BPEL not passing HTTP basic auth info

Similar Messages

• Using HTTP basic auth in WebService

  Hi,
  I am writing a flex app that needs to talk to a pre-existing
  SOAP web service. Unfortunately the web service uses http basic
  auth to authenticate a user. I am trying to figure out exactly how
  this is accomplished but I cannot find any substantive data on the
  subject. So I was hoping someone here could point me in the right
  direction or possibly answer the question outright.
  I DID find reference to using the useProxy attribute on the
  WebService element (and that I would need to make some changes to a
  flex-config.xml) but I could not get this to work, nor could I find
  any explanation as to what exactly I was doing. I, as a workaround,
  attempted to place the auth info in the url (e.g.
  http://user:passwordhash@host:port/wsdl)
  but this did not work either as the request never made it to the
  server, I am assuming actionscript doesn't like this format?
  Anyway, does anyone have any advice/pointers? Any help would
  be appreciated.

  Hi,
  I am writing a flex app that needs to talk to a pre-existing
  SOAP web service. Unfortunately the web service uses http basic
  auth to authenticate a user. I am trying to figure out exactly how
  this is accomplished but I cannot find any substantive data on the
  subject. So I was hoping someone here could point me in the right
  direction or possibly answer the question outright.
  I DID find reference to using the useProxy attribute on the
  WebService element (and that I would need to make some changes to a
  flex-config.xml) but I could not get this to work, nor could I find
  any explanation as to what exactly I was doing. I, as a workaround,
  attempted to place the auth info in the url (e.g.
  http://user:passwordhash@host:port/wsdl)
  but this did not work either as the request never made it to the
  server, I am assuming actionscript doesn't like this format?
  Anyway, does anyone have any advice/pointers? Any help would
  be appreciated.

• JDev3: http basic auth

  Can the web-to-go(?) httpd in JDev3 be configured to support http basic auth? How do I configure it to setup my realms? thnx.

  Please note that I am able to do some basic programmatic configuration of the JDev3 httpd , such as doing:
  oracle.jdeveloper.debugger.ServletDebugger dbg = new oracle.jdeveloper.debugger.ServletDebugger();
  dbg.setRootDir("D:/JDev3/");
  But I have been unsuccessful in other tasks
  such as:
  dbg.setDocumentRootDir("D:/myDir");
  dbg.setServerPort("9090");
  Compiler tells me these two methods are not supported by class oracle.jdeveloper.debugger.ServletDebugger
  Info on how to configure the JDev3 httpd for - the doc root
  -listen port,
  - and realms for http basic auth
  would be greatly appreciated. If correct documentation exists please point me to them (the JDev3 Help documentation contains erroneous information on some of these topics). thnx

• HTTP Basic Auth and Username Authentication with Symmetric Key

  Hi,
  I have a webservice happily running on tomcat 5.5 using "Username Authentication with Symmetric Key" I have certificates setup and everything works fine. I can even connect a .net client and use the service.
  Now I have an additional requirement of authorization per operation basis so I'm planning on using the roles. My current setup uses tomcat-users.xml to configure users but I seem unable to identify the role of the user from within my code as wsContext.isUserInRole("briefing") always returns false even when it clearly isn't. Where wsContext = @Resource private WebServiceContext wsContext.
  So I figure perhaps I need to add HTTP Basic Auth to tomcat for it to gather this information so I added security-constraints to the web.xml and this seems to do the trick: at least it does for my .net client.
  If I do:
    Service service = new Service();
    Port client = service.getPort();
    BindingProvider bp = (BindingProvider)client;
    bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername");
    bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword");Then it all works fine. However, I'd like a little less transparency: I don't want to have to do this every time I make a call.
  My question(s) is:
  1) Am I going about this the right way (perhaps I am somehow getting the incorrect reference to the WebServiceContext)
  2) If I am going about this the right way I imagine the whole BindingProvider code needs to be added to as a policy configuration but I'm really not sure where to start especially as I'm using wsimport to generate everything: I'm not even sure where to configure this so it will not get overwritter.
  Thanks for any help.

  Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
  All in all does this setup sound right?

• RemoteObject and http basic auth

  Hello,
  I am writing an AIR application and I have a RemoteObject
  that has an endpoint secured using http basic auth. Whenever I try
  to send the RemoteObject request, a username/password window is
  displayed to the user. How do I automatically send the
  username/password? Using setCredentials or setRemoteCredentials
  doesn't seem to affect this - looking at the data sent, the
  RemoteObject is not sending a http Authorisation header.
  Is this possible?

  Hello,
  Sorry for "waking up" this old message, but I have exactly the same probem and I can't find a solution.
  I know how to send Authorization in the HTTP headers with a HTTPService, but not with a RemoteObject.
  Do you know that, or have any other solution for the problem ?
  Etienne

• Get authenticated user name (HTTP basic auth)

  Hi.
  How can I get the authenticated user name from a BPEL process when the service is protected with HTTP basic auth?
  I'm running SOA Suite 11.1.1.5.
  Thanks in advance.
  Mick

  Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
  All in all does this setup sound right?

• How to call a web service from BPEL that requires HTTP basic authentication

  Hi All,
  I need to calling some Web Services from BPEL (SOA 10.1.3.1 production running on XP machine). The services require HTTP basic authentication.
  I have tried adding httpUsername and httpPassword properties to the ParnterLink, and I see in BPEL Console that they are deployed by checking the descriptor page. But I still get a SOAP fault, HTTP 401: Unathenticated.
  I have also tried using basicHeaders (from memory) = credentials, httpBasicUsername, and httpBasicPassword. Same result.
  I have done a packet trace using Ethereal, and the headers do not seem to contain the userid and password at all.
  Can anyone help?
  Thanks,
  Mark Nelson

  Thanks Bas,
  I have resolved the issue. The provider of the Web Service had not configured if for Basic Authentication. For some reason it worked when they tested, or maybe the did not test. The only thing I had to change was to use:
  <property name="basicHeaders">credentials</property>
  <property name="basicUsername">WMDATA</property>
  <property name="basicPassword">WMDATA</property>
  Instead of:
  <property name="httpUsername">WMDATA</property>
  <property name="httpPassword">WMDATA</property>
  I don’t know why this is, maybe because it is an Axis Web Service.
  Sorry for wasting your time.
  Regards Pete

• Web Services with HTTP Basic Auth

  Hi,
  I am having a problem connecting to web services which
  require HTTP Basic Authentication from a Flex application. I have
  useProxy set to true and call setRemoteCredentials prior to
  attempting the call, but the credentials do not appear to be set on
  the request (the request fails with fault.faultString = "HTTP
  request error", faultCode = "Server.Error.Request". The messages on
  the server indicate that the user name and password were not
  specified.
  I do have the proxy-config.xml file set up properly (I think
  -- I followed the example in the mx.rpc.soap.mxml.WebService class
  description, at least).
  I can verify that the WSDL (which doesn't require BASIC auth
  to access) is being loaded properly, but when I make the request,
  it fails. Is this a known problem?
  I am using Flex Builder 2.0.1 to build my SWF files.
  Thanks,
  Brendan

  Thanks for the pointer, I did try it, but it didn't help.
  As I said in the original post, the problem is with HTTP
  Basic Authentication, so adding a header for WSSE to the service
  request didn't help. It needs to be an HTTP Authorization header,
  not a SOAP Security header.
  Brnedan

• HTTP Basic Auth and Proxy Auth

  Hi,
  i have a problem with the authentication against a proxy server and against a content provider. At first I have to authenticate against the proxy to get "free internet". The next step is to authenticate against the content provider to get a html or xml file.
  The following source code runs very good in Eclipse, i.e. as JUnitTest. But If I execute the same code within a weblogic server, I will get an error (not authenticated). I believe I get this message from the content provider and not from the proxy because If I test this code within the weblogic server and with no authentication (i.e. google needs no authentication), I will get a valide xml/html file.
  StringBuffer sb = new StringBuffer();
            SimpleAuthenticator simple = new SimpleAuthenticator("joeuser","a.b.C.D"); //from openbook
            Authenticator.setDefault(simple);
            String strUrl = "http://www.rahul.net/joeuser/";
            URL url = null;
            try {
                 url = new URL(strUrl);
            } catch (MalformedURLException e) {
                 // TODO Auto-generated catch block
                 e.printStackTrace();
            URLConnection conn = null;
            InetSocketAddress addr = new InetSocketAddress("proxy.domain",8080);
            Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);
            try {
                 conn = url.openConnection(proxy);
            } catch (IOException e) {
                 // TODO Auto-generated catch block
                 e.printStackTrace();
            String proxyStr = "username" + ":" + "passwordl";
            String encoded = new String(Base64.encodeBase64(proxyStr.getBytes()));
            conn.setRequestProperty("Proxy-Authorization", "Basic " + encoded);
            // get http status code which is located in header field 0
            String status = conn.getHeaderField(0);
            if (status.contains("200")) {
                 BufferedReader in = null;
                 try {
                      in = new BufferedReader(new InputStreamReader(conn.getInputStream(),
                                "ISO-8859-1"));
                      String inputLine;
                      while ((inputLine = in.readLine()) != null) {
                           sb.append(inputLine);
                      in.close();
                 } catch (UnsupportedEncodingException e) {
                      // TODO Auto-generated catch block
                      e.printStackTrace();
                 } catch (IOException e) {
                      // TODO Auto-generated catch block
                      e.printStackTrace();
            else {
                 System.out.println("Error");
            System.out.println(sb.toString());
  public class SimpleAuthenticator
  extends Authenticator
       private String username,
       password;
       public SimpleAuthenticator(String username,String password)
            this.username = username;
            this.password = password;
       protected PasswordAuthentication getPasswordAuthentication()
            return new PasswordAuthentication(
                      username,password.toCharArray());
  Does somebody know a solution? I need the authentication against proxy and content provider in "one application".
  Thank you very much,
  André

  I typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.

• Portal SRA and HTTP Basic Auth

  hi all
  i know that there is a LDAP attribute to store information for BASIC AUTHENTICATION : "sunPortalGatewayWWWAuthorization"
  i would like to do some batch process, mapping user in IIS server to JES.
  the problem is data in sunPortalGatewayWWWAuthorization attribute encrypted and i don't know what mechanism is used.
  Please help me to find out what method is been used
  or is there any tools to do encrypt?
  many thanks in advance

  Hello,
  Sorry for "waking up" this old message, but I have exactly the same probem and I can't find a solution.
  I know how to send Authorization in the HTTP headers with a HTTPService, but not with a RemoteObject.
  Do you know that, or have any other solution for the problem ?
  Etienne

• CSS 11501 Not Passing HTTPS or 443

  When I go directly to the server address I can resolve both 80 and 443.
  When I go via vip I get port 80 but can't connect to port 443.
  Simple pass-thru config not terminating the Cert on the CSS or using the SCM.
  !*************************** GLOBAL ***************************
  ip redundancy
  bridge spanning-tree disabled
  no restrict web-mgmt
  idle timeout web-mgmt 15
  app
  app session 1.1.1.2 14 authChallenge cisco encryptMd5hash rcmdEnable
  dns primary xxx.xxx.13.41
  dns secondary xxx.xxx.15.248
  ip route 0.0.0.0 0.0.0.0 10.1.104.253 1
  -INTERFACE-
  interface e1
  bridge vlan 10
  phy 100Mbits-FD
  description "Client-Side VLAN"
  interface e4
  bridge vlan 20
  description "Redundancy Protocol Heartbeat"
  phy 100Mbits-FD
  interface e8
  phy 100Mbits-FD
  bridge vlan 30
  description "Server-Side VLAN"
  interface Ethernet-Mgmt
  description "Management"
  phy 10Mbits-HD
  - CIRCUIT -
  circuit VLAN10
  description "Client-Side VLAN"
  redundancy
  ip address 10.1.104.3 255.255.255.0
  circuit VLAN20
  description "Redundancy Protocol Heartbeat"
  ip address 1.1.1.1 255.255.255.252
  redundancy-protocol
  circuit VLAN30
  description "Server-Side VLAN"
  redundancy
  ip address xxx.xxx.14.52 255.255.255.0
  no redirects
  - SERVICE -
  service Mmobile01
  ip address xxx.xxx.14.192
  port 80
  keepalive type tcp
  active
  service Mmobile01-443
  ip address xxx.xxx.14.192
  port 443
  keepalive type tcp
  active
  service Mmobile02
  ip address xxx.xxx.14.101
  port 80
  keepalive type tcp
  active
  service Mmobile02-443
  ip address xxx.xxx.14.101
  port 443
  keepalive type tcp
  active
  service Mmobile03
  ip address xxx.xxx.14.143
  port 80
  keepalive type tcp
  active
  service Mmobile03-443
  ip address xxx.xxx.14.143
  port 443
  keepalive type tcp
  active
  service Mmobile04
  ip address xxx.xxx.14.208
  port 80
  keepalive type tcp
  service Mmobile04-443
  ip address xxx.xxx.14.208
  port 443
  keepalive type tcp
  keepalive port 443
  service Mmobile05
  ip address xxx.xxx.14.169
  port 80
  keepalive type tcp
  active
  service Mmobile05-443
  ip address xxx.xxx.14.169
  port 443
  keepalive type tcp
  keepalive port 443
  active
  service UpStreamRouter
  ip address 10.1.104.253
  type redundancy-up
  active
  - OWNER -
  owner XXXX
  content Web-NonProd
  vip address xxx.xxx.14.46
  add service Mmobile04
  add service Mmobile05
  balance leastconn
  advanced-balance sticky-srcip
  protocol tcp
  port 80
  url "/*"
  active
  content Web-NonProd-443
  vip address xxx.xxx.14.46
  balance leastconn
  advanced-balance sticky-srcip
  protocol tcp
  port 443
  add service Mmobile04-443
  add service Mmobile05-443
  content Web-Prod
  vip address xxx.xxx.14.39
  add service Mmobile01
  add service Mmobile02
  add service Mmobile03
  balance leastconn
  protocol tcp
  port 80
  url "/*"
  advanced-balance sticky-srcip
  active
  content Web-Prod-443
  vip address xxx.xxx.14.39
  balance leastconn
  advanced-balance sticky-srcip
  protocol tcp
  port 443
  url "/*"
  add service Mmobile01-443
  add service Mmobile02-443
  add service Mmobile03-443
  active
  - GROUP -
  group XXXX-NonProd
  vip address xxx.xxx.14.46
  add destination service Mmobile04
  add destination service Mmobile04-443
  add destination service Mmobile05-443
  add destination service Mmobile05
  active
  group XXXX-Prod
  vip address xxx.xxx.14.39
  add destination service Mmobile01
  add destination service Mmobile01-443
  add destination service Mmobile02
  add destination service Mmobile02-443
  add destination service Mmobile03
  add destination service Mmobile03-443

  HI,
  During the session of the client, the transition is made to SSL port 443 when the client selects a link on the page that redirects to https. This causes a new content rule to be hit and the client may be load-balanced to another server. As the traffic is now encrypted https (SSL/TLS), the CSS is not able to check above layer 4 (the TCP port number) for cookies, URLs etc., because the requests are encrypted when the information passes the CSS. In order to prevent the occurrence of this issue, configure the redirecting HREF on each server to point back to https at the same servers public address, not the VIP address, as shown here:
  https://servers_own_ip_address/path"> secure site If your servers are in a private address space, configure SSL content rules for each server with a HREF on each server that points to the SSL Content rules VIP.
  Below is the configuration example for your reference:
  !Generated on 10/10/2001 18:12:17
  !Active version: ap0500015s
  configure
  !************************** SERVICE**************************
  service s1
  ip address 10.10.1.101
  active
  service s2
  ip address 10.10.1.102
  active
  !*************************** OWNER***************************
  owner cookie-ssl
  content layer5cookie
  vip address 10.10.1.66
  protocol tcp
  port 80
  url "/*"
  advanced-balance arrowpoint-cookie
  !--- Specify a port in the content rule to use this option.
  !--- Port 80 traffic is used here.
  !--- All clients must enable cookies on their browser.
  add service s1
  add service s2
  active
  content s1-ssl
  vip address 10.10.1.88
  protocol tcp
  port 443
  application ssl
  add service s1
  active
  content s2-ssl
  vip address 10.10.1.99
  protocol tcp
  port 443
  application ssl
  add service s2
  active
  !--- Use this HREF on server S1 where switching from http to https:
  https://10.10.1.101/applicationpath1/"> secure site s1
  !--- Use this HREF on server S2 where switching from http to https:
  https://10.10.1.102/applicationpath2"> secure site s2
  !--- In the example, the addresses for servers s1 and s2 must be
  !--- reachable from the client. If this is not the case, you must add a
  !--- content rule for each server with a unique publicly routable VIP
  !--- address and one service for each SSL server, as shown here:
  content s1-ssl
  vip address 10.10.1.88
  protocol tcp port 443
  application ssl
  add service s1
  active
  content s2-ssl
  vip address 10.10.1.99
  protocol tcp port 443
  application ssl
  add service s2
  active
  !--- Use this HREF on server s1 where the switch from http to https occurs:
  https://10.10.1.88/applicationpath1/> secure site s1
  !--- Use this HREF on server s2 where the switch from http to https occurs:
  https://10.10.1.99/applicationpath2> secure site s2
  Hope this will help you.
  Here are the reference url:
  http://www.cisco.com/en/US/products/hw/contnetw/ps789/products_configuration_example09186a00801de8d6.shtml
  http://www.cisco.com/en/US/products/hw/contnetw/ps792/products_configuration_example09186a008009450d.shtml

• BPEL to invoke Webservice secured with HTTP Basic authentication

  Hi All,
  Iam trying to call a Synchronous BPEL porcess from BPEL by passing HTTP basic authentication.I have done below steps to achieve this.
  1) Created Target Synchronous process ex : B
  2) Created Source Syncronous Process ex : A
  Iam trying to call B(Target) from A(source).
  3) Open Composite.xml of A(Source)
  4) Right Click on External Refernce B(Target) parter link and click Configure WS policies
  5) Under Security tab attach oracle/wss_username_token_client_policy
  6) Login to em/console
  7) Right click on A(Source) Composite and click Service/Refence Properties>>B(Target)
  8) Enter username and password under HTTP Basic Authentication.
  9)Test from em.console(when we are testing under security tab I have checked None radio button)
  So this is the Error message which is throwing.
  ==================================
  The selected operation process could not be invoked.
  An exception occured while invoking the webservice operation. Please see logs for more details.
  oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security.
  java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:570) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:381) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:298) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(AstValue.java:157) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53) at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:298) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:91) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(ContextSwitchingComponent.java:87) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent._processPhase(ContextSwitchingComponent.java:298) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent.broadcast(ContextSwitchingComponent.java:91) at oracle.adf.view.rich.component.fragment.UIXInclude.broadcast(UIXInclude.java:81) at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475) at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:673) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:273) at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:165) at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265) at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227) at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125) at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292) at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420) at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:54) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247) at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157) at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.help.web.rich.OHWFilter.doFilter(Unknown Source) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emSDK.license.LicenseFilter.doFilter(LicenseFilter.java:101) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.emas.fwk.MASConnectionFilter.doFilter(MASConnectionFilter.java:41) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.adf.library.webapp.LibraryFilter.doFilter(LibraryFilter.java:159) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.AuditServletFilter.doFilter(AuditServletFilter.java:179) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.EMRepLoginFilter.doFilter(EMRepLoginFilter.java:203) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.core.app.perf.PerfFilter.doFilter(PerfFilter.java:141) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.sysman.eml.app.ContextInitFilter.doFilter(ContextInitFilter.java:527) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27) at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56) at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200) at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106) at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) Caused by: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emas.model.wsmgt.PortName.invokeOperation(PortName.java:712) at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:564) ... 68 more Caused by: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.sysman.emSDK.webservices.wsdlapi.dispatch.DispatchUtil.invoke(DispatchUtil.java:260) at oracle.sysman.emSDK.webservices.wsdlparser.OperationInfoImpl.invokeWithDispatch(OperationInfoImpl.java:843) at oracle.sysman.emas.model.wsmgt.PortName.invokeOperation(PortName.java:664) ... 69 more Caused by: javax.xml.ws.soap.SOAPFaultException: SOAP must understand error:{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security, {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security. at oracle.j2ee.ws.client.jaxws.DispatchImpl.throwJAXWSSoapFaultException(DispatchImpl.java:874) at oracle.j2ee.ws.client.jaxws.DispatchImpl.invoke(DispatchImpl.java:707) at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.synchronousInvocationWithRetry(OracleDispatchImpl.java:226) at oracle.j2ee.ws.client.jaxws.OracleDispatchImpl.invoke(OracleDispatchImpl.java:97) at oracle.sysman.emSDK.webservices.wsdlapi.dispatch.DispatchUtil.invoke(DispatchUtil.java:256) ... 71 more
  =======================================
  Please let me know if Iam missing any steps.
  Thanks
  SSV

  Followed this post.......
  This is avery good question
  in 11g i have taken out the steps from my document which i created for one our customer
  go to composite
  Right click on the external reference service and select “Configure WS policies” :done
  Under the security tab, click add button and select “oracle/ wss_username_token_client_policy :done
  6. Now Open the property Inspector window and click the add button under “Binding properties” tab. :done
  7. Include the “oracle.webservices.auth.username--> :done
  value-->password :done
  8. Include the “oracle.webservices.auth.password”-->name :done
  value-->password :done
  Thanks
  SSV

• Basic auth interop problem, servlet WS works, EJB WS not (Sun AS 8)

  After spending some time I managed to add HTTP basic auth to a simple web service. I have implemented two variants, an JAX-RPC servlet web service and an EJB web service.
  A (Sun) JAX-RPC client works pretty well against both web services. I do the required steps with the stub (set user/pwd) and things work. I do get the correct principal in the server side, fine.
  When I do NOT set the authentication properties at the stub, the servlet based WS responds something like HTTP error 403 (?) or so, which leads to "authentication required". The EJB based response is not that adequate, it's something like "internal server error, EJBLocalAccessException or so" but from the given message you could get the idea what's wrong.
  Anyway, I got the impression that this stuff
  return HTTP error to flag "auth required"
  is not happening for some reason in my EJB based web service. I found this problem in Sun AS 8 and I think it's the same problem when I test stuff with Oracle's OC4J ...
  Some client implementations have obviously problems to get the idea that user authentication is required. In other words, the clients cannot invoke the EJB WS. I tried it with Perl Soap::Lite, MS SOAP Toolkit 3.0 and MS .Net 1.1 stuff. All this clients work well (with authentication) when I consume the servlet based web service. But the EJB based web service is not working at all. I do get there just "not allowed" and the SOAP client runtime is not handing over any user credentials (because it's obviously not correctly asked for it by an appropriate AS response).
  Anyone else experienced this problems with EJB WS???
  Interesting question: why is the JAX-RPC client working? Is it sending the properties set at the stub in any case? Or do they "handle" the internal error coming from Sun AS explicitly or so? Strange, in a way. :-)
  Thanx for any help here!
  Merten

  I guess the reason was that I wrote
  <login-config>
  <auth-method>Basic</auth-method>
  </login-config>
  instead of required
  <login-config>
  <auth-method>BASIC</auth-method>
  </login-config>
  At deploy time, I got no error message. At usage time, I just got this AccessLocalException. That's not really nice ...
  Merten

• UDDI inquiry service HTTP-Basic authentication in BPEL (10.1.3.1)

  Hi Gurus,
  I'd like to know how we can setup BPEL server for Oracle Service Registry UDDI with HTTP-BASIC authentication for inquiry service (apart of OWSM solution)?
  Imagine that in Service Registry I have defined HTTP-BASIC authentication (REGISTRY_HOME/app/uddi/services/Wasp-inf/package.xml) for inquiry service used in BPEL domain (uddiLocation key in BPEL domain configuration). And now I'd like to provide credentials. In package.xml I have this
  <service-endpoint path="/inquiry" version="3.0" name="UDDIInquiryV3Endpoint"
  service-instance="tns:UDDIInquiryV3" processing="tns:UDDIv1v2v3InquiryProcessing"
  accepting-security-providers="HttpBasic">
  <wsdl uri="uddi_api_v3.wsdl" service="uddi_api_v3:UDDI_Inquiry_SoapService"/>
  <envelopePrefix xmlns="arbitraryNamespace" value=""/>
  <namespaceOptimization xmlns="arbitraryNamespace">false</namespaceOptimization>
  </service-endpoint>
  I don't see any field with username or password. Is it automaticaly taken from security provider configured for Service Registry (for example LDAP)? If yes then it is clear.
  But what about BPEL engine, where can I provide those credentials? Is it some secret configuration file? Or only supported way is to configure it through OWSM component in order to enrich request by credentials (what about license, when customer doesn't want to use OWSM)?
  Do I miss something in this concept?
  Thanks
  Peter

  as said internally - file an ER for it pls - and I will take care of it, depending on the demand - either for 10.1.3.1 GA or 10.1.3.1 patchset ..
  we will support only HTTP Basic Auth - rest will follow per customer demand ..
  /clemens

• Basic auth with RESTful WEb service and Web Service reference

  Hi, All,
  We have made much progress on getting an application working wtih RESTful web services but now are trying to figure out how to lock down a RESTful Web service while making it available for a particular application.
  We are using one of the sample 'emp' table web services that come with Apex 4.2 and are trying to apply Basic Auth to the WEb Service via Weblogic filter defined in the web.xml file. That works fine. I now get challenged when I try to go to :
  https://wlogic.edu/apex/bnr/ace/hr/empinfo/
  And when I authenticate to that challenge I am able to get the data. (we are usiing LDAP authentication at the Weblogic level)
  However, I am not sure how to get same basic authentication to work with the Web Service reference in my application. I see the error message in the application when I try to call that Web Service:
  401--Unauthorized<
  And I see:
  "The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials"
  How do I provide the credentials in the Web REference or do I provide credentials in the Application?
  Web service works fine if I remove the RESTful web service basic auth from the Web.xml file.
  Should we NOT use Weblogic basic auth and instead use basic auth from Workspace RESTful web service definition. If so, how do we implement THAT basic auth in the Web Service definition and in the Web SErvice Reference on the application?
  Thanks,
  Pat

  What I mean is diid you try to use the PL/SQL package for APEX webservice. Here is an example I use (modified and shortened, just to show how much better this is than to use it from the application).
  CREATE OR REPLACE PACKAGE webservice_pkg
  IS
     PROCEDURE create_webservice (
        p_id            IN       NUMBER,
        p_message       OUT      VARCHAR2,
        p_workspace     IN       VARCHAR2 DEFAULT 'MY_WORKSPACE',
        p_app_id        IN       NUMBER DEFAULT v ('APP_ID'),
        p_app_session   IN       VARCHAR2 DEFAULT v ('SESSION'),
        p_app_user      IN       VARCHAR2 DEFAULT v ('APP_USER')
  END webservice_pkg;
  CREATE OR REPLACE PACKAGE BODY webservice_pkg
  IS
     PROCEDURE set_credentials (
        p_workspace     IN   VARCHAR2,
        p_app_id        IN   NUMBER,
        p_app_session   IN   VARCHAR2,
        p_app_user      IN   VARCHAR2
     IS
        v_workspace_id   NUMBER;
     BEGIN
        SELECT workspace_id
          INTO v_workspace_id
          FROM apex_workspaces
         WHERE workspace = p_workspace;
        apex_util.set_security_group_id (v_workspace_id);
        apex_application.g_flow_id := p_app_id;
        apex_application.g_instance := p_app_session;
        apex_application.g_user := p_app_user;
     END set_credentials;
     PROCEDURE create_webservice (
        p_id            IN       NUMBER,
        p_message       OUT      VARCHAR2,
        p_workspace     IN       VARCHAR2 DEFAULT 'MY_WORKSPACE',
        p_app_id        IN       NUMBER DEFAULT v ('APP_ID'),
        p_app_session   IN       VARCHAR2 DEFAULT v ('SESSION'),
        p_app_user      IN       VARCHAR2 DEFAULT v ('APP_USER')
     IS
        v_envelope          VARCHAR2 (32000);
        v_server            VARCHAR2 (400);
        v_url               VARCHAR2 (4000);
        v_result_url        VARCHAR2 (1000);
        v_collection_name   VARCHAR2 (40)    := 'PDF_CARD';
        v_message           VARCHAR2 (4000);
        v_xmltype001        XMLTYPE;
     BEGIN
        v_url := v_server || '.myserver.net/services/VisitCardCreator?wsdl';
        FOR c IN (SELECT *
                    FROM DUAL)
        LOOP
           v_envelope :=
                 '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" '
              || 'xmlns:bran="http://www.myaddress.com">'
              || CHR (10)
              || '<soapenv:Header/><soapenv:Body>'
              || CHR (10)
              || '<parameter:'
              || 'some_value'
              || '>'
              || CHR (10)
              || '<bran:templateID>'
              || p_id
              || '</bran:templateID>'
              || '</soapenv:Body>'
              || CHR (10)
              || '</soapenv:Envelope>';
        END LOOP;
        set_credentials (p_workspace, p_app_id, p_app_session, p_app_user);
        BEGIN
           apex_web_service.make_request
                                       (p_url                  => v_url,
                                        p_collection_name      => v_collection_name,
                                        p_envelope             => v_envelope
           p_message := 'Some message.';
        EXCEPTION
           WHEN OTHERS
           THEN
              v_message :=
                    v_message
                 || '</br>'
                 || 'Error running Webservice Request. '
                 || SQLERRM;
        END;
        BEGIN
           SELECT    v_result_url
                  || EXTRACTVALUE (VALUE (t),
                                   '/*/' || 'Return',
                                   'xmlns="http://www.myaddress.com"'
                  xmltype001
             INTO v_result_url,
                  v_xmltype001
             FROM wwv_flow_collections c,
                  TABLE
                      (XMLSEQUENCE (EXTRACT (c.xmltype001,
                                             '//' || 'Response',
                                             'xmlns="http://www.myaddress.com"'
                      ) t
            WHERE c.collection_name = v_collection_name;
        EXCEPTION
           WHEN OTHERS
           THEN
              v_message := v_message || '</br>' || 'Error reading Collection.';
        END;
     EXCEPTION
        WHEN OTHERS
        THEN
           p_message := v_message || '</br>' || SQLERRM;
     END create_webservice;
  END webservice_pkg;
  /If you use it this way, you will find out what the problem is much faster.
  Denes Kubicek
  http://deneskubicek.blogspot.com/
  http://www.apress.com/9781430235125
  http://apex.oracle.com/pls/apex/f?p=31517:1
  http://www.amazon.de/Oracle-APEX-XE-Praxis/dp/3826655494
  -------------------------------------------------------------------