Calling web service via SSL

Hi,
I do not succeed in calling a web service via SSL from within a Web Dynpro application.
Current settings of my logical port:
Target Address: https://...
Authentication: HTTP authentication, basic (username/password)
I do call methods _setUser and _setPassword to set userid and password before calling method execute() of my modelclass.
On calling method execute(), I get message "Connection closed by remote host".
Any suggestions ?
Many thanks.
Jorgen

Can you check the following?
1) Did you install the SAP Cryptographic toolkit for Java available from service.sap.com?
2) Did you install the "Java Cryptography Extension (JCE)
Unlimited Strength Jurisdiction Policy Files 1.4.2". For Sun they are available here: http://java.sun.com/j2se/1.4.2/download.html (last item on page)
3) How is the SSL server configured? Does it require client authentication? In this case you must send a client certificate.

Similar Messages

Calling web service via utl_dbws with unbounded return values

Hello, everyone.
I'm trying to use utl_dbws to call web service from Oracle DB 10 g.
WS has unbounded return value:
<xs:element maxOccurs='unbounded' minOccurs='0' name='return' type='xs:string'/>
I'm setting return paramter in web service call handler like this:
sys.UTL_DBWS.set_return_type(l_h_service_call, cs_qname_type_string);
and when I'm trying to call it from PL/SQL function I'm getting an error:
ORA-29532: Java call terminated by uncaught Java exception:
deserialization error: XML reader error: unexpected character content: "s2"
ORA-06512: at "SYS.UTL_DBWS", line 388
ORA-06512: at "SYS.UTL_DBWS", line 385
ORA-06512: at line 38
I've tried to return values by out parameters and got the same exception.
It looks like utl_dbws needs to know parameters count before calling.
Have anyone succeded in getting arrays from Web Service call?
This is a part of wsdl:
<xs:complexType name='getProcessList'>
<xs:sequence>
<xs:element minOccurs='0' name='nameMask' type='xs:string'/>
</xs:sequence>
</xs:complexType>
<xs:complexType name='getProcessListResponse'>
<xs:sequence>
<xs:element maxOccurs='unbounded' minOccurs='0' name='return' type='xs:string'/>
</xs:sequence>
</xs:complexType>
Throught SoapUI I can produce such kind of request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:proc="http://processmanager.argustelecom.ru/">
<soapenv:Header/>
<soapenv:Body>
<proc:getProcessList>
<processNameMask>*</processNameMask>
</proc:getProcessList>
</soapenv:Body>
</soapenv:Envelope>
and get a response:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<ns2:getProcessListResponse xmlns:ns2="http://processmanager.argustelecom.ru/">
<return>s1</return>
<return>s2</return>
<return>s3</return>
<return>s4</return>
</ns2:getProcessListResponse>
</env:Body>
</env:Envelope>
PL/SQL function:
DECLARE
cs_qname_type_string CONSTANT sys.UTL_DBWS.qname
:= sys.UTL_DBWS.to_qname('http://www.w3.org/2001/XMLSchema', 'string') ;
cs_qname_type_int CONSTANT sys.UTL_DBWS.qname := sys.UTL_DBWS.to_qname('http://www.w3.org/2001/XMLSchema', 'int');
cs_qname_type_any CONSTANT sys.UTL_DBWS.qname
:= sys.UTL_DBWS.to_qname('http://www.w3.org/2001/XMLSchema', 'anyType') ;
cs_endpoint CONSTANT VARCHAR2(256) := 'http://server:8080/process-manager/ProcessManager';
l_service sys.UTL_DBWS.service;
l_service_qname sys.UTL_DBWS.qname;
l_port_qname sys.UTL_DBWS.qname;
l_operation_qname sys.UTL_DBWS.qname;
l_h_service_call sys.UTL_DBWS.call;
l_params sys.UTL_DBWS.anydata_list;
l_ret_val SYS.ANYDATA;
BEGIN
l_service_qname := sys.UTL_DBWS.to_qname(NULL, 'ProcessManagerService');
l_service := sys.UTL_DBWS.create_service(l_service_qname);
l_port_qname := sys.UTL_DBWS.to_qname(NULL, 'ProcessListServiceBinding');
l_operation_qname := sys.UTL_DBWS.to_qname('http://processmanager.argustelecom.ru/', 'getProcessList');
l_h_service_call := sys.UTL_DBWS.create_call(l_service, l_port_qname, l_operation_qname);
sys.UTL_DBWS.set_target_endpoint_address(l_h_service_call, cs_endpoint);
-- return type
sys.UTL_DBWS.set_return_type(l_h_service_call, cs_qname_type_any);
-- param type
sys.UTL_DBWS.ADD_PARAMETER(l_h_service_call, 'processNameMask', cs_qname_type_string, 'ParameterMode.IN');
l_params(1) := anydata.convertvarchar2('*');
l_ret_val := sys.UTL_DBWS.invoke(l_h_service_call, l_params);
IF l_ret_val IS NULL THEN
DBMS_OUTPUT.put_line('l_ret_val is null');
ELSE
DBMS_OUTPUT.put_line('l_ret_val is not null');
END IF;
sys.UTL_DBWS.release_call(l_h_service_call);
END;
Edited by: Ilya on 03.12.2008 3:50

Hi Tony
I'm not sure if you would have solved your problem by now, but with my recent experience with the utl_dbws package, for doc lits with complex data types, you have to call the service with an XML request, as opposed to passing the param array.
If you still need details, reply accordingly.
Ta
cT

Consuming a Web Service via SSL with Basic Authentication

Hello,
I have a simple web service (returns a parameter value) and want to consume it. Therefore I have generated a proxy for its in Netweaver Studio SP13.
When I set up the web service to be accessed via HTTP and Basic Authentication (Username/Password), everything is fine. When I set up the web service to communicate via HTTPS, I get the following error message in my client:
java.rmi.RemoteException: Service call exception; nested exception is:
     java.lang.NullPointerException
     at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:87)
     at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:96)
     at priv.se.wsclient.MultiSecSSL.main(MultiSecSSL.java:38)
Caused by: java.lang.NullPointerException
     at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.disconnect(HTTPSocket.java:625)
     at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.closeSession(HTTPTransport.java:396)
     at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1312)
     at priv.senw04.wsproxy.multisec_ssl.SSLBindingStub.pingText(SSLBindingStub.java:80)
     ... 2 more
Testing the web service with WebServiceNavigator and/or by using a generated WebDynpro Client results in the following error:
000D604C66BE004E0000001300000AFC00040922E0160632 : An error occurred during processing the timestamp. The error was: com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the policy configuration..
But my main focus is on the client implementation based on a proxy. Here comes the client's code:
public class MultiSecSSL {
    public static void main(String[] args) {
        try {
            MultiSecuritySSLAuthImpl serviceInterface = new MultiSecuritySSLAuthImpl();
            SSLBindingStub service = (SSLBindingStub)serviceInterface.getLogicalPort(MultiSecuritySSLAuthViDocument.class);
            SecurityProtocol protocol = (SecurityProtocol) service._getGlobalProtocols().getProtocol("SecurityProtocol");
            AuthenticationContext auth = protocol.getAuthenticationContext();
            auth.setIgnoreSSLServerCertificate(true);
            auth.setUsername("cfpcompany");
            auth.setPassword("demo");
            String ret = service.pingText("Called service MultiSecurity via SSL");
            System.out.println(ret);
        } catch (Exception e) {
             e.printStackTrace(System.out);
Here comes the logical port information of the generated proxy:
<?xml version="1.0" encoding="UTF-8"?>
<LogicalPorts Name='MultiSecuritySSLAuth' InterfaceName='priv.senw04.wsproxy.multisec_ssl.MultiSecuritySSLAuth'>
<LogicalPort Name='SSLPort_Document' Endpoint='https://192.168.129.76:50001/MultiSecuritySSLAuth/SSL?style=document' BindingName='SSLBinding' BindingUri='urn:MultiSecuritySSLAuthWsd/SSL/document' BindingImplementation='SOAP 1.1 HTTP Binding with Attachments' StubName='priv.senw04.wsproxy.multisec_ssl.SSLBindingStub' Default='true' InterfaceName='priv.senw04.wsproxy.multisec_ssl.MultiSecuritySSLAuthViDocument' Original='true' Valid='true'>
    <globalFeatures>
      <Feature Name='http://www.sap.com/webas/630/soap/features/headers/' Provider='SoapHeadersProtocol' Original='false'>
      </Feature>
      <Feature Name='http://www.sap.com/webas/630/soap/features/session/' Provider='SessionProtocol' Original='false'>
        <Property Name='SessionMethod' Value='httpCookies'>
        </Property>
      </Feature>
      <Feature Name='http://www.sap.com/webas/630/soap/features/authentication' Provider='SecurityProtocol' Original='true'>
        <Property Name='AuthenticationLevel' Value='None'>
        </Property>
        <Property Name='AuthenticationMechanism' Value='HTTP'>
        </Property>
        <Property Name='AuthenticationMethod' Value='BasicAuth'>
        </Property>
        <Property Name='SupportsSSO2Authentication' Value='false'>
        </Property>
      </Feature>
      <Feature Name='http://www.sap.com/webas/630/soap/features/transportguarantee' Original='true'>
        <Property Name='Level' Value='No'>
        </Property>
        <Property Name='TLSType' Value='SSL'>
        </Property>
      </Feature>
    </globalFeatures>
    <localFeatures>
      <Operation Name='pingText'>
        <Feature Name='http://www.sap.com/webas/630/soap/features/wss' Original='true'>
          <Property Name='RequestPolicy' Value='Signature'>
          </Property>
          <Property Name='ResponsePolicy' Value='None'>
          </Property>
        </Feature>
        <Feature Name='http://sap.com/webservices/authorization' Original='true'>
        </Feature>
      </Operation>
    </localFeatures>
</LogicalPort>
</LogicalPorts>
To me, this looks consistent. Any idea, what is misconfigured on my machine ?

Hi Martin,
that is exactly, what I did.
- Change Web Service Configuration in IDE
- Build and Deploy the Service to my local Server
- Check Service in Visual Administrator
- Deleted and Regenerated the Standalone Proxy
- Deleted and Recreated the link between CLient and Proxy Project in IDE
- Started Client
Here comes the section of the ws-deployment-descriptor.xml of the service. For me, it matches, what the proxy generated.
<webservice>
    <guid>ed8363_10876a54b6d__7fe9_192_168_129_76_1135862193037</guid>
    <ejb-name-temp>MultiSecWSBean</ejb-name-temp>
    <webservice-name>
      <namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>
      <localName>MultiSecuritySSLAuth</localName>
    </webservice-name>
    <webservice-internal-name>MultiSecuritySSLAuth</webservice-internal-name>
    <standard-namespaceURI>urn:MultiSecuritySSLAuthWsd</standard-namespaceURI>
    <ws-configuration>
      <configuration-name>SSL</configuration-name>
      <ejb-name>MultiSecWSBean</ejb-name>
      <service-endpoint-name>
        <namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>
        <localName>SSLPort</localName>
      </service-endpoint-name>
      <wsdl-porttype-name>
        <namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>
        <localName>MultiSecuritySSLAuthVi</localName>
      </wsdl-porttype-name>
      <webservice-definition-ref>
        <package>com.technidata.cfp.i3rdparty.cfpxml</package>
        <name>MultiSecuritySSLAuthWsd.wsdef</name>
      </webservice-definition-ref>
      <service-endpoint-vi-ref>
        <package>com.technidata.cfp.i3rdparty.cfpxml</package>
        <name>MultiSecuritySSLAuthVi.videf</name>
      </service-endpoint-vi-ref>
      <transport-binding name="SOAPHTTP_TransportBinding">
        <wsdl-binding-name>
          <namespaceURI>urn:MultiSecuritySSLAuthWsd</namespaceURI>
          <localName>SSLBinding</localName>
        </wsdl-binding-name>
      </transport-binding>
      <transport-address>/MultiSecuritySSLAuth/SSL</transport-address>
      <global-features>
        <feature name="http://www.sap.com/webas/630/soap/features/transportguarantee" protocol="SecurityProtocol">
          <property name="TLSType" value="SSL"/>
        </feature>
        <feature name="http://www.sap.com/webas/630/soap/features/authorization" protocol="SecurityProtocol"/>
        <feature name="http://www.sap.com/webas/630/soap/features/authentication" protocol="SecurityProtocol">
          <property name="AuthenticationMethod" value="BasicAuth"/>
          <property name="AuthenticationMechanism" value="HTTP"/>
          <property name="SupportsSSO2Authentication" value="false"/>
        </feature>
      </global-features>
      <operation-configuration uniqueViName="pingText(java.lang.String)">
        <transport-binding-configuration>
          <input>
            <property name="soapAction" value=""/>
            <property name="encodingStyle" value="http://schemas.xmlsoap.org/soap/encoding/"/>
          </input>
          <output>
            <property name="encodingStyle" value="http://schemas.xmlsoap.org/soap/encoding/"/>
          </output>
        </transport-binding-configuration>
        <feature name="http://www.sap.com/webas/630/soap/features/wss" protocol="SecurityProtocol">
          <property name="RequestPolicy" value="None"/>
          <property name="ResponsePolicy" value="None"/>
        </feature>
        <feature name="http://sap.com/webservices/authorization" protocol="SecurityProtocol">
          <property name="security-roles">
            <property name="role1" value="use_multisec_service"/>
          </property>
        </feature>
      </operation-configuration>
    </ws-configuration>
</webservice>
Regards,
Stefan

Calling web service with SSL (HTTPS) hangs client stub

If anyone can help it would make my day! I've spent way too much time on this!!!
I'm running:
- Web service is running on Linux RedHat with Oracle9iAS 9.0.3
- Client is running from Windows XP under Jdeveloper
I've successfully installed and run the web security demo "ws_security" at http://otn.oracle.com/sample_code/tech/java/web_services/wssecurity/ws_security.jar.
This demo goes through installing the web service, certificates, etc... and the demo runs fine. I'm also able to connect to the web service from a browser using https://server1:4443/CreditCardValidator/CreditCardValidator. I can download the proxy, look at the WSDL, etc...
Now I've written my own very simple stateless java class web service, deployed it to 9iAS , and then downloaded the proxy stub jar. Using the proxy stub I can call my web service and everything works fine.
Then I configure the web service to use HTTPS by making the following changes to the proxy stub (per the ws_security demo).
1) Copy the following 5 lines to the proxy stub
System.setProperty("ssl.SocketFactory.provider","oracle.security.ssl.OracleSSLSocketFactoryImpl");
System.setProperty("ssl.ServerSocketFactory.provider","oracle.security.ssl.OracleSSLServerSocketFactoryImpl");
System.setProperty("java.protocol.handler.pkgs","HTTPClient");
System.setProperty("oracle.wallet.location","C:\\Data\\Oracle\\WALLETS\\ws_security\\wallet.txt");
System.setProperty("oracle.wallet.password","thewalletpassword");
2) modify the "m_soapURL" by changing "http" to "https" and the port number to 4443
3) add the following 3 jar files to my projects library class list:
C:\Program Files\jdev9031\jlib\jssl-1_2.jar
C:\Program Files\jdev9031\jdk\jre\lib\ext\jcert.jar
C:\Program Files\jdev9031\lib\jsse.jar;C:\Program Files\jdev9031\jlib\javax-ssl-1_2.jar
When I run the proxy stub it just hangs. I've traced the hang to the "Response response = call.invoke(new URL(m_soapURL), soapActionURI);" statement in the "makeSOAPCallRPC" method in the proxy stub.
Again, this works fine if I simply change the "m_soapURL" to use "http" instead of "https". It looks like it's hanging on the client side and the call is never making it to the server.
Any help is GREATLY appreciated!!!!!

Could you explain it a little more, please.
Since my first message, I used the wallet manager to add the certificate the server where the web service is at, uses.
What else do I need to make it work??
Thanks in advance again.

WWSAPI - Cannot connect to web service via SSL and HTTP proxy authentication with NTLM, errorCode 0x803d0016, HTTP status 407

Hi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
Thanks

Hi,
I built a web service client using WWSAPI. The connection works via SSL (without HTTP proxy) and it works with SSL and proxy with basic authentication as well. When I try to connect using a proxy with NTLM authentication, then I get the errorCode
0x803d0016, HTTP status "407 (0x197)", "Proxy Authentication Required".
In WireShark I see only one HTTP request to connect to the proxy with NTLM Message Type: NTLMSSP_NEGOTIATE. The HTTP Response returns Status 407 and the connection ist closed. Comparing this to Internet Explorer - the Connection is not closed and
a second request with NTLMSSP_AUTH is sent.
Why doesn't it make the complete NTLM handshake? Why wasn't sent the NTLMSSP_AUTH directly?
I oriented in the HttpCalculatorWithKerberosOverSslClientExample.
Using WS_HTTP_HEADER_AUTH_SECURITY_BINDING,
WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_SCHEME was set to WS_HTTP_HEADER_AUTH_SCHEME_NTLM, WS_SECURITY_BINDING_PROPERTY_HTTP_HEADER_AUTH_TARGET to WS_HTTP_HEADER_AUTH_TARGET_PROXY. I tried WS_DEFAULT_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE but also WS_STRING_WINDOWS_INTEGRATED_AUTH_CREDENTIAL_TYPE.
Any idea?
Thanks

WebDynpro Consuming a Web Service via SSL (https)

Hello dovelopers,
i want to consume a Web Service in a WebDynpro Application via https.
can anybody give me a few links to pdfs etc.
Thank You
Michel

Try this:
Are you trying to create https trust relation ship between two SAP Portals or SAP Portal to Non Sap Portal?
Help on How to Consume a Web Service in SAP Portal?
http://help.sap.com/saphelp_nw04/helpdata/en/f5/30c5aca7f92f418d889b99ccc9ee08/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/df/a08340d990ce62e10000000a155106/content.htm
http://www.sapportalguide.com/web_services.html
Here the documents helps you how to integreate https authentication betweeen two portals:
http://help.sap.com/saphelp_nw2004s/helpdata/en/43/2235260b413fe1e10000000a11466f/content.htm
http://help.sap.com/saphelp_nw04/helpdata/en/62/881e3e3986f701e10000000a114084/frameset.htm
http://help.sap.com/saphelp_nw04/helpdata/en/14/29236de1864c6e8d46e77192adaa95/frameset.htm
http://help.sap.com/saphelp_nw04/helpdata/en/d3/41c8efb31d11d5993800508b6b8b11/frameset.htm
Thanks
Krishna

Problem with special characters when calling web services via ISG

Hi all,
I have a problem when trying to send or retrieve strings containing some special characters via Integrated SOA Gateway.
For example, when I call a PL/SQL function via ISG that returns a string containing curling single and double quote characters, these are not represented by valid XML character entity references. So when trying to open the response XML (returned by ISG) in a browser, I get a parser error...
Has anybody had a similar experience with ISG? How can I resolve that - is it an ISG bug?
Thanks
Carolin

XML Parsing Error: not well-formed
Location: file:///C:/Users/sanders/Desktop/Text3.xml
Line Number 4734, Column 54: <DESCRIPTION>Overhead Track Lighting 4?</DESCRIPTION>Do you get the same error if you change the description from "Overhead Track Lighting 4?" to "Overhead Track Lighting 4"?
Do you have any invalid characters?
BI Publisher Reports End With Error When There Is An Ampersand Character ( & ) On The Xml Data File [ID 1081175.1]
Journal Entries Report Doesn'T Yield Output: Java Heap Error [ID 1115663.1]
Thanks,
Hussein

Calling a web service through SSL via a stand alone java class

HI,
I am trying to call a web service through SSL via a simple stand alone java client.
I have imported the SSL certificate in my keystore by using the keytool -import command.
Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
My xml file(Add.xml) that is posted looks like :
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
<SOAP-ENV:Body>
<namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
<auth>
<user>adminUser</user>
<password>adminPassword</password>
</auth>
<operationType>ADD</operationType>
<groupName>group1</groupName>
<users>
<userName>user1</userName>
</users>
</namesp1:modifyGroupOperation>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I call the client as:
java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
I my client, I have set the following:
System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
But when I try to execute the java client, I get the following error:
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: .....
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
[Raw read]: length = 5
[Raw read]: length = 58
main, READ: TLSv1 Handshake, length = 58
*** ServerHello, TLSv1
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 58
[Raw read]: length = 5
[Raw read]: length = 5530
main, READ: TLSv1 Handshake, length = 5530
*** Certificate chain
chain [0] = ...
chain [1] = ...
chain [2] = ...
chain [3] = ...
main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2E .......
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at PostXML.main(PostXML.java:111)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
alid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 23 more
I do not know where I have gone wrong. Could someone point out my mistake.
Thanks In advance!

Hi jazz123,
There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client.

Calling Data Services Web Services via Oracle Triggers?

Hi,
Has anyone called Data Services web service via an oracle trigger? If so i'm interested in your experiences with volume and perfromance.
Thanks
Richard

Hi,
Has anyone called Data Services web service via an oracle trigger? If so i'm interested in your experiences with volume and perfromance.
Thanks
Richard

Is it possible to call a web service via UWL XML configuration?

Hello
Is it possible to call a web service via UWL XML configuration?
If yes then an example would be great.
Roy

Hi Roy,
Yes, yes it is possible.
Yesterday only I came across the following document which will answer your questions:
http://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/library/uuid/20f4843e-314f-2a10-2a88-8c4afa20dda6?overridelayout=t…
~Ashvin

Invoke existing DotNet web services via B1IF soap call

Hi All,
I have developed my own B1IF web services and invoked them with dot net.
I now want to invoke existing hosted web services via B1IF (Not B1IF Web Services).
Can someone guide me using the Web Service Call (soap call).
Can I invoke any web service via B1IF scenarios (Web Service Call) ?
Kind Regards,
Brenden Draper

Hi Bastian,
I read about it for some reason I get the following error when loading the wsdl:
Can you maybe tell me why I get this ?
I can access the wsdl via my browser perfectly.
Kind Regards,
Brenden Draper

BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6

We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
<Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
tboundMessageContext.java:310)
at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
Truncated. see log file for complete stacktrace
This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
Thanks.
Matt
Edited by: user6946981 on Sep 17, 2009 7:58 AM

Are you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way.

Calling Web Service from CRM using proxy

Hi all,
I'm facing a problem trying to call a web service from CRM (WAS 620) via XI 3.0. The response that XI recieves from the web service contains SOAP Envelope, and the mapping fails because of it. I built the proxy manually, because if I load WSDL the proxy generation in CRM generates error that sais that external definition coudn't be used.
Is there any way to remove SOAP envelope from the response while mapping?
Is it possible to call web service from WAS 620?
Thanks!!!!
Anya.

Hi Manish,
SOAP adapter does pass the message to XI (this message contains SOAP envelope although XI expects to get message without it), and during the mapping step i get "Runtime Exception in Message-Mapping transformatio~".
I suppose it's because i created proxy manually. I did so because when i imported WSDL, and tried to generate proxy in CRM, i got an error message that said that proxy couldn't be generated because external definitions are only allowed in XI 3. But my XI version is 3.0! And when I generate the same proxy in my R/3 system that is installed on WAS 640, it works.
What can I do?
Cheers,
Anya.

Return NULL when invoke Web Service via UTL_DBWS

Hi all,
right now, i'm using UTL_DBWS to acces Web Service via database.. but when i'm trying to get data from WEB SERVICE, using utl_dbws.invoke , i got NULL value.
It happened if The result more than Varchar2 / 32767 byte.
i'have tried to change code by :
result := sys.utl_dbws.invoke(l_call, l_input_params);
P_clob := sys.anydata.accessCLOB(result);
The Output IS NULL value even if the data was less than Varchar2 or 32767 byte..
this is my script looks like ::
declare
service sys.utl_dbws.SERVICE;
l_call sys.utl_dbws.CALL;
result ANYDATA;
wsdl_url VARCHAR2(1024);
service_name VARCHAR2(200);
operation_name VARCHAR2(200);
input_params sys.utl_dbws.ANYDATA_LIST;
p_out VARCHAR2(32767);
p_xml XMLTYPE;
p_clob CLOB;
begin
wsdl_url := 'http://127.0.0.1/Exercise/WSDL2.php?wsdl';
service_name :='{urn:hellowsdl}hellwsdl';
operation_name := 'getData';
service := sys.UTL_DBWS.create_service (
wsdl_document_location => URIFACTORY.getURI(wsdl_url),
service_name => service_name);
l_call := sys.utl_dbws.create_call(
service_handle => service,
port_name => null,
operation_name => operation_name
input_params(1) := ANYDATA.ConvertVarchar2('DOCCODE');
result := sys.utl_dbws.invoke(l_call, l_input_params);
p_out := sys.anydata.accessVarchar2(result);
sys.UTL_DBWS.release_call (call_handle => l_call);
sys.UTL_DBWS.release_service (service_handle => service);
end;
Thanx for Any Help

The basics are simple:
- format a valid SOAP envelope
- use UTL_HTTP to make the call
- process the response (typically XML output)
Sample source code in {message:id=4205205}.

Web Service over SSL failing in BEA Workshop

I have deployed a web service on weblogic 9.2
I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
IWAB0135E An unexpected error has occurred.
IOException
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
on server:
<Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
of course non-secure url for the web service is working fine in every case.
what can be the reason for this failing only in 'web services explorer' in bea workshop?
cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
thanks.

Hello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro.

Calling web service via SSL

Similar Messages

Maybe you are looking for