Authentication for bussines services in OSB

Similar Messages

• HTTP Basic authentication for proxy service and its wsdl?

  Hello:
  For some reasons I needed to configure the HTTP basic authentication on a proxy service at OSB 11g. Everything was OK until I realized that, additionally to the authentication when calling the service, the OSB also asks for credentials when I try to get that proxy wsdl file.
  My requirements are to secure the proxy service when is called only, not when retrieving the wsdl.
  Is this possible to configure on OSB / WLS? How?
  Greetings!
  Edited by: user4483647 on 02-sep-2010 12:59
  Edited by: user4483647 on 02-sep-2010 13:25

  If I'm not wrong, Basic authentication is Transport level feature. So passing User/Password in SOAPHeader doesn't make sense. SOAP message can only be sent when you have a HTTP Connection open. During opening of HTTP connection User/Password is required for basic authentication.
  http://www.student.nada.kth.se/~d95-cro/j2eetutorial14/doc/Security7.html#wp156943
  Edited by: mneelapu on Apr 2, 2009 2:09 PM

• Query regarding the tutorial for Oracle Service Bus (OSB 10gR3)

  Hi,
  I am working on a tutorial of Oracle Service Bus (OSB 10gR3).
  I have created the proxy service and the Business Service, using Oracle Service Bus console.
  The details are as follows:
  Proxy service: LoanGateway
  Business service1: A value of 4.9 or less causes the message to be routed to the ManagerLoanReview business service.
  Business service2: A value of 5.0 or greater causes the message to be routed to the NormalLoan business service.
  When i send the request message, so that it gets routed from proxy service to one of the business service than it gives following error.
  Request Document
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  <soapenv:Body>
  <exam:processLoanApp xmlns:exam="http://example.org">
  <loanRequest xsi:type="java:LoanStruct" xmlns:java="java:normal.client" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <!--Optional:-->
  <java:Name>Smith</java:Name>
  <!--Optional:-->
  <java:SSN>1234567</java:SSN>
  <!--Optional:-->
  <java:Rate>4.1</java:Rate>
  <!--Optional:-->
  <java:Amount>9000000</java:Amount>
  <!--Optional:-->
  <java:NumOfYear>10</java:NumOfYear>
  <!--Optional:-->
  <java:Notes>Manager Loan Application Review Service</java:Notes>
  </loanRequest>
  </exam:processLoanApp>
  </soapenv:Body>
  </soapenv:Envelope>
  Response Document
  The invocation resulted in an error: .
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Body>
  <soapenv:Fault>
  <faultcode>soapenv:Server</faultcode>
  <faultstring>
  BEA-380002: Tried all: '1' addresses, but could not connect over HTTP to server: 'localhost', port: '7021'
  </faultstring>
  <detail>
  <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
  <con:errorCode>BEA-380002</con:errorCode>
  <con:reason>
  Tried all: '1' addresses, but could not connect over HTTP to server: 'localhost', port: '7021'
  </con:reason>
  <con:location>
  <con:node>RouteNode1</con:node>
  <con:path>request-pipeline</con:path>
  </con:location>
  </con:fault>
  </detail>
  </soapenv:Fault>
  </soapenv:Body>
  </soapenv:Envelope>
  Response Metadata
  <con:metadata xmlns:con="http://www.bea.com/wli/sb/test/config">
  <tran:headers xsi:type="http:HttpResponseHeaders" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:tran="http://www.bea.com/wli/sb/transports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <http:Content-Type>text/xml; charset=utf-8</http:Content-Type>
  </tran:headers>
  <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">1</tran:response-code>
  <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">utf-8</tran:encoding>
  </con:metadata>

  I have the same problem and I'm not able to telnet localhost on port 7021. How can I change this port number I think that port must be 7001, it is correct?Examples server domain is pre-configured for port 7021. The samples domain will have the examples properly deployed in this domain out of box. You dont need to change any thing in {BEA_HOME}\osb_10.3\samples\domains\servicebus\config.
  I doubt this has to do something with firewall . Check the last statement in the log after starting the domain.
  <May 19, 2009 8:50:09 AM IST> <Notice> <Server> <BEA-002613> <Channel "Default" is now listening on 10.177.242.25:7001 for protocols iiop, t3, ldap, snmp, http.>
  <May 19, 2009 8:50:09 AM IST> <Notice> <Server> <BEA-002613> <Channel "Default[1]" is now listening on 127.0.0.1:7001 for protocols iiop, t3, ldap, snmp, http.>
  <May 19, 2009 8:50:09 AM IST> <Notice> <WebLogicServer> <BEA-000331> <Started WebLogic Admin Server "AdminServer" for domain "base_domain" running in Development Mode>
  <May 19, 2009 8:50:09 AM IST> <Warning> <Server> <BEA-002611> <Hostname "mneelapu", maps to multiple IP addresses: 10.177.242.25, 127.0.0.1>
  <May 19, 2009 8:50:09 AM IST> <Warning> <Server> <BEA-002611> <Hostname "XYZ-v411-10-177-242-25.oracle.com", maps to multiple IP addresses: 10.177.242.25, 127.0.0.1>
  <May 19, 2009 8:50:09 AM IST> <Notice> <WebLogicServer> <BEA-000365> <Server state changed to RUNNING>
  <May 19, 2009 8:50:09 AM IST> <Notice> <WebLogicServer> <BEA-000360> <Server started in RUNNING mode>
  What are you seeing in your log file?
  Edited by: mneelapu on May 19, 2009 9:58 AM

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• Server-side authentication for web services

  I was hoping to use Azure's server-side authentication for a HTML/JS web app. Some things are a bit unclear. For example, if a new user authenticates via Facebook, I want to create an associated record on the server-side and associate extra data with the
  user, irrespective of the service used to log in. If they log in again, I want the client to be able to get this extra data (eg preferences) from the server. On the back-end, I also want to be able to update particular fields of this record that the user cannot
  change themselves. I know how to go about this in a plain Node.js backend, but not sure how some of these basic things map to using Azure's services.

  Once the user logs in, you will have their information available to your server scripts. So one option is to use a custom API (or a Mobile Services Table) to insert/read/update the user data. You would protect this endpoint so that only logged-in users can
  access it, and then access the
  user object to obtain an ID an associate it in a table row. Lookups could be performed by similarly querying for the ID.
  In terms of some fields being restricted, you could remove these from the update request itself.
  Some pointers that might be helpful:
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-get-started-data/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-call-custom-api/
  http://azure.microsoft.com/en-us/documentation/articles/mobile-services-html-authorize-users-in-scripts/

• Kerberos authentication for Excel Services

  Hi,
  I am configuring Keberos for Excel Service Application and facing some issue. Things i have done so far:
  Configured web application to use Kerberos: Verified it from server authentication logs, klist and net mon that web application is using kerberos.
  Excel service Account: domain\ExcelSVA
  SQL server service account: domain\SQLSERV
  C2WTS account : domain\C2wts
   set spn on in using setspn - s sp/excelservices domain\ExcelSVA and delegated constarined authentication to domain\SQLSERV
  then setspn - s sp/c2wts domain\C2wts and delegated constrained authentication to domain\SQLSERV.
  C2WS account has impersonate identity ,logon as service and act as part of OS rights in app servers where excel and c2wt are running 
  Now when i try to refresh data i get error :The data connection uses Windows Authentication and user credentials could not be delegated.
  The following connections failed to refresh: SQLServername port, databasename
  http://technet.microsoft.com/en-us/library/ff487975.aspx
  First 3 errors don't apply to me since i cant see these errors in SP log files and my sharepoint and database servers are in same domain.
  For UPN, there is a email id assoisated with account that i am using and i have been using that email id to logon to other services in my company so UPN should be done too.
  The Excel Services service account must have Active Directory permissions to query the object. Now this got me confusing. Where do i actually
  give this? In sql server or AD? Which object does it need to query? The excel database in sql server. If it is so, then the permission needs to be granted on sql .
  Also this link http://social.msdn.microsoft.com/Forums/en-US/99a3cf4f-dabc-4ac9-9ea8-afa677199ffa/kerberos-and-excel-services?forum=sharepointgeneralprevious
  Microsoft solution described here is weired. I don't think sql server has c2wts or excel service application started on it. And from drop down list that is i don't know what is the solution talking of.
  Does any one have any idea if i am missing any delegation or any step?
  sachin

  Any idea??
  sachin

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Setting Basic Authentication for Web Service in WLS 6.1

  Hi,
  I am trying to set-up a Basic Username/Password authentication for a Web Service
  that is hosted in WLS 6.1.
  How do I go about doing that? Also once I get the username and password, how do
  I pass that info
  to the SOAP servlet to do the authentication? Can you give me some pointers on
  this?
  Thanks
  Madhu

  How do you want to do it? Through use of client.jar for the service or
  directly? Here is how I do it directly:
  String auth = "guest", pwd = "guest";
  URL url = new URL("http://localhost:7001");
  URL cmdURL = new URL(url.toString()+"/systemtest/TestWebService");
  HttpURLConnection conn = (HttpURLConnection) cmdURL.openConnection();
  String encAuth =
  new BASE64Encoder().encode((auth + ":" + pwd).getBytes());
  // BASE64Encode distributes long strings on multiple
  // lines; we don't like that, no siree
  int it = 0;
  while ((it = encAuth.indexOf('\n')) != -1
  || (it = encAuth.indexOf('\r')) != -1) {
  encAuth = encAuth.substring(0, it) +
  encAuth.substring(it + 1);
  conn.setRequestProperty("Authorization", "Basic " + encAuth);
  conn.setRequestProperty("Content-Type", "text/xml");
  conn.setRequestProperty("SOAPAction", cmdURL.toString());
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  OutputStream oStr = conn.getOutputStream();
  String cmd =
  "<?xml version=\"1.0\" ?>\n"
  + "<soap:Envelope xmlns:soap=\"http://schemas.xmls"
       + "oap.org/soap/envelope/\"><soap:Body>"
  + "<ping><arg0>false</arg0></ping>"
  + "</soap:Body></soap:Envelope>";
  oStr.write(cmd.getBytes());
  oStr.close();
  InputStream iStr = conn.getInputStream();
  byte[] buffer = new byte[1024];
  while (true) {
  int size = iStr.read(buffer);
  if (size == -1)
  break;
  System.out.println(new String(buffer, 0, size));
  ThorAAge

• Add Basic Authentication to Proxy Services in OSB

  Hi,
  I need add Basic Authentication (browser pop-up with usr and pwd) to a proxy service.
  ¿how can I do that?
  Thanks!!

  For an HTTP service choose the HTTP Transport tab and select Basic for the authentication property.

• Basic Authentication for Web Services

  I have build Web Service according to the weblogic 6.1 examples
  successfully deploying the .ear file etc.
  Now I want to add security to the WebService uri.
  I have added a <web-resource-collection> tag to the web.xml file, but
  what should I put for the <url-pattern> ?
  Am I obliged to 'manually' add <servlet> tags to the web.xml file in
  order to add a security constraint to a WebService deployed thru a
  .ear ?
  Taking WebLogic's own statelessSession.Weather example, what is the
  minimum I need to add to the web.xml file to have basic authentication
  on the weatheruri ?
  Thanks,
  Adam

  Ok, now I'm confused.  Is this a Flex app (runs in the browser) or an AIR app?  This makes a difference because in the browser, Flash Player/Flex uses the browser's http mechanism for transport, while AIR implements it directly.  The original posted indicated some difference between Firefox and IE, which led me to believe it was a Flex browser app.  Difference between these two would make me think something was wrong with the server response, and the two browsers were passing it (the problem) back to Flash Player differently.
  Mark

• Implementing authentication for web services

  Hi all,
  I'm struggling trying to guess how to implement basic HTTP authentication as well as using certificates in order to apply HTTPS, for some web services we've created, running on the Oracle Application Server 10.1.12. The web services were implemented using JDeveloper 9.0.4. Any help would be very appreciated.
  Thanks in advanced and regards,
  Luis

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Authentication for multiple services

  I wanna setup a bunch of web services (squirrelmail, blojsom blog, dokuwiki wiki, and an online calendar system - if i can find one). Obviously, I want to make these private, so only employees see them. All of these require separate authentication. Is there a way I can use one login/pass for all these, so they don't have to keep logging in to each individual service? like they go to:
  domainname.com/services
  and then login, and all their stuff is available.
  Any hints?

  I wanna setup a bunch of web services (squirrelmail, blojsom blog, dokuwiki wiki, and an online calendar system - if i can find one). Obviously, I want to make these private, so only employees see them. All of these require separate authentication. Is there a way I can use one login/pass for all these, so they don't have to keep logging in to each individual service? like they go to:
  domainname.com/services
  and then login, and all their stuff is available.
  Any hints?

• How to configure basic authentication for external services

  I have a BPM Project (11g) and within the composite I've added an external Web Service reference. This service uses basic authentication.
  I would like to deploy the composite with the username and password already configured.
  I have tried setting oracle.webservices.auth.username as a binding property and also as a property but neither seem to work. When the composite is deployed the basic authentication username is blank within Enterprise Manager.
  It also resets after updating it manually during subsequent releases.
  Any ideas?

  hi Mahender,
  Thanks for your posting!
  For this issue, you could refer to this document and tutorials (Microsoft Antimalware Whitepaper ). And you need use the Azure Powershell (http://msdn.microsoft.com/en-us/library/azure/dn771718.aspx).
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Azure Authentication for Cloud Services

  I updated Visual Studio to Web Tools 2013.1 and the "Enable Azure Authentication" disappeared. I need to secure this application, the Azure AD and domain are done, but I can't seem to find how to do it in Visual Studio anymore. I keep getting the
  message:
  The current installed Azure Authentication Tools is not compatible with the verion of Web Developer Tools you recently updated; therefore , the Azure Authentication related command and publish support will be unavailable.
  'Click Here' to download the required update
  SO IN TOTAL FRUSTRATION - One would think you could click and solve the problem BUT....NO
  You get the message "This product requires Microsoft Web Developer Tools 2012.2.1 - Visual Studio 2012" Please install it, then try again installing this product again.  Then the dialog closes, and there is no resolution.
  HELP!

  hi,
  From the error message, I think you may need check your VS and Web Tools version whether matched each other. 
  Visual Studio to Web Tools 2013.1 need the version of Visual Studio 2012 and Visual Studio 2012 Express for Web.
  If your VS met requirement, I suggest you could uninstall the Web Tools and installed it from this page (http://www.microsoft.com/en-in/download/details.aspx?id=41532 ). Any
  update info, please let me know.
  Regards,
  Will
  We are trying to better understand customer views on social support experience, so your participation in this interview project would be greatly appreciated if you have time. Thanks for helping make community forums a great place.
  Click
  HERE to participate the survey.

• Mutual authentication for Web services in BPEL

  Hi Guys,
  We have to call a few web services in bpel and our partners would want us to mutually authenticate the data that is exchanged.
  So that mean they provide us with a certificate file and we provide them with a certificate file.
  We have been using client certificates in our cacerts file and encrypting the request we send using that but we are not too sure how to set up a key in bpel so that we can decrypt the responses of the webservices.
  Does anybody have any idea how to do it. It would be a great help.
  Cheers
  Sandeep

  I would suggets to read the online tutorial:
  http://www.oracle.com/technology/products/ias/bpel/index.html
  and try one of the tutorials:
  2-Minute Product Tour
  BPEL: Learn by Example (PDF)
  Quick Start Tutorial - JDeveloper 10g (PDF)
  Quick Start Tutorial - Eclipse (PDF)