  instance" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://settlementService.au.db.com/types">
  <env:Body>
  <env:Fault>
  <faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:FailedAuthentication</faultcode>
  <faultstring>Message does not conform to configured policy [ AuthenticationTokenPolicy  ]: No Security Header found</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  ==== Sending Message End ====
  The webservice ic configured as secured webservice, there is some certificate file which was provided to me from client. Useing java KEYTOOL command I have created the keystore from that certificate and configure it in the weblogic server console.
  Issue is the SOAP message header is blank I need to add the USERNAME TOken profile to this header, in order to access this webservice. The current CLIENT code snippet is shown below:
            try{
                 String WSDLUrl = "https://shappzu2.au.db.com:8297/settlementService-ws/settlementService?WSDL";
                 String wsUserName = "tracer-us";
                 String wsPassword = "R0na!do#11";
                 InputStream[] policies = new InputStream[]{Client.class.getResourceAsStream("/wl-unt-policy.xml")};
                 SettlementService_Impl settlementServiceObj = new SettlementService_Impl(WSDLUrl);
                 SettlementServiceFacade port = settlementServiceObj.getSettlementServiceFacadePort(policies, policies);               
                 List credProviders = new ArrayList();
                 CredentialProvider cp = new ClientUNTCredentialProvider(wsUserName.getBytes(), wsPassword.getBytes());
            credProviders.add(cp);
            Stub stub = (Stub)port;
            // Set stub property to point to list of credential providers
            stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
                 if(sharesXMLString != null && sharesXMLString.length() > 0) {
                      port.loadEquityTrade(sharesXMLString);
            }catch(Exception e){
                 //throw new SystemException(e.getMessage());
                 e.printStackTrace();
  Can any one help me in this?

  1) Use something like TCPmon https://tcpmon.dev.java.net/ or verbose logging to see the actual message content on the wire that the client is sending
  2) Inside the WLS samples there is a UNT sample in the INSTALL_DIR/wlserver_10.0(or equivalent)/samples/server/examples/src/examples/webservices/security_jws
  If that works correctly and puts the UNT in the header, then I would compare that code with yours.

• Username token in SOAP message

  Dear PI experts.
  I am using SAP PI 7.1 and having a scenario where a message is sent from SAP (ECC 6.0) using Abap Proxy via PI to Java legacy system with Receiver SOAP Adapter.
  I am supposed to send username token in the SOAP header. I have browsed quite an amount of SAP's Web service security material, but not yet been able to implement this behaviour. Mostly these documents are handling webservice scenarios between Abap systems using WS-RM.
  Could you please advise me to right track.
  Thank you, Jukka.

  Hi,
  you can use Principal Propagation to propagate your user from R/3 to PI to your target application.....you will have to ask your basis guys to enable Principal Propagation in your XI system by making your r/3 system and XI system as trusted systems to eachother.
  Regards,
  Rajeev Gupta

• Pass Username token in Web Service Client

  I am totally new to Java....I work primarily with .Net. I am trying to send a Username token to a web service. I looked at the examples...can't get them to run.
  My question is, without using config files, can I specify username token in the class. You can do this in .Net.
  I am working with .NetBeans IDE 5.0.

  I looked at this example....didn't get to far because I couldn't setup the samples.
  http://java.sun.com/webservices/docs/1.6/tutorial/doc/XWS-SecuritySamples5.html#wp569635
  Here is the guide I followed to setup the samples.
  http://java.sun.com/webservices/docs/1.6/tutorial/doc/XWS-SecuritySamples2.html
  I didn't do the part about the keystore. I got stuck on the "Setting Build Properties", and I don't know how to run the samples.
  Are you saying there is no way of creating a java application, creating the web service client with JWSDP 2.0 and then modifying either the generated code or my main.class to set the username and token properties?
  Thanks, Mike L.

• Attach WS Security (Username Token) to web service

  Dear All,
  I would like to attach WS security from Weblogic Side. Please can you suggest for me a good tutorial.
  Thanks

  You can refer this article
  web services security in weblogic

• Web Service Security Username Token Issue

  Hi,
  I am trying to implement WS-Security (Username Token) on web services deployed on Weblogic Server 8.1 (sp4). The deployment works fine but whenever I try to invoke the service using auto generated client stub (created using clientgen) or weblogic server console (service test page) , I get the following error:
  <Nov 8, 2006 12:01:46 PM GMT+05:30> <Info> <WebService> <BEA-220024> <Handler weblogic.webservice.core.handler.WSSEClientHandler threw an exception from its handleRequest method. The exception was:
  java.lang.AssertionError: Bad password type: wsse:PasswordText.>
  Failed to create web service client:java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
  Detail:
  <detail>
  <bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.lang.AssertionError: Bad password type: wsse:PasswordText
  at weblogic.xml.security.wsse.v200207.UsernameTokenImpl.<init>(UsernameTokenImpl.java:64)
  at weblogic.xml.security.wsse.v200207.SecurityElementFactoryImpl.createToken(SecurityElementFactoryImpl.java:59)
  at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:300)
  at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:100)
  at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
  at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
  at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
  at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
  at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
  at com.cts.sipservices.implementation.client.MrmPartyServiceImplementationPort_Stub.getParty(MrmPartyServiceImplementationPort_Stub.java:46)
  at com.cts.sipservicesclient.client.SecureClient.<init>(SecureClient.java:76)
  at com.cts.sipservicesclient.client.SecureClient.main(SecureClient.java:38)
  </bea_fault:stacktrace>
  </detail>; nested exception is:
  javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
  This is the ‘security’ tag of my ‘web-services.xml’:
  <security>
  <spec:SecuritySpec xmlns:spec="http://www.openuri.org/2002/11/wsse/spec"
  Namespace="http://schemas.xmlsoap.org/ws/2002/07/secext"
  Id="default-spec">
  <spec:UsernameTokenSpec xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"
  PasswordType="wsse:PasswordText">
  </spec:UsernameTokenSpec>
  </spec:SecuritySpec>
  </security>
  Thanks

  Apply these debug flags, to get some more debug information from WSSE server side processing following debug flags are helpful:
  -Dweblogic.webservice.security.debug=true
  -Dweblogic.webservice.security.verbose=true

• How to set WS Username token programmatically in java?

  Hi,
  Jdev Version: 11.1.1.4.0.
  I have created a webservice proxy using Jdev from a wsdl.
  I need to invoke a service from the client. But for this I need to set the username token in SOAP header to access the service.
  The username token is not exposed or generated in the client.
  When I run it from SOAP ui, I manually enetered,
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="UsernameToken-7" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>1234</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">1111111111</wsse:Password>
  <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">XXXXXXXXXXXXXXXXXXXXXXXXXXX</wsse:Nonce>
  <wsu:Created>2012-03-02T23:41:44.511Z</wsu:Created>
  </wsse:UsernameToken>
  </wsse:Security>
  Without the username token I cannot invoke the service from my client code.
  How do I add the username token to the generated clients in ADF?
  Thanks in advance!!

  I tried it by setting the credentials in requestContext and got the error:
  Exception in thread "main" javax.xml.ws.WebServiceException: No Content-type in the header!
  at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:268)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:124)
       at com.sun.xml.ws.transport.DeferredTransportPipe.processRequest(DeferredTransportPipe.java:121)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:866)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:815)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:778)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:680)
       at com.sun.xml.ws.client.Stub.process(Stub.java:272)
       at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:153)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:115)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:95)
       at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:136)
       at $Proxy35.ping(Unknown Source)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at weblogic.wsee.jaxws.spi.ClientInstanceInvocationHandler.invoke(ClientInstanceInvocationHandler.java:84)
       at $Proxy36.ping(Unknown Source)
  Is there something else I need to do?
  Thanks!
  Edited by: 953940 on Oct 11, 2012 7:34 AM

• Problems with JAX-WS when using security (e.g. username token profile)

  Hello,
  I am deploying a web service on weblogic 11g (10.3.1) with this policy:
  @Policy(uri = "policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml",attachToWsdl=true)
  I have another web application as client which is using a JAX-WS SOAP handler to communicate with web service
  and everything works fine when my client is deployed on tomcat 6 (JRE 6) (anthentication goes through)
  The handleMessage() method of my handler is posted here :
       public boolean handleMessage(SOAPMessageContext context) {
       m_logger.debug("UserNameTokenHandler handleMessage() called");
       Boolean outboundProperty = (Boolean) context.get (MessageContext.MESSAGE_OUTBOUND_PROPERTY);
       SOAPMessage message =context.getMessage();
  if (outboundProperty.booleanValue()) {
       m_logger.debug("\n (client protocol handler) Outbound message:");
  try {
       SOAPEnvelope envelope = context.getMessage().getSOAPPart().getEnvelope();
       SOAPHeader header = envelope.getHeader();
       if (header == null ) {
            header = envelope.addHeader();
       SOAPElement security = header.addChildElement("Security", "wsse", WSSE_NAMESPACE);
       SOAPElement usernameToken = security.addChildElement("UsernameToken", "wsse");
       usernameToken.addAttribute(new QName("xmlns:wsu"), WSU_NAMESPACE);
       SOAPElement username = usernameToken.addChildElement("Username", "wsse");
       username.addTextNode(user);
       SOAPElement password = usernameToken.addChildElement("Password", "wsse");
       password.addTextNode(pass);
       } catch (Exception e) {
            m_logger.error("Failed to add username token profile security", e);
  } else {
       m_logger.debug("\n (client protocol handler) Inbound message:");
  return true;
  but when I deploy the same client on weblogic server it fails to communicate with my web service with this error:
  javax.xml.ws.soap.SOAPFaultException: Unable to add security token for identity, token uri =http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken
  I noticed Weblogic has some packages to handle security like:
  weblogic.wsee.security.unt.ClientUNTCredentialProvider
  weblogic.xml.crypto.wss.provider.CredentialProvider
  weblogic.xml.crypto.wss.WSSecurityContext
  So I added another mechanism using weblogic package to add username password to SOAP header
  Map<String, Object> request = ((BindingProvider) proxy).getRequestContext();
            if (connectInfo.get("username") != null && connectInfo.get("password") != null) {
            List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();
            //client side UsernameToken credential provider
            CredentialProvider cp = new ClientUNTCredentialProvider((String)connectInfo.get("username"),
                      (String)connectInfo.get("password"));
            credProviders.add(cp);
            request.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);      
  This seems to be ok but only for weblogic.
  I don't want to have one client for deploying on weblogic and another one for JAX-WS
  I suppose weblogic follows the standard and should support the original approach.
  Is this an incompatibly issue or am i missing something

  In one of WLP Pageflows, I invoke a SOA BPEL WebService that needs Security Header like the way you have. I have my own Handler class and I call the below private method in handleMessage(...) and so far it is working fine. Security Header is adding fine.
  One difference I could see in your method and my method is when we create SOAPElement for "Security" Tag, at the time of creation itself, I pass the third argument also that is the namespace. I remember vaguely, when I used code like yours, like first instantiate with only 2 args. Then set the namespace. It did not work. So I used the API, that takes the namespace as third argument.
  So try something like below. This is a working code snipped deployed on WLP 10.3 (WLP is on top of WLS 10.3).
  Thanks
  Ravi Jegga
       private void setSOAPSecurityHeader(SOAPEnvelope soapEnvelope) throws Exception {
            try {
                 //soapEnvelope.addNamespaceDeclaration("soap", "http://schemas.xmlsoap.org/soap/envelope/");
                 soapEnvelope.addNamespaceDeclaration("wsu", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
                 SOAPHeader header = soapEnvelope.addHeader();
                 String namespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
                 SOAPElement securityElement = header.addHeaderElement(soapEnvelope.createName("Security", "wsse", namespace));
                 securityElement.addNamespaceDeclaration("", namespace);
                 //securityElement.addNamespaceDeclaration("env", "http://schemas.xmlsoap.org/soap/envelope/");
                 SOAPElement usernameTokenElement = securityElement.addChildElement(soapEnvelope.createName("UsernameToken", "wsse", namespace));
                 usernameTokenElement.addNamespaceDeclaration("", namespace);
                 SOAPElement usernameElement = usernameTokenElement.addChildElement(soapEnvelope.createName("Username"));
                 SOAPElement passwordElement = usernameTokenElement.addChildElement(soapEnvelope.createName("Password"));
                 // For Testing Purposes only hardcoded this username and password values. Later on this may be set dynamically
                 usernameElement.setValue("xxxxxxx");
                 passwordElement.setValue("yyyyyyy");
                 //SOAPBody soapBody = soapEnvelope.getBody();
                 //SOAPHeader soapHeader = soapEnvelope.getHeader();
            } catch (Exception e) {
                 // Handle This error in the main method that is calling this private method. So just return the Exception as it is...
                 throw e;
       }

• UserName token apache axis

  Hello.
  I've generated client code from the wsdl files with axis wsdl2java. Now I have to add userName token to the soap envelope, there are some examples on the web with separate xml files. I have no idea how to do this using axis. As the Call object is generated from the wsdl I suppose I have to add the envelope somehow there?
  I am not using J2EE so there are no deployment descriptors. Could someone help please.

  Thanks, but Tomcat is the server, not OC4J. I have success deploying a web service to OC4J and hitting it from a stored procedure, axis and soap, but:
  I am looking for more information on how to install Axis in the database with loadjava. I have it loaded in the local db, thinking it came from a full install. I am unable to load it in a different db with loadjava due to its class resolutions. The DBAs don't have the information needed to loadjava it there either.
  Any information on loading Axis with loadjava? Something along the lines of "How-to load the Axis stack in Oracle with LoadJava".

• WS-Security and proxy service: Unable to add security token for identity

  What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
  I did simple "hello word" proxy service and tried to apply custom policy binding.
  WS-Policy is next:
  <wsp:Policy wsu:Id="WS-Policy-Siebel"
       xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
       xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
       <wssp:Identity
            xmlns:wssp="http://www.bea.com/wls90/security/policy">
            <wssp:SupportedTokens>
                 <wssp:SecurityToken
                      TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
                      <wssp:UsePassword
                           Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
                 </wssp:SecurityToken>
            </wssp:SupportedTokens>
       </wssp:Identity>
  </wsp:Policy>
  Process WS-Security is setted to "yes".
  While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
  But at the end I get the fault:
  Soap fault:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header/>
  <env:Body>
  <env:Fault>
  <faultcode>env:Server</faultcode>
  <faultstring>Unable to add security token for identity</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  In console:
  <09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
  ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
  --- Error message:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
  able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
  weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
  at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
  at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
  Truncated. see log file for complete stacktrace
  Incoming soap message is:
  <soapenv:Envelope      xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security      soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken      wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>testuser</wsse:Username>
  <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <wss:NewOperation      xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
  <in>string</in>
  </wss:NewOperation>
  </soapenv:Body>
  </soapenv:Envelope>
  Edited by: Andrey L. on Jun 9, 2010 5:55 PM

  I thought you were getting that exception when accessing the proxy.
  No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
  Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
  Are you getting this exception when routing to a business service which is configured for WS-Security ??
  I don't use business service in this test project - only simple proxy service with all logic inside.
  PS transformation in replace action is very simple too:
  (:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
  (:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
  declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
  declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
  declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
  as element(ns0:NewOperationResponse) {
  <ns0:NewOperationResponse>
  <out>Hello, { data($newOperation1/in) }!</out>
  </ns0:NewOperationResponse>
  declare variable $newOperation1 as element(ns0:NewOperation) external;
  xf:Hello($newOperation1)
  Edited by: Andrey L. on Jun 10, 2010 12:21 PM

• Unable to call Web Service with Username Token

  -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
  I posted this in the JDeveloper forum but got no response.
  -~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~-~
  I have JDeveloper 10g release 3.
  I created a regular Java application. Added a Web service proxy with no special mappings or anything. Right clicked on the proxy and said "Secure Proxy". I only used basic plain text username token. Added a method to my class that call instantiates a client, and called the operation.
  However when I run this I get the following error message.
  SEVERE: No username found
  Error::oracle.j2ee.ws.common.soap.fault.SOAP11FaultException: No username found
  The Web Service Security Proxy Wizard created an xml in my src file, that I updated to put the username and password of the web service. Below is the xml file.
  <oracle-webservice-clients xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:noNamespaceSchemaLocation='http://xmlns.oracle.com/oracleas/schema/oracle-webservices-client-10_0.xsd'>
  <webservice-client>
  <service-qname namespaceURI="http://tempuri.org/SOAPTestWS/Service1" localpart="Service1"/>
  <port-info>
  <wsdl-port namespaceURI="http://tempuri.org/SOAPTestWS/Service1" localpart="Service1Soap"/>
  <runtime enabled="security">
  <security>
  <inbound/>
  <outbound>
  <username-token name="myusername" password="xxxxx" password-type="PLAINTEXT" add-nonce="false" add-created="false"/>
  </outbound>
  </security>
  </runtime>
  <operations>
  <operation name='TryMe'>
  </operation>
  </operations>
  </port-info>
  </webservice-client>
  </oracle-webservice-clients>
  And this configuration file is processed in the stub file.
  setupConfig("project2/runtime/Service1Soap_Stub.xml");
  What am I doing wrong. I cannot find any documentation on the secure web service client wizard and it's generated code.
  Thanks, MIke L.

  Mike,
  I updated the 3 xml files with the name and password and I get a different error now ...
  WARNING: Unable to connect to URL: https://dssd001.ca.boeing.com:443/bartinterface/SOAP/resSetup.cgi due to java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
  java.rmi.RemoteException: ; nested exception is:
       HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: javax.net.ssl.SSLException: SSL handshake failed: X509CertChainIncompleteErr
  I am using the simple text based username auth, but jdev for some reason still goes and looks for the x509 cert? How did you get yours to work?
  Thanks
  Sriram

• Web Service Security username token...

  Hi All,
  I am presently trying to build in security authentication into my web service using the username-token and the verify-username-token tokens.
  My WS_stub.xml on the proxy side looks like the following:-
  other tokens
  <security>
  <inbound/>
  <outbound>
  <username-token name="NAME" password="PASS" password-type="DIGEST" add-nonce="true" add-created="true"/>
  </outbound>
  </security>
  other tokens
  and my oracle-webservices.xml on hte web service side looks like the following:-
  other tokens
  <security>
  <inbound>
  <verify-username-token name="NAME" password="PASS" password-type="DIGEST"
  require-nonce="true"
  require-created="true"/>
  </inbound>
  <outbound/>
  </security>
  other tokens
  I have set the javacache.xml for the embedded OC4J location as follows:-
  </persistence>
  <max-objects>1000</max-objects>
  <max-size>48</max-size>
  <clean-interval>60</clean-interval>
  </cache-configuration>
  When I run the web service followed by the proxy I get the following error at the proxy side.
  javax.xml.rpc.soap.SOAPFaultException: Policy requires DIGEST passwords
       at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
       at com.airliquide.smartcyl.runtime.TrailerWSSoapHttp_Stub.addtrailerinfo(TrailerWSSoapHttp_Stub.java:76)
       at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.addtrailerinfo(TrailerWSSoapHttpPortClient.java:60)
       at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.main(TrailerWSSoapHttpPortClient.java:47)
  Also it gives exceptions with repect to nonces such as "Policy requires nonce". Please could someone tell me how to setup an nonce in the xml files above and how to use nonce in web services?
  Regards,
  Lester.

  Hi All,
  Presently I am trying to set the security for my web service and am receiving the following error when doing so at the proxy side:-
  oracle.j2ee.ws.common.soap.fault.SOAP11FaultException: java.lang.NullPointerException
       at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.createSoapFaultException(InterceptorChainImpl.java:338)
       at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleException(InterceptorChainImpl.java:256)
       at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleRequest(InterceptorChainImpl.java:128)
       at oracle.j2ee.ws.common.mgmt.runtime.AbstractInterceptorPipeline.handleRequest(AbstractInterceptorPipeline.java:87)
       at oracle.j2ee.ws.client.StubBase._preRequestSendingHook(StubBase.java:699)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:147)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
       at com.airliquide.smartcyl.runtime.TrailerWSSoapHttp_Stub.addtrailerinfo(TrailerWSSoapHttp_Stub.java:76)
       at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.addtrailerinfo(TrailerWSSoapHttpPortClient.java:62)
       at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.main(TrailerWSSoapHttpPortClient.java:49)
  Process exited with exit code 0.
  My WS_Stub.xml file under runtime of the proxy project looks as follows:-
  <?xml version="1.0" encoding="UTF-8"?>
  <oracle-webservice-clients xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:noNamespaceSchemaLocation='http://xmlns.oracle.com/oracleas/schema/oracle-webservices-client-10_0.xsd'>
  <webservice-client>
  <service-qname namespaceURI="http://trailerinfo/" localpart="TrailerWS"/>
  <port-info>
  <wsdl-port namespaceURI="http://trailerinfo/" localpart="TrailerWSSoapHttpPort"/>
  <runtime enabled="security">
  <security>
  <key-store name="mytestkeystore" store-pass="mytestkeystore" path="C:\Temp\mytestkeystore.jks"/>
  <signature-key key-pass="sampwd" alias="sam"/>
  <encryption-key key-pass="davepwd" alias="dave"/>
  <inbound>
  <verify-signature>
  <signature-methods>
  <signature-method>DSA-SHA1</signature-method>
  <signature-method>RSA-MD5</signature-method>
  <signature-method>RSA-SHA1</signature-method>
  </signature-methods>
  <tbs-elements>
  <tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <verify-timestamp created="true" expiry="28800"/>
  </verify-signature>
  <decrypt>
  <encryption-methods>
  <encryption-method>AES-128</encryption-method>
  <encryption-method>AES-256</encryption-method>
  <encryption-method>3DES</encryption-method>
  </encryption-methods>
  <tbe-elements>
  <tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
  </tbe-elements>
  </decrypt>
  </inbound>
  <outbound>
  <username-token password-type="PLAINTEXT" add-nonce="false" add-created="true"/>
  <signature>
  <signature-method>RSA-SHA1</signature-method>
  <tbs-elements>
  <tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <add-timestamp created="true" expiry="28800"/>
  </signature>
  <encrypt>
  <recipient-key alias="dave"/>
  <encryption-method>3DES</encryption-method>
  <keytransport-method>RSA-1_5</keytransport-method>
  <tbe-elements>
  <tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
  </tbe-elements>
  </encrypt>
  </outbound>
  </security>
  </runtime>
  <operations>
  <operation name='addtrailerinfo'>
  <runtime>
  <security>
  <inbound/>
  <outbound>
  <username-token password-type="PLAINTEXT" add-nonce="false" add-created="true"/>
  <signature>
  <signature-method>RSA-SHA1</signature-method>
  <tbs-elements>
  <tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <add-timestamp created="true" expiry="28800"/>
  </signature>
  <encrypt>
  <recipient-key alias="test"/>
  <encryption-method>3DES</encryption-method>
  <keytransport-method>RSA-1_5</keytransport-method>
  <tbe-elements>
  <tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
  </tbe-elements>
  </encrypt>
  </outbound>
  </security>
  </runtime>
  </operation>
  </operations>
  </port-info>
  </webservice-client>
  </oracle-webservice-clients>
  My oracle-webservices.xml file looks like the following:-
  <oracle-webservices xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/oracle-webservices-10_0.xsd">
  <webservice-description name="TrailerWS">
  <port-component name="TrailerWSSoapHttpPort">
  <runtime enabled="security">
  <security>
  <key-store name="mytestkeystore" store-pass="mytestkeystore"
  path="META-INF/mytestkeystore.jks"/>
  <signature-key key-pass="sampwd" alias="sam"/>
  <encryption-key key-pass="davepwd" alias="dave"/>
  <inbound>
  <verify-username-token password-type="PLAINTEXT"
  require-nonce="false"
  require-created="true"/>
  <verify-signature>
  <signature-methods>
  <signature-method>DSA-SHA1</signature-method>
  <signature-method>RSA-MD5</signature-method>
  <signature-method>RSA-SHA1</signature-method>
  </signature-methods>
  <tbs-elements>
  <tbs-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <verify-timestamp created="true" expiry="28800"/>
  </verify-signature>
  <decrypt>
  <encryption-methods>
  <encryption-method>AES-128</encryption-method>
  <encryption-method>AES-256</encryption-method>
  <encryption-method>3DES</encryption-method>
  </encryption-methods>
  <tbe-elements>
  <tbe-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbe-elements>
  </decrypt>
  </inbound>
  <outbound>
  <signature>
  <signature-method>RSA-SHA1</signature-method>
  <tbs-elements>
  <tbs-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <add-timestamp created="true" expiry="28800"/>
  </signature>
  <encrypt>
  <recipient-key key-pass="" alias="dave"/>
  <encryption-method>3DES</encryption-method>
  <tbe-elements>
  <tbe-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbe-elements>
  </encrypt>
  </outbound>
  </security>
  </runtime>
  <operations>
  <operation name="addtrailerinfo"
  input="{http://trailerinfo/}addtrailerinfoElement">
  <runtime>
  <security>
  <inbound>
  <verify-username-token require-nonce="false"
  require-created="true"
  password-type="PLAINTEXT"/>
  <verify-signature>
  <signature-methods>
  <signature-method>DSA-SHA1</signature-method>
  <signature-method>RSA-MD5</signature-method>
  <signature-method>RSA-SHA1</signature-method>
  </signature-methods>
  <tbs-elements>
  <tbs-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
  </tbs-elements>
  <verify-timestamp created="true" expiry="28800"/>
  </verify-signature>
  <decrypt>
  <encryption-methods>
  <encryption-method>AES-128</encryption-method>
  <encryption-method>AES-256</encryption-method>
  <encryption-method>3DES</encryption-method>
  </encryption-methods>
  <tbe-elements>
  <tbe-element local-part="Body"
  name-space="http://schemas.xmlsoap.org/soap/envelope/"
  mode="CONTENT"/>
  </tbe-elements>
  </decrypt>
  </inbound>
  <outbound/>
  </security>
  </runtime>
  </operation>
  </operations>
  </port-component>
  </webservice-description>
  </oracle-webservices>
  I checked this exception out at hte following link
  http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html#keystore
  which lists hte instructions to secure a web service. The trouble shooting section lists this exception and says it might be due to a timestamp created flag being set to false. However I have made sure that both the client and service side xml files above have this set to true and are matching.
  However I am still not able to eliminate this error. Please could someone help me out? This is urgent.
  Regards,
  Lester.

• SOAP username token

  Hi, I'm consuming a .NET web service which requieres WS Security with the Username token. I have already created the  deployable proxy client to consume the webservice but it is not adding the Nonce tag to the header:
  <wsse:Nonce EncodingType="..."> ... </wsse:Nonce>
  Does somebody knows a way to add this header to the SOAP messages?
  Regards.

  Hi Diana,
  Talk with JCAPS support group. They have hotfix for 5.1.1.
  Thanks

• ESB -- SOAP Service Security

  I have a SOAP Web Service secured with a Basic Authentication.
  I've wrapped this SOAP service with an ESB service.
  Should I be able to pass the Basic Authentication credentials through the ESB service to the underlying SOAP service? I see "support for SOAP Headers" is the docs as a preview feature.

  Take a look at the following thread regarding SOAP headers:
  Re: Custom SOAPAction for Oracle ESB?
  Or did you manage to get through this use case because I'm trying to create a generic 'authenticationService' which receives a username/password and needs to check against an ldap environment if this user exists

• Help with ESB as external SOAP service proxy

  We are trying to leverage ESB in the first steps of implementing an SOA solution for our organization.
  We have an external SOAP service that we would like to register with Oracle ESB. In turn, are internal programs
  would then call the service through the ESB using a SOAP interface. This allows us to hide the external
  SOAP service definition from our internal programs, allowing us to modify the external SOAP service or add extra routing
  where necessary without affecting the calling client.
  CLIENT -> (SOAP) ESB -> (SOAP) EXTERNAL SERVICE
  Is this the correct use of ESB?
  We are having a couple of issues when trying to use the WSDL ESB creates within our client code. One being Oracle APEX.
  We can create forms against the external soap service WSDL, but when we try to hit the WSDL ESB creates, it gives back
  "The WSDL document could not be understood by the rendering engine. Click Create Web Service Reference Manually to continue creating a reference for this service."
  Any ideas?

  I was able to get the virtual service running through EM by changing the <hostname>
  http://<hostname>:8888/event/CustomerData/IdentitySOAPService
  Would the url on the test page be the wsdl url we would hand out to the clients? I am curious as to what the context /event/ is?
  Also, if I were doing straight service virtualization, would it be correct to just create a SOAP service hitting the external service? Or is it better to have a routing service exposed to the client?
  Client -> ESB [ (Routing Service) -> (Soap Service) ] -> External Service
  or
  Client -> ESB [ (Soap Service) ] -> External Service