Calling secured web service, cross domain security

Similar Messages

• Calling secured web service from Pl SQL

  Hi
  I am trying to call a secured web service from pl/sql using utl_http.
  Is there a sample pl/sql program that i can refer to call a secured web service.
  sample soap header that am trying to acheive.
  <soap:Header>
  <wsa:Action>http://myactaction</wsa:Action>
  <wsa:MessageID>uuid:asdfadrewrwqr</wsa:MessageID>
  <wsa:ReplyTo>
  <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
  </wsa:ReplyTo>
  <wsa:To>http://myact</wsa:To>
  <wsse:Security soap:mustUnderstand="1">
  <wsse:UsernameToken wsu:Id="SecurityToken-321321">
  <wsse:Username>mordfsafsdae</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">werwqrewrwe</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  Thanks a ton in advance

  Hi,
  On way we can call a web service is to pass the Web Service URL to UTL_HTTP package:
  Sample Web Service URL
  ===================
  lv_url :=
  'http://67.97.189.151:8888/plsqlsample/dbfunc?invoke=placeOrder'
  || '&'
  || 'param0=1'
  || '&'
  || 'param1=1'
  || '&'
  || 'param2=1';
  Sample Call using UTL_HTTP
  =====================
  SELECT UTL_HTTP.request (lv_url)
  INTO lv_result
  FROM DUAL;
  Thank you.
  Regards,
  Balu

• How to call a secure web service via XAI Sender in CC&B

  Hi All,
              I want to a call a secure web service from CC&B through out bound message. I have configured the calling  WSDL in XAI Sender. The wevservice is secured one.I tried to call it by configuring user name and password in XAI sender context.But still i am not able to call the service.
  Can anybody help me how to over come this issue ??
  I have cretaed the same post under utilities,but i am not able reply it.
  I am using HTTPSNDR  as XAI class.
  Thanx in advance.
  Regards
  sunil

  Are you getting any errors? What type of XAI Class are you using?
  One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
  Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
  Hope this helps.
  Regards,
  Philip

• How to call OWSM secured web-service from ADF application

  I have a OWSM secured web-service, which takes username/password.
  I want to invoke this webservice from ADF application. ADF application has its own security and it takes its own username/password. End user can't provide the username/password for web-service call. My ADF application should call the webservice and provide it appropriate username/password.
  What is the best practice to handle such scenario. I don't want to hardcode username/password in Java (ADF) code.
  Thanks
  Sanjeev.

  it is not clear to me if you are having problems with calling java code from OIM or if the problem is the web service API.
  Lets do some divide and conquer:
  Can you create a simple java class that just writes a couple of lines to the log? Please attach this code to the OIM task and make sure it runs.
  Once this works we can start looking at the web service call.
  Best regards
  /Martin

• Calling secured Web Service

  Hi,
  I am new in calling web service from PL/SQL block.
  From the code I'm successfully able to call non-secured webservice like this "http://www.ignyte.com/webservices/ignyte.whatsshowing.webservice/moviefunctions.asmx?wsdl"
  And also by setting the wallet I'm also able to call secured web service like this "https://www.docusign.net/api/3.0/Credential.asmx?WSDL" (ping method).
  For calling this secured service I stored certs with chain into the wallet and that works.
  But my problem is a different web service where that web service is authenticating me with my certificate. I have VeriSign certificate with private key and that web service has my public key. Whenever I will send SOAP request I need to send my certificate with the request. And communication will be over SSL.
  I have created a wallet with complete chain from the PFX file I received from VeriSign and Wallet is in Ready state, also I have included web service's certificate also.
  Whenever I am trying to make SOAP call I'm getting
  ORA-00600: internal error code, arguments: [kgazmo_1], [], [], [], [], [], [], []
  Please let me know where is the problem. May be I'm not able to send my certificate for authentication or may be I'm not able to establish SSL for communication from PL/SQL.
  I'm using 10.1.2 as database. I also have 10g AS installed, if that can help in achieving this.
  Code is as follows:
  FUNCTION CallWS
  RETURN xmltype
  AS
  l_request soap_api.t_request;
  l_response soap_api.t_response;
  l_url VARCHAR2(32767);
  l_namespace VARCHAR2(32767);
  l_method VARCHAR2(32767);
  l_soap_action VARCHAR2(32767);
  l_doc xmltype;
  BEGIN
  l_url := 'https://secured.webservice.com/WS/WebService.asmx';
  l_namespace := 'xmlns="https://secured.webservice.com/WS"';
  l_method := 'GetMe';
  l_soap_action := 'https://secured.webservice.com/WS/GetMe';
  utl_http.set_wallet('file:c:/wallets','pass123');
  l_request := soap_api.new_request(p_method => l_method,
  p_namespace => l_namespace);
  soap_api.add_parameter(p_request => l_request,
  p_name => 'param1',
  p_type => 'xsd:string',
  p_value => 'val1');
  soap_api.add_parameter(p_request => l_request,
  p_name => 'param2',
  p_type => 'xsd:string',
  p_value => 'val2');
  l_response := soap_api.invoke(p_request => l_request,
  p_url => l_url,
  p_action => l_soap_action );
  l_doc := l_response.doc;
  RETURN l_doc;
  END CallWS;
  You can find SOAP_API package here [SOAP_API|http://www.oracle-base.com/dba/miscellaneous/soap_api.sql] .
  Thanks in advance.
  -Smith

  Thanks again Billy,
  I have configured a wallet with all the necessary certificates. Actually I have purchased a VeriSign trusted certificate and convert that into Oracle Wallet (p12) using openssl with appropriate password. And I'm calling UTL_HTTP.set_wallet('<path_to_wallet>','<pass_to_open_it>');
  I have send my public key to them (web service company) and they need me to send my certificate with every request so that they can authenticate.
  You are saying we don't have to write any code for TLS/SSL UTL_HTTP will take care of that, thats really good.
  One more thing I want to mention here...
  In Internet Explorer - When I am importing my certificate without my private key and trying to access web service I'm getting 404 page not found error.
  But when I'm importing my certificate with the private key, I can see WSDL and all other methods offered by that web service.
  I'm guessing Oracle Wallet that I'm creating with my certificate will store private key also. B'coz it is showing me User Certificate in Ready state.
  ORA-00600 is not giving me proper location where I can find any error in my code.
  Thanks
  -Smith

• Failed Calling A X.509 Certificate Secured Web Service From OSB

  Hi,
  I have wsdl resource, business service and proxy service setup in OSB 11.1.1.6 on Linux. The business service will consume a X.509 certificate secured web service running on a remote server.
  Below is my approach:
  The consumer of the proxy service of OSB signs its saop request header.
  My OSB proxy service authenticates the signature and forward the request to business service.
  The business service signs the outbound soap request header. (To do this I configured the keystore in Security Provider Configuration of my SOA_domain in Enterprise Manager. Also I applied Web Service Policy of Service Client type to the business service.)
  This is not working yet. Not sure if my approach is correct or not?
  Thank you,
  Eric

  I validated the keystore, all the certificates used and the value for keystore.sig.csf.key / value for keystore.recipient.alias. They are all as expected. Restarted the server. Still failed for OSB to invoke the remote secured web service, but worked if only use soapUI to invoke the same remote secured web service directly.
  The error message is:
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption)
  In the soap request / reponse message shown in the OSB Test Console, there seems to be two signature sections in the header and encryption section although I tried not to encrypt the soap request. I am using Web Service Client Policy "calpers/wss11_x509_token_with_message_integrity_client_policy_osb" which was created based on "oracle/wss11_x509_token_with_message_protection_client_policy". The difference between the two policies is my policy not to sign nor to encrypt entire body.
  In the "Message Signing Setting" section, I unchecked the "Include Entire Body" and left the three default namespaces under the Header Elements.
  In the "Message Encrypt Setting" section, I unchecked the "Include Entire Body" and also left the one default namespace under the Header Elements.
  I don't know how to attach document here, so i add long saop message here.
       Business Service Testing - BookSec_Biz_Svc_52
       Request Document
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsu:Timestamp wsu:Id="Timestamp-eEud1RcUOPcnV0fDqd6gZQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsu:Created>2013-03-14T18:10:00Z</wsu:Created>
  <wsu:Expires>2013-03-14T18:15:00Z</wsu:Expires>
  </wsu:Timestamp>
  <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-VnzMtSwHMI8THKi2hhG2SQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  MIICazCCAdSgAwIBAgIEUTY65zANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwHhcNMTMwMzA1MTgzNTE5WhcNMTMwNjAzMTgzNTE5WjB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJhF0cMUwB/EjAyIOy9Cq8KCDqTXvlnlvMGq6LEhiGOtrATYy+JnHURcPUeusi65Ua3bE7JACWhHJ0fYEl7NtxPPSN3Q1RovkWGQ6I5O2XuEyMHg3MISh2CHhnkGSR+W6riDSUoB0ZC0KTgu14OTwqo54JSY/ugQszY7QC9DAuabAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAWeQ6LjMo12bY65GmnrmLdbRNm95RkL6gJCKa9pyUaMfvaIqKpmMQW8RM+eB90CR5DrM8oO2+8uKcqTt/pGNRYi2UJh2X0CdmyQQTmf3mCfgoZ597VTl+k3mKHKeeST7ZwAyBRL2jI0VisopFHpUhIwABoDgwOMpLcCF974AZ2rA=
  </wsse:BinarySecurityToken>
  *<dsig:Signature* Id="XSIG-oISn2AADumTdR86sONuz8g22" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
  <dsig:Reference URI="#Timestamp-eEud1RcUOPcnV0fDqd6gZQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>3LQ1IpQR3rKHvP6Ov/m9ZRoecZM=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>X2BUn9TLL26Ay9A3HGEn/mnGCCE=</dsig:SignatureValue>
  <dsig:KeyInfo>
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#EK-h7saqC1VyBKZw2n1IHz8GQ22" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<dsig:Signature* xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <dsig:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>dau9qjB2lxIvlaoDIHuWVHqjulI=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#STR-QC3ZDBRwsXv8unEWVns9rQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
  <wsse:TransformationParameters>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </wsse:TransformationParameters>
  </dsig:Transform>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>nPO9mKSC9cMg2fEkGZI+ujy5O1Q=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#XSIG-oISn2AADumTdR86sONuz8g22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>qXkW/ZFFNc8Bu0VL9eF6c4np7IA=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>
  MuHCTh5cW8TiVKtkWFl+Of2EFAiHwuPTR7J9b4/n2KZtPy2OCrgi1lBpuzhFKLhoBxYNOK8TMOa/3b223Vv+CQUfUP7z0YVj5Ck7QETYngaQlS07KulnstJjsAgHBV8Zk3A0EafuWF2c3t5wBzEkgEC99v0EdY3mRiCzt7vh2qs=
  </dsig:SignatureValue>
  <dsig:KeyInfo Id="KeyInfo-0LT1QavoIVXOHesZfrxTwg22">
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<xenc:EncryptedKey* Id="EK-h7saqC1VyBKZw2n1IHz8GQ22" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/>
  </xenc:EncryptionMethod>
  <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <wsse:SecurityTokenReference wsu:Id="STR-QC3ZDBRwsXv8unEWVns9rQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">q9Z9yPxvNw4CvSLQNI4rxVlSF+w=</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  <xenc:CipherData>
  <xenc:CipherValue xmime:contentType="application/octet-stream" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
  Tgdhxy6wMJBBrw23iq1GLCm0TYKBXSVQvBcN+7TXdXL6FPSjhcbfXqtoz7wzirbSwUZuu+DrYuWs
  0BjRXqw3auUSCMlkm4IoT1ag3wFQQ/PEbB8HNlYhW3gp/At3toTw+k5p9wOUd4BMFAiXyeHQ8+dQ
  8JUiohXhiHErTDn6fFQ=
  </xenc:CipherValue>
  </xenc:CipherData>
  </xenc:EncryptedKey>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Document
  The invocation resulted in an error: Internal Server Error.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Body>
  <soapenv:Fault>
  <faultcode>soapenv:Client</faultcode>
  <faultstring xmlns:lang="en">
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption) </faultstring>
  </soapenv:Fault>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Metadata
  <con:metadata xmlns:con="http://www.bea.com/wli/sb/test/config">
  <tran:headers xsi:type="http:HttpResponseHeaders" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:tran="http://www.bea.com/wli/sb/transports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <tran:user-header name="Accept" value="text/xml"/>
  <tran:user-header name="Expires" value="Thu, 14 Mar 2013 18:10:01 GMT"/>
  <tran:user-header name="SOAPAction" value="&quot;&quot;"/>
  <http:Cache-Control>max-age=0</http:Cache-Control>
  <http:Connection>close</http:Connection>
  <http:Content-Type>text/xml; charset=UTF-8</http:Content-Type>
  <http:Date>Thu, 14 Mar 2013 18:10:01 GMT</http:Date>
  <http:Server>Apache</http:Server>
  <http:Transfer-Encoding>chunked</http:Transfer-Encoding>
  </tran:headers>
  <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">2</tran:response-code>
  <tran:response-message xmlns:tran="http://www.bea.com/wli/sb/transports">Internal Server Error</tran:response-message>
  <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">UTF-8</tran:encoding>
  <http:http-response-code xmlns:http="http://www.bea.com/wli/sb/transports/http">500</http:http-response-code>
  </con:metadata>

• Calling a web service deployed in a SSO domain

  Hello,
  I have try some web service security such as HTTP proxy, and i write a client stub to call that service. And it's work well.
  It's very easy cause i generate stub from wsdl using Jdev10.1.2.
  But when I use SSO domain to protect web service, i have some problem.
  My question is: how should I write a client stub for that web service? How are the name and the password provided in the client stub in order to call web service (that will be also protected as part of the protected application)?
  Can someone help me?
  Regards,
  christian

  Hi Jim,
  I Have activated my SSO on server. The problem is, i can't call my web service from client stub. fro your info in my office we use oracle10g 10.1.2.
  Can you help me, please?
  Thank you,
  christian

• Error while invoking a WS-Security secured web service from Oracle BPEL..

  Hi ,
  We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0).
  For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl/blog/1607/how-to-call-a-ws-security-secured-web-service-from-oracle-bpel]
  but sttill,after deploying it and passing values in it,we are getting the following error on the console :-
  &ldquo;Header [http://schemas.xmlsoap.org/ws/2004/08/addressing:Action] for ultimate recipient is required but not present in the message&rdquo;
  Any pointers in this regard will be highly appreciated.
  Thanks,
  Saurabh

  Hi James,
  Thanks for the quick reply.
  We've tried to call that web service from an HTML designed in Visual Studios with the same username and password and its working fine.
  But on the BPEL console, we are getting the error as mentioned.
  Also if you can tell me how to set the user name and password in the header of the parter link.I could not find how to do it.
  Thanks,
  Saurabh

• How to embed user credentials in Secured Web Service from OBIEE 11gFMW?

  I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
  Here are the steps I completed:
  - I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
  - I granted the access to this service in EBS R12 to user SYSADMIN
  - I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
  - When I try to execute the action: I get the error:
  Action could not be invoked.
  ServiceExecutionFailure :
  Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
  PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. According to the documentation in the Integrators guide, FMW Security guide, and Web Logic guides..seems we have to configure the SOAP call to have the proper credentials. The documentation is not very clear on exactly how to do this. I tried to set up the credential store and an account in ActionFrameWorkConfig.xml but I am still missing something. I am logged into OBIEE as biadmin and I am trying to call a webservie in EBS that is granted to SYSADMIN/sysadmin user. Pls advise.

  I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
  Here are the steps I completed:
  - I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
  - I granted the access to this service in EBS R12 to user SYSADMIN
  - I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
  - When I try to execute the action: I get the error:
  Action could not be invoked.
  ServiceExecutionFailure :
  Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
  PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. According to the documentation in the Integrators guide, FMW Security guide, and Web Logic guides..seems we have to configure the SOAP call to have the proper credentials. The documentation is not very clear on exactly how to do this. I tried to set up the credential store and an account in ActionFrameWorkConfig.xml but I am still missing something. I am logged into OBIEE as biadmin and I am trying to call a webservie in EBS that is granted to SYSADMIN/sysadmin user. Pls advise.

• Error when trying to access a secured web service from Forms 10g 10.1.2.3

  Hello,
  I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
  java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
  javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
  DECLARE
  jo ora_java.jobject;
  pdfObject ora_java.jobject;
  pdf     varchar2(900);
  rv varchar2(100);
  ex ora_java.jobject;
  BEGIN
  JO := SEARCHSOAPCLIENT.new;
  SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
  SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
  pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
  pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
  message(pdf);
  message(' ');
  EXCEPTION
  WHEN ORA_JAVA.JAVA_ERROR then
  message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
  WHEN ORA_JAVA.EXCEPTION_THROWN then
  ex := ORA_JAVA.LAST_EXCEPTION;
  :error := Exception_.toString(ex);
  END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
  import oracle.webservices.transport.ClientTransport;
  import oracle.webservices.OracleStub;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Stub;
  public class SearchSoapClient {
      private webservicesproxywebcontent.proxy.SearchSoap _port;
      public SearchSoapClient() throws Exception {
          ServiceFactory factory = ServiceFactory.newInstance();
          _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
          this.setUsername("weblogic");
          this.setPassword("welcome1");
          System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
       * @param args
      public static void main(String[] args) {
          try {
              webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
              System.out.println("calling " + myPort.getEndpoint());
          } catch (Exception ex) {
              ex.printStackTrace();
       * delegate all operations to the underlying implementation class.
      public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
          return _port.quickSearch(queryText, extraProps);
      }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
  Kind Regards
  Carlos

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Error while invoking secure web service.

  Hi,
  I am trying to access a secure web service through a simple BPEL process in SOA Suite 11g. When I test it through enterprise manager I am getting the following error. Since it's a secured websecure i set the WS policy(oracle/wss_username_token_client_policy) in the external reference and also provided the credentials. If anyone has come across similar error or know the solution please let me know. Also I am not sure if its related to security or is it with the way I am trying to call the service.
  Error Message:
  Fault ID     reference:80014
  Fault Time     May 22, 2011 12:54:45 PM
  Non Recoverable System Fault :
  javax.xml.ws.soap.SOAPFaultException: 99999: Unknown Service
  Error Message: {http://schemas.oracle.com/bpel/extension}remoteFault
  Fault ID     default/Mocking!1.0*soa_be35cb3e-5f05-49df-a696-a653d5703681/BPELProcess1/30017-BpInv0-BpSeq0.3-3
  Fault Time     May 22, 2011 12:54:46 PM
  Non Recoverable System Fault :
  <bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>99999: Unknown Service</summary></part><part name="detail"><detail>&lt;con:fault xmlns:con="http://www.bea.com/wli/sb/context"> &lt;con:errorCode>99999&lt;/con:errorCode> &lt;con:reason>Unknown Service&lt;/con:reason> &lt;con:location> &lt;con:node>PipelinePairNode1&lt;/con:node> &lt;con:pipeline>PipelinePairNode1_request&lt;/con:pipeline> &lt;con:stage>stage1&lt;/con:stage> &lt;/con:location> &lt;/con:fault> </detail></part><part name="code"><code>soap:Server</code></part></remoteFault></bpelFault>

  Thanks very much for your suggestion. I will take a look into the wsdl again and see if something is wrong in that.
  I have a peculiar problem with the wsdl. When I created the partner link using the remote wsdl it would throw a compilation error. But when I took a local copy of the remote wsdl and seperated all the schema's from the wsdl and imported them inside wsdl it gets compiled. But I am not sure if this is a appropriate thing to do and if that is creating this problem. Any thoughts on this would be really helpful.

• Unable to consume secured Web service from a Dynpro application

  Hello,
  I have followed <a href="http://help.sap.com/saphelp_nw04/helpdata/en/c3/bac36a469e4c75aba646077e71516d/frameset.htm">this tutorial</a>
  in order to protect and consume a secured Web service from a Dynpro application using SAP logon ticket.
  The problem is that after implementing everything needed I  receive 401 Unauthorized when I am trying to consume it from the web dynpro side.
  If I manually transfer the request the credentials, before the execute i.e:
  modObj._setUser
  modObj._setPassword
  modObj.execute();
  I am able to call it, meaning the dynpro application doesn't transfer these credentials to the Webservice even though it's authentication property is set to true.
  Any idea how to solve it?
  Roy
  Message was edited by:
          Roy Cohen

  Try below steps
  • Add jars
  o security.class
  o tc/sec/destinations/interface
  • Setting WebDynpro project property
  o Project>Properties>Web Dynpro References-->Interface references
  &#61607; Name=tcsecdestinations~interface
  o Project>Properties>Web Dynpro References-->Service reference
  &#61607; Name=webservices
  &#61607; Name=tcsecdestinations~service
  • Dynamically Set httpdestination and Call web service
  final InitialContext ctx = new InitialContext();
  final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);
  if (dstService== null)
  throw new NamingException ("Destination service not available");
  final Destination destination = dstService.getDestination("HTTP"," DestinationName");
  // getting user name
  Properties destprop = destination.getDestinationProperties();
  String username = destprop.getProperty("USERNAME");
  String password = destprop.getProperty("PASSWORD");
  final HTTPDestination httpDestination = (HTTPDestination) destination;
  HttpURLConnection httpConnection = httpDestination.getURLConnection();
  String httpURL = String.valueOf(httpConnection.getURL());
  Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();
  obj._setUser( user );
  obj._setPassword(pass);
  obj._setEndPoint(httpURL);
  obj.execute();
  Rahul

• Securing web services with Sun Access Manager

  Hi!
  I have gone through some documentation about Sun Access Manager, and I'm a little bit confused.
  What I want is to secure some web services which are deployed on a BEA WebLogic 9.1 server (WLS). Two solutions are possible: To install some kind of plugin into WLS or to place some kind of proxy in front of WLS. In both cases, the purpose would be to authenticate the caller based on some kind of ticket (SAML or similar) and authorize access to the web service.
  I have read about the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" (those guys really like long names....), but in this documentation web services aren't mentioned at all. They only seem to care about HTTP requests from a browser.
  I have also read about the Policy Agent 2.2 in the documentation called "Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services" (puh...). This document explicitly talks about securing web services the way I want.
  My questions are:
  1) Is it possible to secure WLS based web services in the same way using the Policy Agent for WLS?
  2) Are there any documentation/tutorials/etc?
  Thanks in advance :-)
  Anders

  what you need is a webservices agent that would enable you to "protect" your webservice provider, which I assume is on a BEA weblogic provider.
  the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" is "NOT" awebservices agent, but a normal J2EE policy agent.
  So.. having said that. here's what I'd recommend.
  1. install the webservices agent on bea weblogic. (note: NOT the J2EE policy agent)
  2. configure it to use your access manager instance for authentication.
  3. configure your webservices client to use the webservice provider. (note: you'd need the webservices APi's available on the client too... so the quick dirty method would be to install the webservices agent on your client too....) you can later bundle the webservices client independently and provide your"customers" with a webservices client bundle...
  4. voila... your webservices are not "protected" by acces manager ;-)

• Web service error: WS Security can only be applied on a SOAP document

  Hello,
  I am facing the problem that when calling a web service I got this error message:
  005056B855B2002A0000013B000032C70005105EF7348C38 : WS Security can only be applied on a SOAP document.
  Some information about the webservice:
  Transport Binding: HTTP SOAP with Attachments
  Authentication: Basic
  Netweaver version: 7.01.06
  The webservice is based on EJB. Basically I want to add two operations in the webservice: one to accept attachment as input. the other one returns a file as attachment.
  Does anyone knows why this happens and how to resolve it? Thanks in advance!
  Regards,
  Grant

  Grant,
  Please refer this SNote, it may help you...
  1319507 - Overview: Analysis of ABAP Web Service
  Configuration
  Warm Regards,
  Agustuss

• Accessing Secured Web Services fromPL/SQL  Code.

  Hi ,
  This is an urgent requirement.We need to call a Web Sercured which is secured(That we need Authenticate using Digital Signatures).I don't how to call a Secured web service from PL/SQL code.with java it is possible.
  Can anyone help me in confoguring/Writing code to call web services with Digital Certificates.
  Regards,
  Ram

  In the XmlDigester class you would have to change the following 2 functions...
  public int Compare(Object x, Object y)
  XmlAttribute lhs = (XmlAttribute)x;
  XmlAttribute rhs = (XmlAttribute)y;
  string ls = lhs.NamespaceURI;
  string rs = rhs.NamespaceURI;
  if ((ls == rs) || (ls.Equals(rs) && ls != null && rs != null))
  ls = lhs.LocalName;
  rs = rhs.LocalName;
  if (ls == null)
  return -1;
  if (rs == null)
  return 1;
  byte[] larr = Encoding.UTF8.GetBytes(ls);
  byte[] rarr = Encoding.UTF8.GetBytes(rs);
  int len = Math.Min(larr.Length, rarr.Length);
  for (int i = 0; i < len; i++)
  int li = (int)(larr[i] & 0xFF);
  int ri = (int)(rarr[i] & 0xFF);
  int d = li - ri;
  if (d != 0)
  return d;
  return larr.Length - rarr.Length;
  private void Serialize(string s, Stream outStream)
  byte[] bytes = Encoding.UTF8.GetBytes(s);
  int len = bytes.Length;
  Serialize((byte)(len >> 8), outStream);
  Serialize((byte)(len), outStream);
  Serialize(bytes, outStream);
  That should do the trick.