Call secure RestFul WebService with basic authorization via https

Hi,
is there a way to call a secure RestFul WebService with basic authorization via https from APEX?
Database: Oracle 11g XE
APEX: 4.2.1
I have a solution by calling the WebService from Java which was called from the database via scheduled job (execute).
As my hosting partner does not support Java I am looking for another option.
Regards
Markus

Hi,
I think its not possible, in this link you can find in more detail why.
Its related with the use of wallets to acess https requests.
http://www.apexninjas.com/blog/2011/06/https-access-with-utl_http-on-oracle-xe-has-anyone-managed-to-do-this/
Edit: Because you are using Oracle XE
Edited by: carlos.pereira on Jan 23, 2013 6:15 PM

Similar Messages

Restful webservice with basic authentication

Hi, i am running the following:
Oracle: 11.2....
ApexListener: 2.....
Glassfish: 3.0...
Apex: 4.2.1
I have successfully established some restful webservices. Now i want to add a basic authentication to them against an APEX Authentication Scheme which is used in one of my APEX Applications. I cannot find any documentation related to Glassfish or ApexListener or APEX to do that.
Or are the RESTful Service Privileges which belong to APEX User Goups intent to do a basic authentication ?
Thanks for your help !
-- Klaus

OK got it solved by my self.
Solution:
Define a RESTFUL (POST, PLSQL) Service with the following HEADER parameters:
authorization authorization IN STRING
X-APEX-STATUS-CODE status OUT INTEGER
As per RFC 1945, the Authorization header value should contain the username:password
as encoded (base64) string. That is what the RESTclient send (over https)
In the PLSQL i decode :authorization and validate it against APEX Authentication Scheme.
The result of the validation drives the response header (:status) in PLSQL with 200 (ok) or 401 (Not Authorized)
-- Klaus

Calling a REST webservice with pl/sql and parse XML

Hi
I hope someone is able to help me with this task. I'm newbie with Oracle APEX, have not developed advanced applications yet. A few days ago I installed one of the package application with customer and order. I want to integrate with online shopping with Rest service using PL / SQL. NETS is a provider of online payment systems.
http://www.betalingsterminal.no/Netthandel-forside/Teknisk-veiledning/Communication/REST/
There are four steps you must go through to execute the payment. where it is retunert xml files containing infomation to be used further.
Step 1 - Register payment
Webshop Performs Register:
https://epayment-test.bbs.no/Netaxept/Register.aspx?MerchantId=9999997&token=secret&orderNumber=10011&amount=200&CurrencyCode=NOK
&redirectUrl=http://webshop/RegisterReply.asp
Reply from payment provider:
<? Xml version = "1.0"?>
<RegisterResponse Xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<TransactionId> B127f98b77f741fca6bb49981ee6e846 </ TransactionId>
</ Register Response>
Step 2 - Present Web form to customer
Webshop's customer submit web form:
https://epayment-test.bbs.no/Terminal/default.aspx?merchantId=9999997&transactionId=b127f98b77f741fca6bb49981ee6e846
Step 3 - "Redirect" customer back to merchant
Payment provider send URL to redirect webshop's customer:
http://webshop/RegisterReply.asp?transactionId=b127f98b77f741fca6bb49981ee6e846&responseCode=OK
Step 4 - Process payment
Webshop Performs Process (AUTH):
https://epayment-test.bbs.no/Netaxept/Process.aspx?merchantId=9999997&token=&transactionId=b127f98b77f741fca6bb49981ee6e846&operation=AUTH
Reply from payment provider:
<? Xml version = "1.0"?>
<Process Response xmlns: XSi = "http://www.w3.org/2001/XMLSchema-instance" xmlns: xsd = "http://www.w3.org/2001/XMLSchema">
<Operation> AUTH </ Operation>
<ResponseCode> OK </ Response Code>
<AuthorizationId> 064392 </ AuthorizationId>
<TransactionId> B127f98b77f741fca6bb49981ee6e846 </ TransactionId>
<ExecutionTime> 2009-12-16T11: 17:54.633125 +01:00 </ ExecutionTime>
<MerchantId> 9999997 </ MerchantId>
</ Process Response>
Webshop Performs Process (CAPTURE)
https://epayment-test.bbs.no/Netaxept/Process.aspx?merchantId=9999997&token=&transactionId=b127f98b77f741fca6bb49981ee6e846
&transactionAmount=200&operation=CAPTURE
Reply from payment provider:
<? Xml version = "1.0"?>
<ProcessResponse Xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Operation> CAPTURE </ Operation>
<ResponseCode> OK </ Response Code>
<TransactionId> B127f98b77f741fca6bb49981ee6e846 </ TransactionId>
<ExecutionTime> 2009-12-16T11: 40:57.601875 +01:00 </ ExecutionTime>
<MerchantId> 9999997 </ MerchantId>
</ Process Response>
I really appreciate if anyone can help me with This

Hi,
Is there any particular reason you want to call a form through provider API?
Because when you call a from through
wwa_api_provider.show_portlet the issue #1 is true (you cannot pass parameteres to a form) and the issue #2 could be resoled by supplying a porltet_record.p_page_url to the current page URL.
However, there is a form-specific PLSQL APIs to call a form and pass parameters to that from which is describe in our FAQ list:
http://otn.oracle.com/products/iportal/htdocs/portal_faq.htm#BuildingApplications
Please see following topics:
"How do I call a form in insert mode and pass it default values?"
and
"How do I call a form and pass it a query condition to be automatically executed?"
Thanks,
Dmitry

RESTful webservice with Jersey

Hey all,
I'm building a RESTful webservice with Jersey on top of my EJB layer.
This all goes well, the simple CRUD operations seem to work, but now I seem to have some trouble to add the extra functionality.
I've got a category which I can get by id through: http://localhost:8080/RealEvaluatorWeb/resources/categories/id (with id the integer that I need).
This is done by CategoriesResource method:
@Path("{idCategory}/")
    public CategoryResource getCategoryResource(@PathParam("idCategory") Integer id) {
        CategoryResource resource = resourceContext.getResource(CategoryResource.class);
        resource.setId(id);
        return resource;
    }Now I want to add that a category can be found by his name, so like this: http://localhost:8080/RealEvaluatorWeb/resources/categories/name (with name the string that I need).
I thougt I just had to add the following method:
   @Path("{name}/")
    public CategoryResource getCategoryResource(@PathParam("name") String name) {
        CategoryResource resource = resourceContext.getResource(CategoryResource.class);
        resource.setName(name);
        return resource;
    }but then my server log spits out following error message:
A resource, class service.CategoriesResource, has ambiguous sub-resource locator for URI template {name}/, which matches with template {idCategory}/So can anyone help me and tell what I should add to be able to search by name?
Thanks!

OK got it solved by my self.
Solution:
Define a RESTFUL (POST, PLSQL) Service with the following HEADER parameters:
authorization          authorization     IN     STRING
X-APEX-STATUS-CODE     status          OUT     INTEGER
As per RFC 1945, the Authorization header value should contain the username:password
as encoded (base64) string. That is what the RESTclient send (over https)
In the PLSQL i decode :authorization and validate it against APEX Authentication Scheme.
The result of the validation drives the response header (:status) in PLSQL with 200 (ok) or 401 (Not Authorized)
-- Klaus

Invalid request when calling REST-webservice with UTL_HTTP.

Hello,
When i try to send some data to a REST-webservice i get as response "INVALID REQUEST"
I Think it is about the request-body that seems to be no UTF-8.
I tried to set the characterset with utl_http.set_body_charset(t_http_req, 'UTF-8').
But when i read the characterset with utl_http.get_body_charset(t_charset);, is still get "ISO-8859-1"
I am using: Oracle Database 10g Express Edition Release 10.2.0.1.0 - Product
Some help would realy be appreciated because i am out of options trying to get the code working..
======MY CODE==========
create or replace procedure ipm40_send_bekendmaking(p_bdmg_id in number)
as
r_bekendmaking ipm40_bekendmakingen%rowtype;
r_gemeente ipm40_gemeenten%rowtype;
l_url httpuritype;
t_http_req utl_http.req;
t_http_resp utl_http.resp;
t_request_body varchar2(32767);
t_respond varchar2(32767);
-- t_teller integer := 1;
-- t_output varchar2(2000);
t_start number := 1;
t_body_lengte number;
t_chunkdata varchar2(4000);
t_tijd_1 varchar2(256);
t_tijd_2 varchar2(256);
t_timeout integer;
t_length number;
t_charset varchar2(256);
begin
select *
into r_bekendmaking
from ipm40_bekendmakingen
where id = p_bdmg_id;
select *
into r_gemeente
from ipm40_gemeenten
where gmte_code = r_bekendmaking.gmte_code;
l_url := httpuritype.createuri('http://zwolle.stadsbeheer.com:82/apex/ipm40bekendmaking?p_bdmg_id='||r_bekendmaking.id);
t_request_body := l_url.getClob();
/* request that exceptions are raised for error Status Codes */
--Utl_Http.Set_Response_Error_Check ( enable => true );
/* allow testing for exceptions like Utl_Http.Http_Server_Error */
--Utl_Http.Set_Detailed_Excp_Support ( enable => true );
utl_http.set_transfer_timeout(300);
t_http_req:= utl_http.begin_request( r_gemeente.url_webservice_bekendmakingen
, 'POST'
, 'HTTP/1.1');
utl_http.set_body_charset(t_http_req, 'UTF-8');
utl_http.get_body_charset(t_charset);
utl_http.set_authentication(t_http_req,r_gemeente.user_webservice_bekendmakingen,r_gemeente.pw_webservice_bekendmakingen);
t_length := length(t_request_body);
utl_http.set_header(t_http_req, 'Content-Type', 'application/xml charset=UTF-8');
utl_http.set_header(t_http_req, 'Content-Length', t_length);
utl_http.set_header(t_http_req, 'Transfer-Encoding', 'chunked' ); --
t_body_lengte := dbms_lob.getlength(t_request_body);
loop
t_chunkdata := dbms_lob.substr(t_request_body, 2000, t_start);
utl_http.write_text ( t_http_req, t_chunkdata );
t_start := t_start + 2000;
if t_start > t_body_lengte
then
exit;
end if;
end loop;
t_http_resp:= utl_http.get_response(t_http_req);
utl_http.read_text(t_http_resp, t_respond);
utl_http.end_response(t_http_resp);
if instr(t_respond,'Successfully document processed') != 0
then
update ipm40_bekendmakingen
set ind_status = 'S'
, datum_verzonden = sysdate
, response = t_respond
where id = r_bekendmaking.id;
else
update ipm40_bekendmakingen
set ind_status = 'F'
, datum_verzonden = null
, response = t_respond
where id = r_bekendmaking.id ;
end if;
commit;
exception
when others
then
t_tijd_2 := to_char(sysdate,'HH24:MI:SS');
t_respond := substr(sqlerrm,1,2000);
update ipm40_bekendmakingen
set ind_status = 'F'
, datum_verzonden = null
, response = t_respond
where id = r_bekendmaking.id ;
commit;
end;
===THE RESPOND=============
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<HTML><HEAD><META HTTP-EQUIV="Content-Type" CONTENT="text/html; charset=iso-8859-1">
<TITLE>ERROR: The requested URL could not be retrieved</TITLE>
<STYLE type="text/css"></STYLE>
</HEAD><BODY>
<H1>ERROR</H1>
<H2>The requested URL could not be retrieved</H2>
<HR noshade size="1px">
<P>
While trying to process the request:
<PRE>
POST /pushxml/pushxml-bm HTTP/1.0
Authorization: Basic Ymtfc21hcnRob2xkaW5nOllyZXMzdlFR
Content-Type: application/xml charset=UTF-8
Content-Length: 2096
Transfer-Encoding: chunked
Connection: close
</PRE>
<P>
The following error was encountered:
<UL>
<LI>
<STRONG>
Invalid Request
</STRONG>
</UL>
<P>
Some aspect of the HTTP Request is invalid. Possible problems:
<UL>
<LI>Missing or unknown request method
<LI>Missing URL
<LI>Missing HTTP Identifier (HTTP/1.0)
<LI>Request is too large
<LI>Content-Length missing for POST or PUT requests
<LI>Illegal character in hostname; underscores are not allowed
</UL>
<P>Your cache administrator is [email protected].
<BR clear="all">
<HR noshade size="1px">
<ADDRESS>
Generated Fri, 12 Aug 2011 17:33:24 GMT by asd2cc001.asp4all.nl (squid)
</ADDRESS>
</BODY></HTML>

Always check the access_log and error_log files of the Apache web server in such a case. This will identify whether the error comes from Apache itself, mod_plsql, the Apex run-time engine, or the Oracle database.
I see that you're creating a HTTP/1.1 in PL/SQL - however, the web server response indicates a HTTP/1.0 call was received. Unusual. And could be part of the problem.

Securing WebService with Basic Security Profile

Hi,
I'm trying to write a WebService on EJB 3.0 that is secured with Basic Security Profile. Every message is signed with x509 certificate.
I'm new in Java WebServices and I really don't know how to do it. Can anybody help me?
WebService will be deployed on JBoss 4.2.1 GA with java jdk 1.6

Hi,
I'm trying to write a WebService on EJB 3.0 that is secured with Basic Security Profile. Every message is signed with x509 certificate.
I'm new in Java WebServices and I really don't know how to do it. Can anybody help me?
WebService will be deployed on JBoss 4.2.1 GA with java jdk 1.6

WS security on webservices with JAX-WS Provider Interface

Hi Experts:
I have developed webservices with JAX-WS Provider Interface (WSProvider),it gives message level handling and also eliminates POJOs for user defined types; but how to add operation level Weblogic security policy on such services ?
In my Weblogic console, I can see the endpoint of the service, and my services has at least 10 operations as defined in the WSDL, but I do not see operations details in the server console when I try to attach Weblogic security policy; so how do I add security rule to decide which operation is allowed by which user?
am I missing something? or this is not possible ? I am using WSProvider Interface and wondering is any issue because of that? Or my operations should be visible regards of any JAX-WS standards implementation ?
Thanks in advance!

appaerently with the switch to the oc4j ws providers - a regression was introduced - bug 5665917 ... which is to be fixed for 10.1.3.3 ..
pls contact oracle support to retrieve the patch ..
/clemens

Need help !!! Regarding invoking Webservices with Basic Auth

I have a partner who requires me to pass credentials in order to invoke their Webservice.
I have created a Partner link using a local WSDL (copy of the original partner's WSDL) and assigned the following properties
<property name="HTTPbasicHeaders">credentials</property>
<property name="basicUsername">hilal.khan</property>
<property name="basicPassword">welcome123</property>
And invoked this partnerlink in a Synchronous BPEL process, the invocation fails with the following error message
<remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>exception on JaxRpc invoke: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 Unauthorized</summary>
</part></remoteFault>
Looks like I am missing the way in which these credentials should be sent, I know for sure that the values being sent are correct - I tried to open the WSDL from a browser and it prompted me with a username/password window and I entered the same credentials and it then took me to the WSDL. Can one of you please help me figure out the issue and resolve it.

Hi,
In BPEL.xml file that is built for bpel pass the binding with the httpUsername and httpPassword which you can make anything.
<partnerLinkBinding name="PartnerLink_SPTel_Register">
<property name="wsdlLocation">RegisterServiceRef.wsdl</property>
<property name="httpUsername">dummy</property>
<property name="httpPassword">dummy</property>
</partnerLinkBinding>
and in the BPEL process change the value of httpUsername and httpPassword dynamically to whatever you want.
<copy>
<from variable="httpUsername"/>
<to partnerLink="EventService_Partner" bpelx:property="httpUsername"/>
</copy>
<copy>
<from variable="httpPassword"/>
<to partnerLink="EventService_Partner" bpelx:property="httpPassword"/>
</copy>
This works great if you have to pass different credentials to the same WS depending on who accesses the bpel process.
hope this helps
Sandeep

Call secured BAM WebService

Hi,
I want to use BAM adapter in my app.
I created in JDeveloper JCA and wsdl files, and generated business service from them.
When I launch test console to test my business service, I get authentication error:
The invocation resulted in an error: Invoke JCA outbound service failed with application error, exception: com.bea.wli.sb.transports.jca.JCATransportException: oracle.tip.adapter.sa.api.JCABindingException: oracle.tip.adapter.sa.impl.fw.ext.org.collaxa.thirdparty.apache.wsif.WSIFException: servicebus:/WSDL/Test%20OSB%20Project/JCA/BamAdapter_1 [ writetoBAM_ptt::writetoBAM(_ItemSalesCollection) ] - WSIF JCA Execute of operation 'writetoBAM' failed due to: javax.security.auth.login.LoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied; nested exception is:
javax.resource.ResourceException: javax.security.auth.login.LoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
com.bea.wli.sb.transports.jca.JCATransportException: oracle.tip.adapter.sa.api.JCABindingException: oracle.tip.adapter.sa.impl.fw.ext.org.collaxa.thirdparty.apache.wsif.WSIFException: servicebus:/WSDL/Test%20OSB%20Project/JCA/BamAdapter_1 [ writetoBAM_ptt::writetoBAM(_ItemSalesCollection) ] - WSIF JCA Execute of operation 'writetoBAM' failed due to: javax.security.auth.login.LoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied; nested exception is:
javax.resource.ResourceException: javax.security.auth.login.LoginException: [Security:090304]Authentication Failed: User javax.security.auth.login.LoginException: [Security:090301]Password Not Supplied
at com.bea.wli.sb.transports.jca.binding.JCATransportOutboundOperationBindingServiceImpl.invokeOneWay(JCATransportOutboundOperationBindingServiceImpl.java:114)
How can I call the BAM service behind authentication? I didn't find any way to provide credentials to business service.
Thanks.
upd. I tried adding parameters to connection pools and configuring trusted domains. It didn't work
Edited by: frf on 12/7/2010 8:33

Hi
You need to setup the BAM adapter in the WLS console under Deployments --> BAM Adapter.
Please refer to BPEL-BAM tutorial on the BAM OTN page under BAM 11g Samples and tutorials.
Regards
Payal

Zte open c problem with sync calendar via https

I use ownCloud. On my device ZTE Open C use caldav.
When I use url of our CalDAV server http that synchronization is good
When I use https and click SAve -sync not work. I see "Something is wrong. Try again later".
What is the problem ?

Hello,
Thank you for contacting Mozilla Support! After reviewing the information that you provided, we think that the best way to fix this issue would be to reset your device.
'''Warning:''' '''''Resetting your phone will delete all data stored on the device, including apps, calendar data, email accounts, and settings.'''''
To reset the device, follow these instructions:
# Open the [[Image:Settings App (small)]] '''Settings''' application.
# Tap on the '''Device Information''' button.
# Tap on the '''More Information''' button.
# Tap on the '''Reset phone''' button.
# Tap '''OK''' to reset your device.
We hope that this fixed the issue you were having. Please report back to us if this helped!
Thank you!

How do I protect my JNLP, my JARs etc. (with Basic Authentication)???

hi all,
i know that there is a FAQ ( [see here|http://lopica.sourceforge.net/faq.html#obfuscate] ) answering a related question with "You can use an obfuscator...". ok, but is there really no other solution?
this is the simplified folder structure of my application on the server:
[application]
[etc]
    xyz.xml
[jars]
    myapp.jar
launch.jnlp
website.jsp
initial start and basic authentication:*
my first idea was to secure everything underneath "application" with basic authentication via my web.xml (yes, i'm aware of the security concerns). this means everybody can access my website (here: website.jsp) which contains a start button that links to "launch.jnlp". as soon as the user clicks on it, the browser opens its standard authentication dialog since launch.jsp is in a protected area. after entering the correct credentials the jnlp-file is downloaded and java web start takes over control. first of all it seems as it tries to access the same jnlp-file again (??? --> probably in order to check for changes in the jnlp file --> this is certainly not the case for the initial startup) and then wants to download the relevant jar (myapp.jar). because both resources are protected jws opens its own basic authentication dialog where i have to enter the same credentials the second time. as far as i know, there is no solution to pass the credentials between the browser and the jvm.
second start and basic authentication:*
if the user starts my application for the 2nd, 3rd, ... time via desktop-link (set in jnlp-file) there is no need for accessing my website with a browser. therefore only the authentication dialog of jws gets displayed. so far, so good!
and now the actual problem:*
during runtime my application (signed with verisign certificate and having all permissions) uses commons-vfs and commons-httpclient to access resources on the same server (e.g. etc/xyz.xml). since they're underneath the protected "application" directory as well, my application needs the same credentials the user already entered in the authentication dialog of jws. now i could retrieve these credentials by calling Authenticator.requestPasswordAuthentication() within my application and passing them to vfs and httpclient. however, doing so opens up jws' authentication dialog again. grrr!!! is there a way to prevent this?
related thougts:*
i know i could disable jws' default Authenticatior and set my own Authenticator which might be able to return already entered credentials without opening the dialog a second time. however, it seems that even with <property name="javaws.cfg.jauthenticator" value="none" /> jws still opens its own dialog when acessing the JNLP file and the relevant JARs during the startup/download phase. of course, who else if not jws could handle that phase? my application might not even be downloaded at this point. so i guess setting my own Authenticator would not be a solution either (at least not if i want to secure my jnlp and my jars, too). quite the contrary, it would have to open another dialog... :-(
my current solution:*
for the moment i use jws' default Authenticatior which allows me to easily protect all my stuff on the server side (jnlp, jar, etc). i can live with the two login dialogs at the initial startup. and instead of querying the credentials from jws' default Authenticatior at runtime, i set two system properties for username and password in the (protected) jnlp-file, query them at runtime and hand it to vfs and httpclient. this prevents the 2nd (or 3rd) dialog but is definitely not a great solution. most of all i'm not happy with the fact that this somehow "destroys" the container-based security advantage of easily configuring authorized users via a separate mechanism e.g. tomcat-users.xml. now there has to be one master-password that has to be set in the jnlp-file! grrr!
a possible alternative:*
i'm not sure but would it be better to secure everything with form-based authentication on the website, and dynamically generate username and password into the jnlp-file? but what happens when the admin changes the password on the server and the user starts its application via desktop-link??? in case of basic authentication i think jws would popup the login dialog again. however, if i use the old username and password generated into the jnlp it won't work. i think the user then has to access the website again. this is not good at all! :-(
the only real solution:*
should i write a small application which can be downloaded by everybody and on startup queries the user's credentials, validates them with the help of our server, and uses the javax.jnlp-api to download the secured JARs of my real application? this seems so much overkill! does anybody have experiences with this approach? how difficult is it to implement the whole download/update stuff with javax.jnlp?
WHAT HAVE I MISSED???
AM I COMPLETELY WRONG???
WHAT IS THE EASIEST WAY???
AND WHAT IS THE BEST WAY???
thank you so much,
stephan

Not sure, whether I understood correctly, what you wanna do - but up to now I can't see any problem.
if you have a structure like this:
/ctxroot/
       launch.jnlp
       /app/
           *.jar
           *.whateveryou may use in your web.xml:
     <servlet>
          <servlet-name>JnlpDownloadServlet</servlet-name>
          <servlet-class>jnlp.sample.servlet.JnlpDownloadServlet</servlet-class>
     </servlet>
     <servlet-mapping>
          <servlet-name>JnlpDownloadServlet</servlet-name>
          <url-pattern>*.jnlp</url-pattern>
          <url-pattern>/app/*</url-pattern>
     </servlet-mapping>
     <security-constraint>
          <web-resource-collection>
               <web-resource-name>Application</web-resource-name>
               <url-pattern>/app/*</url-pattern>
               <http-method>GET</http-method>
               <http-method>POST</http-method>
          </web-resource-collection>
          <auth-constraint>
               <role-name>bla</role-name>
               <role-name>fahsel</role-name>
          </auth-constraint>
          <user-data-constraint>
               <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
     </security-constraint>
     <security-constraint>
          <web-resource-collection>
               <web-resource-name>Subscription</web-resource-name>
               <url-pattern>*.jnlp</url-pattern>
          </web-resource-collection>
          <user-data-constraint>
               <transport-guarantee>CONFIDENTIAL</transport-guarantee>
          </user-data-constraint>
     </security-constraint>
     <login-config>
          <auth-method>BASIC</auth-method>
          <realm-name>whatever-realm</realm-name>
     </login-config>
     <security-role><role-name>bla</role-name></security-role>
     <security-role><role-name>fahsel</role-name></security-role>
...Than you may use the Service stuff like:
     BasicService bs = (BasicService)ServiceManager.lookup("javax.jnlp.BasicService");
     URL codeBase = bs.getCodeBase();
     URL pu = new URL(codeBase.toString() + "whatever.bla");
     HttpURLConnection res = (HttpURLConnection) pu.openConnection();
     res.setInstanceFollowRedirects(true);
     res.setRequestMethod("GET");
     res.setConnectTimeout(10 * 60 * 1000);
     res.connect();
     String enc = res.getContentType();
...Where is the problem? If you wanna intercept certain "calls" to an app resource, just use a filter, which decides, whether to answer the request directly by itself or to pass it to the JnlpDownloadServlet ...

RESTful webservices invocation from OSB.

Can some one please explain the best way to develop the OSB service to invoke the Restful services.
1. Only proxy service is enough to handle the request, no need of business service?
2. when moving the code from one env to other, we use a business service to update endpoint url which is the common approach we generally follow, to make the osb service loosely coupled. how to use the business service when invoking the restservice? does we have the base uri value in the transport url and will get appended with the relative-uri value which we frame as part of the request in the outbound variable in the proxy settings?
3. when invoking the rest service do we need to append all the request message to the url itself or the request can be passed separately as request body and the main rest uri will have only the key fields as part of the relative-uri?
4. If we receive huge request message does the URL support the entire request?
5. how the response/error will be returned when calling the Restful webservice?
I am assuming this appraoch. Can some one please confirm does this approach works with RESTful service invocation from OSB.
Request processing:
Source System request-> Proxy Service -> Transformation to end system specific -> Business service (with base-uri -> http://mainappl.com/web/cmr/{relative-uri from outbound transport}) -> endsystem
Response processing:
endsystem Response/Error -> Business Service -> Proxy Service -> transformation to source system specific -> source system.
Please advice which is the best approach to follow while invoking the RESTful webservices from OSB.
Thanks..
Edited by: user12679330 on May 5, 2010 4:33 AM
Edited by: user12679330 on May 5, 2010 5:00 AM

Hi,
Thanks for the update. Can you please explain the above mentioned approach works or how it should be?
I have one requirement, can some one explain the implementation for this:
I have one element which is of type unbound. I need to map this element to a single enelement value by separating each element value with a ;, before that I need to check wheteher this element(s) are present in the request then need to appened all these element values to a single element and the end of this element need to append default values.
Scenario:
<student>
<name>asd</name>
<address>
<street>street1</street>
<street>street2</street>
<street>street3</street>
||
||
</address>
to be mapped it to:
<student>
<field name="NAME">asd</field>
<field name="ADDRESS">street1;street2;street3;default1;default2;default3</field>
</student>
Here need to check if street names are present in the request xml, if yes ned to assign it to ADDRESS as mentioned above if street names present or not need to append the default values at the end to the ADDRESS field.
Thanks in advance.

Url service data control - problem while POSTing to a restful webservice

Hi,
I am trying to call a restful webservice to add a new employee .I have created the url service data control. The service method consumes XML.
When i am creating the url service datacontrol I selected the http method as POST and giving the servicepath and servicename as the source. After providing the xsd's path and all , when I test the url connection, I am getting the following error message:
URL Test: Received Error: Method Not Allowed
This might be because the clicking of the test url button is sending the get request, but the actual method is POST.
Now under the data controls navigator, If i view the newly created data control, i could see the loadData(Object) method which i assume is for retrieving the data from the service. But since i have mentioned the method as POST, why such a method is created? Also if its there, can I use the same for insert and update? I have used this loadData (Object) method to create a button which calls the webservice upon click. Under the data control property inspector, i changed the supportsupdate attribute's value to true. But when i am trying to save the employee from the jspx page, I am getting the following message in the integrated weblogic's log
Couldn't get access to the data source. Cause Unsupported Media Type exception in rest service
And on the server side I am getting the following error message:
No message body reader has been found for request class Employee, ContentType application/octet-stream.
I think the request is not going as XML. But while creating the datacontrol i have specified the xsd document for the iput xml request. Does ADF automatically creates the XML from the input parametres? If it does not, then what could be done to achieve that? The default actionListener of the submit button is #{bindings.loadData.execute}. Do i have to override it to send the XML request? Or have I missed anything in trying to achieve what i intend?
I had refered this link for reference :
http://docs.oracle.com/cd/E18941_01/tutorials/jdtut_11r2_53/jdtut_11r2_53.html
Rampal
Edited by: user12011868 on Jan 22, 2012 10:03 PM

Hi Frank,
I had specified the HTTP method as POST as well as PUT. But the same error is appearing in the both the cases.
URL Test: Received Error: Method Not Allowed
And when I am clicking on the 'Test URL Connection' , I can't see any option of selecting the HTTP method. This option only appears in the step 2 of creating the URL service data control where we mention the URL endpoint and the source.
What could be the reason for the error.
Rampal

XML payload in RESTful webservice

Hi all,
Can anyone please suggest on how to call the RESTful webservice (which is used by our client) by passing an XML payload from a PL SQL stored procedure? It is for the authentication purpose. And the username and password has to be passed as the XML payload to the RESTful webservice . Please help, it's a bit urgent.
Thanks in advance
Geethu
Edited by: 982489 on Mar 22, 2013 3:02 AM

Hi all,
Can anyone please suggest on how to call the RESTful webservice (which is used by our client) by passing an XML payload from a PL SQL stored procedure? It is for the authentication purpose. And the username and password has to be passed as the XML payload to the RESTful webservice . Please help, it's a bit urgent.
Thanks in advance
Geethu
Edited by: 982489 on Mar 22, 2013 3:02 AM

Issue with calling restful services via HTTP in an Orchestration

The company I work for is using RESTful services for our I/O. We are processing EDI files using Biztalk, and are calling the REST services via HTTP from a c# code called within the orchestration. At lower volumes, the service performs fine, but at higher
transaction volumes, the HTTP calls never return. Is there a resource that needs to be tuned somewhere on the biztalk node to allow higher volumes of HTTP calls? Its not the REST service side - it has no problems handling loads generated by non biztalk nodes.
For further clarification, the EDI message is a multi batched, so there are many simultaneous orchestrations running at once. I have started to look at ways to throttle how many instances can run at once, but I still suspect some resource in the HTTP
sequence that we dont have enough of.
Ideas?

I think you were not enough free threads in the ThreadPool to complete the operation.
So you can work out with Max connection setting in your BTSNTSvc file first
<system.net>
<connectionManagement>
<add address="http://name.of.server.here" maxconnection="1oo" />
</connectionManagement>
</system.net>
and try increasing number of threads allocated to the specific send Host instance and your Orchestration instance ,you can try twinkling Response timeout in minutes as well on host instance
Thanks
Abhishek

Call secure RestFul WebService with basic authorization via https

Similar Messages

Maybe you are looking for