Consuming Web Service using WS-Security: USERNAME Token
Hi ABAP Experts,
we like to consume a self defined web service between to SAP systems (ECC6 701/006). Without any security settings the connection is successfully. But we like to setup a message security like USERNAME Token.
The wss profiles are already created by using TX: WSSPROFILE. Therefore we used the templates "SET_USERNAME" and "CHECK_USERNAME". The service user "DELAY_L<sid>" has been generated as well. The problem is in SOAMANAGER we can't find the related configuration (For Provider and Consumer) to set the parameters "PROFILE In" and "Profile Out" like it was in the obsolete TX "LPCONFIG".
Can anybody help me to find out how to configure USERNAME Token using SOAMANAGER.
Thank you very much in advance.
Kind regards
Axel
Hi,
The following articles would be helpful:
.net call WS-Security enabled web service (created in java)
http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
WS-Security Protocol with .NET – A Overview
http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
An introduction to Web Service Security using WSE - Part I
http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
Best Regards
Dennis Guo
TechNet Community Support
Similar Messages
-
Flex/ActionScript3 support for web services using WS-Security
Does Flex/ActionScript3 have support for connecting to a web
service using WS-Security (Policy Creation). I've tried using the
Flex Data Service "Import WSDL" method and it does not allow me to
connect. Is there Flex/AS3 package that can handle creating the
Policy information for a web service that utilizies WS-Security?
Thanks,
Tomquote:
Does Flex/ActionScript3 have support for connecting to a web
service using WS-Security (Policy Creation).
Yes and no. The "Import WSDL" doesn't create AS3 classes that
allow header injection of the appropriate WS-Security elements.
I've managed to work around this using straight mx:webservice tags
and AS3. There is an open bug at
https://bugs.adobe.com/jira/browse/SDK-15398
that I voted on, the more the merrier.
http://www.jroller.com/wookets/entry/ws_security_in_flex
Has a useful class for creating the soap header elements for a
username token,
In general though, it's been a challenge to get the simplest
of WS-Security pieces working.
-Brett -
Consuming Web Services using UTL_DBWS
Hi,
I am trying to call a web service using UTL_DBWS package.
But I am getting this error:
ORA-29532: Java call terminated by uncaught Java exception: [failed to localize] No Deserializer found!
It is failing at this point:
l_result := sys.UTL_DBWS.invoke (
call_handle => l_call,
input_params => l_input_params);
Is this a problem with database or Web Service? How to resolve this?No awnsers???
I'm having the same problem here.... -
Access Java SOAP based web service using WS Security
Hi,
I need to call a Java based SOAP webservice which has message level security enabled with Binary Token.
I have connected to the service using SOAPUI and below is the sample header for the same. I need to achieve the same in my Windows form application from where I am calling the SOAP service over https.
I am not an expert in WS Security. Need some tips or sample code to achieve this.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://www.bombardier.com/aerospace/notification/V1.0"
xmlns:v11="http://www.bombardier.com/aerospace/effectivity/V1.0">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-76146B887E7568491C142289201149318">MIIKZTCCCE2gAwIBAgIKXdo6EQACAAXqazANBgkqhkiG9w0BAQUFADB3MRMwEQYKCZImiZPyLGQBGRYDbmV0MRowGAYKCZImiZPyLGQBGRYKYm9tYmFyZGllcjEUMBIGCgmSJomT8ixkARkWBGFlcm8xFDASBgoJkiaJk/IsZAEZFgRhZXJvMRgwFgYDVQQDEw9BZXJvLUlzc3VpbmctQ0EwHhcNMTUwMTIzMTkzMzIyWhcNMTcwMTIyMTkzMzIyWjCBvzELMAkGA1UEBhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzERMA8GA1UEBxMITW9udHJlYWwxGDAWBgNVBAoTD0JvbWJhcmRpZXIgSW5jLjESMBAGA1UECxMJQWVyb3NwYWNlMScwJQYDVQQDEx5jb2xsYWItZGV2LmFlcm8uYm9tYmFyZGllci5uZXQxNTAzBgkqhkiG9w0BCQEWJm10bF9pdF9vcHNfd2luZG93c0BhZXJvLmJvbWJhcmRpZXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlzvsKg9LVifnEtxq947BXIcMV14ivIOvBgcoTdH6cw44ZUErp8MCSVBZnzJCmaRl4Qb1zUBrIjJk0h5omQPbFTUcpE84oHfvlJzNLknCVirks94RAvqtQFl0RgCl6EKiT3yNNncSI1OjPlL1wmebtghTyyRH3mqixWn2L43AF114nH/uIm5zozxCCIqW4biwx7PaHbuT6Kj3UzmarTXoGCDE8mbwUfCaQowaNWSCphU9BIqXUE2sW0FzNQnyjg0Z64FvSI07fJXCxb9URw61uQ3M5HCj8OqR5yQsiDuAnmw1AIccaoEBZu5yIhcY0xMVoNOKo3901xVEExBjbFJSwIDAQABo4IFqDCCBaQwCwYDVR0PBAQDAgWgMIICCwYDVR0RBIICAjCCAf6CHmNvbGxhYi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIkY3Jhd2wtY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0giJhZG0tY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0gh5teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCImFkbS1teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCJGNyYXdsLW15c2l0ZS1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiYWRtLWVudHNydi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDEuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDIuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDMuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIlc2VhcmNoZmFzdC1kZXYuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIpc2VhcmNoZmFzdC1hZG0tZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXSCI210bHdhc21zcDYwMS5jYS5hZXJvLmJvbWJhcmRpZXIubmV0giFjbWlzc3AtZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXQwHQYDVR0OBBYEFDa9eetNyQfJSvGWMqLM6PUY5Pe/MB8GA1UdIwQYMBaAFPcL/75Iad8EnXpbXm/8o/81NQHJMIIBYgYDVR0fBIIBWTCCAVUwggFRoIIBTaCCAUmGgc1sZGFwOi8vL0NOPUFlcm8tSXNzdWluZy1DQSxDTj1NVExXSVBLSTAwMixDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZXJvLERDPWFlcm8sREM9Ym9tYmFyZGllcixEQz1uZXQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50hkNodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EuY3JshjJodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBLmNybDCCAW0GCCsGAQUFBwEBBIIBXzCCAVswgcEGCCsGAQUFBzAChoG0bGRhcDovLy9DTj1BZXJvLUlzc3VpbmctQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9YWVybyxEQz1hZXJvLERDPWJvbWJhcmRpZXIsREM9bmV0P2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MFIGCCsGAQUFBzAChkZodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EoMikuY3J0MEEGCCsGAQUFBzAChjVodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBKDIpLmNydDA9BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiFoPNlhYL3Xob1lTKCsPMIguTeGxOD/oINhsufMAIBZAIBDTATBgNVHSUEDDAKBggrBgEFBQcDATAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4ICAQCtFw4FKpzNr8gpnpHHJvgjUfe7FbXvzuf8qENJQA+5KJjD6rqeSGpDJcvSwiFblZobFswFb7OABrxfpvDnmDbBfvozHPhAWBnmISz0t2ydb7R/SY1cl8NihamCPrtVN/azVDVqvj1kHkrVRM18BGSFowqGixMFQr4rDgB75214FN69a85AnxV5O5ip+U9g/JdW2qRSGcfUd1np2QActllDimc+33rp/nXIaoXjRlXhkm+WxCt3Ca5OgwnVm3a4Ceiljj+1i5+8XV2zngv6eq4HlrBg0sFPaHWdjrIGcNyaWW0h0dPQUuv4Gm3zKDkQ3AQSC3cV5qCqmh6fCaCsI3us2kSJjHMZa+OSDLI7K01pDP85TieHeoONBo8mRKsOQ0e1FGXH2BkbXSN1DgfJ1IzddaBbSsnjR5gNrRMmZJnCXnluT8Gmwyv9EKjMit6yt0sWwrADd5ZIjYUnxnrkgfXpPY2kqK2gOl12IHjFK6d5vUsGTlIv9H3OmtCWVBHpR125C0CZvU987z3u9Gv4Jiuv/LpDuv1bNuqNHsQfSqSYsjEreGIP+DapzhMOefiv+kN4nLj3Owk4VdQm9+dxekwaS7HFwAQGOVik877mXxmjRhwxtZPW0ZrWs3fZ2z90Ppki4cGN/rtaLGz+WwicrPt1B34296kQkkIolWtiGjkpnQ==</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-76146B887E7568491C142289201149421" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soapenv v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-76146B887E7568491C14228915193694">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>3OlmMDNX7kDCNz4cRIZD+O/2xdA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>mfeQ+wTS5eMpaU7tmrAZeG9GBLegQFe35fuHRsDXBJfq1Kcd1jRwgpIR+iSIymXGzF3ToJZzCOnE
MdW+UWdi8WAQOqw6YopJg82Tb2RJpQJADAzxbbLD2hOn1GLdXuLxtV040UsiumGi9kaKk4BaD2gSdW9Q
EHwbrbQReo1bN8kNEJhFSWalhquPqD3WVK5+6A==</ds:SignatureValue>
<ds:KeyInfo Id="KI-76146B887E7568491C142289201149319">
<wsse:SecurityTokenReference wsu:Id="STR-76146B887E7568491C142289201149320">
<wsse:Reference URI="#X509-76146B887E7568491C142289201149318" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>Hi,
The following articles would be helpful:
.net call WS-Security enabled web service (created in java)
http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
WS-Security Protocol with .NET – A Overview
http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
An introduction to Web Service Security using WSE - Part I
http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
Best Regards
Dennis Guo
TechNet Community Support -
500 Error code while consuming web service using HTTPURLConnection
Hi,
I am getting an HTTP response code 500 and an IOException when I run a web service client to invoke a BMC Remedy web service (document based). I am using XML over HTTP to hit the web service as follows:
// For Remedy
soapAddress = "http://www.test-sislhelpdesk.siemens.co.in/arsys/services/ARService?server=bomw041a&webService=WebService_Test";
soapEnvelope = "<SOAP-ENV:Envelope xmlns:SOAP-ENV=\"http://schemas.xmlsoap.org/soap/envelope/\" xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" xmlns:xsd=\"http://www.w3.org/2001/XMLSchema\"><SOAP-ENV:Header><AuthenticationInfo><userName>webservice</userName><password>*******</password></AuthenticationInfo></SOAP-ENV:Header><SOAP-ENV:Body><Q1:OpGetList xmlns:Q1=\"urn:WebService_Test\"><Q1:Qualification></Q1:Qualification></Q1:OpGetList></SOAP-ENV:Body></SOAP-ENV:Envelope>";
soapAction = "urn:WebService_Test/OpGetList";
URL url = new URL(soapAddress);
HttpURLConnection connection = (HttpURLConnection) url.openConnection();
System.out.println ("Connection got");
connection.setDoOutput(true);
connection.setRequestProperty("Content-Type","text/xml");
connection.setRequestProperty ("soapAction", "\"" + soapAction + "\"");
OutputStreamWriter outputStream = new OutputStreamWriter(connection.getOutputStream());
System.out.println ("outputstream got");
outputStream.write(soapEnvelope);
outputStream.flush();
BufferedReader reader = new BufferedReader(new InputStreamReader(connection.getInputStream()));
String line = null;
while ((line = reader.readLine()) != null)
writer.write(line);
writer.write("\n");
System.out.println (writer);
catch(Exception e){
e.printStackTrace();
I have created a .NET client proxy which seems to work well.
I am not able to figure out as to why this code is not working. May be something wrong with the SOAP message request I am sending? But I have created this SOAP request message from the log generated for a successful hit. Any help in this regard will be highly appreciated.
The web service is on the internet and hance is accessible to all :)
Regards
VaibhavTried "POST" request method, did not work.
Actually when i hit other web services (created by me) , the code works.
But when I hit a third party web service, it fails returning 500 error code.
How can I extract the SOAP message returned, if any and see thinggs for myself.
I guess there is something wrong with the request SOAP message which I am sending. -
Exposing and Consuming web service using NWDS
Hi all,
I want to expose and consume a webservice using NWDS.
My java application will interact with the SAP web service to create materials in r3.
I just want to know how to create a EJB project that contains the Web service and deploy on the SAP WAS.
and from the java application how would I access the same.
do I need to AXIS jar ?
How would get The WSDL corrosponding java files ?
I will be very thank ful if you can provide me with the some study materials also.
Warm regardsHi
Refer these links
https://www.sdn.sap.com/irj/scn/go/portal/prtroot/docs/media/uuid/60dbd7ac-4788-2910-539b-b3599c64be12
http://help.sap.com/saphelp_nw04s/helpdata/en/d6/f9bc3d52f39d33e10000000a11405a/frameset.htm
Regards
Abhishek -
Securing a 1.5 web service using J2EE security and JDev 11g
Hello,
I'm looking for a tutorial or similar that will help me create a secure (1.5 EE with annotations) web service. I'm interested in just the development view at this point - xml file mods, etc.
I did find a good resource on how to do this in 10.1:
http://www.oracle.com/technology/products/jdev/101/howtos/securews/index.html
and am wondering if it has been updated (even beta!) or in another form.
ThanksSteve,
The WSDLBaseURL property just prepends a string to the WSDL URL property so that you can abstract out the protocol, server and port values separately depending on the target system you wish to hit for the service call.
Regards,
Sam -
Web Services using MAC Dreamweaver
I have been asked to develop a web site UI that
needs to retrieve data from calls to web services developed by a
third party. Adobe provide a very useful tutorial on how to this
for Windows based development but as an 'artist' I use Dreamweaver
on a MAC OS X system and the tutorial does not seem relevent ?
So, anyone out there point me to how how consume web services
using Dreamweaver for the MAC ??? Any coding I have to do will
probably be in C#.Hi,
check these:
http://www.oracle.com/technology/obe/obe1013jdev/ws/wsandascontrol.htm
http://www.oracle.com/technology/obe/obe1013jdev/index.htm
http://www.oracle.com/technology/documentation/jdev.html
http://www.google.com
and old posts on the forum.
Regards,
Patrik -
Error running demo PL/SQL consuming web services
I downloaded and installed the code from:
http://technet.oracle.com/tech/webservices/htdocs/samples/dbwebservice/DBWebServices_PLSQL.html
on Oracle 9i version 2 (on both Windows and Solaris).
But I got the following error running the local time
demo:
ORA-29273: HTTP request failed
ORA-06512: at "SYS.UTL_HTTP", line 1022
ORA-12545: Connect failed because target host or object does not exist
ORA-06512: at "XN.DEMO_SOAP", line 72
ORA-06512: at "XN.TIME_SERVICE", line 13
ORA-06512: at line 2
The error occurs on this line:
http_req := utl_http.begin_request(url, 'POST','HTTP/1.0');
Can anybody tell me what I do wrong? Thanks a lot!
Also, is there any alternative ways to consume web services
using PL/SQL only? Many thanks!
Henry X.Mike,
Thanks so much for your help. I tried your code just now.
Same error:
ORA-30625: method dispatch on NULL SELF argument is disallowed
ORA-06512: at "XN.DEMO_SOAP", line 50
ORA-06512: at "XN.DEMO_SOAP", line 83
ORA-06512: at "XN.TIME_SERVICE", line 27
ORA-06512: at line 7
Let me post the code I am using. Note that
I removed the code for using proxy in time_service.
Henry
-- code for calling the time_service
DECLARE
ZIPCODE VARCHAR2(200);
v_Return VARCHAR2(200);
BEGIN
ZIPCODE := '94065';
v_Return := TIME_SERVICE.GET_LOCAL_TIME(ZIPCODE => ZIPCODE);
DBMS_OUTPUT.PUT_LINE('v_Return = ' || v_Return);
END;
-- code for the package demo_soap
CREATE OR REPLACE PACKAGE demo_soap AS
TYPE request IS RECORD (
method VARCHAR2(256),
namespace VARCHAR2(256),
body VARCHAR2(32767));
TYPE response IS RECORD (
doc xmltype);
FUNCTION new_request(method IN VARCHAR2,
namespace IN VARCHAR2)
RETURN request;
PROCEDURE add_parameter(req IN OUT NOCOPY request,
name IN VARCHAR2,
type IN VARCHAR2,
value IN VARCHAR2);
FUNCTION invoke(req IN OUT NOCOPY request,
url IN VARCHAR2,
action IN VARCHAR2) RETURN response;
FUNCTION get_return_value(resp IN OUT NOCOPY response,
name IN VARCHAR2,
namespace IN VARCHAR2) RETURN VARCHAR2;
END;
CREATE OR REPLACE PACKAGE BODY demo_soap AS
FUNCTION new_request(method IN VARCHAR2,
namespace IN VARCHAR2)
RETURN request AS
req request;
BEGIN
req.method := method;
req.namespace := namespace;
RETURN req;
END;
PROCEDURE add_parameter(req IN OUT NOCOPY request,
name IN VARCHAR2,
type IN VARCHAR2,
value IN VARCHAR2) AS
BEGIN
req.body := req.body ||
'<'||name||' xsi:type="'||type||'">'||value||'</'||name||'>';
END;
PROCEDURE generate_envelope(req IN OUT NOCOPY request,
env IN OUT NOCOPY VARCHAR2) AS
BEGIN
env := '<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/1999/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/1999/XMLSchema">
<SOAP-ENV:Body><'||req.method||' '||req.namespace||'
SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">'||
req.body||'</'||req.method||'></SOAP-ENV:Body></SOAP-ENV:Envelope>';
END;
PROCEDURE show_envelope(env IN VARCHAR2) AS
i pls_integer;
len pls_integer;
BEGIN
i := 1; len := length(env);
WHILE (i <= len) LOOP
dbms_output.put_line(substr(env, i, 60));
i := i + 60;
END LOOP;
END;
PROCEDURE check_fault(resp IN OUT NOCOPY response) AS
fault_node xmltype;
fault_code VARCHAR2(256);
fault_string VARCHAR2(32767);
BEGIN
fault_node := resp.doc.extract('/soap:Fault',
'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/');
IF (fault_node IS NOT NULL) THEN
fault_code := fault_node.extract('/soap:Fault/faultcode/child::text()',
'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/').getstringval();
fault_string := fault_node.extract('/soap:Fault/faultstring/child::text()',
'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/').getstringval();
raise_application_error(-20000, fault_code || ' - ' || fault_string);
END IF;
END;
FUNCTION invoke(req IN OUT NOCOPY request,
url IN VARCHAR2,
action IN VARCHAR2) RETURN response AS
env VARCHAR2(32767);
http_req utl_http.req;
http_resp utl_http.resp;
resp response;
BEGIN
generate_envelope(req, env);
-- show_envelope(env);
http_req := utl_http.begin_request(url, 'POST','HTTP/1.0');
utl_http.set_header(http_req, 'Content-Type', 'text/xml');
utl_http.set_header(http_req, 'Content-Length', length(env));
utl_http.set_header(http_req, 'SOAPAction', action);
utl_http.write_text(http_req, env);
http_resp := utl_http.get_response(http_req);
utl_http.read_text(http_resp, env);
utl_http.end_response(http_resp);
resp.doc := xmltype.createxml(env);
resp.doc := resp.doc.extract('/soap:Envelope/soap:Body/child::node()',
'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"');
-- show_envelope(resp.doc.getstringval());
check_fault(resp);
RETURN resp;
END;
FUNCTION get_return_value(resp IN OUT NOCOPY response,
name IN VARCHAR2,
namespace IN VARCHAR2) RETURN VARCHAR2 AS
BEGIN
RETURN resp.doc.extract('//'||name||'/child::text()',
namespace).getstringval();
END;
END;
-- code for the package time_service
CREATE OR REPLACE PACKAGE time_service AS
FUNCTION get_local_time(zipcode IN VARCHAR2) RETURN VARCHAR2;
END;
CREATE OR REPLACE PACKAGE BODY time_service AS
-- Location of Web service definition
-- http://www.alethea.net/webservices/LocalTime.asmx?WSDL
FUNCTION get_local_time(zipcode IN VARCHAR2) RETURN VARCHAR2 IS
req demo_soap.request;
resp demo_soap.response;
BEGIN
req := demo_soap.new_request('LocalTimeByZipCode',
'xmlns="http://www.alethea.net/webservices/"');
demo_soap.add_parameter(req, 'ZipCode', 'xsd:string', zipcode);
resp := demo_soap.invoke(req,
'http://www.alethea.net/webservices/LocalTime.asmx',
'http://www.alethea.net/webservices/LocalTimeByZipCode');
RETURN demo_soap.get_return_value(resp, 'LocalTimeByZipCodeResult',
'xmlns="http://www.alethea.net/webservices/"');
END;
END; -
Web Service Security Username Token Issue
Hi,
I am trying to implement WS-Security (Username Token) on web services deployed on Weblogic Server 8.1 (sp4). The deployment works fine but whenever I try to invoke the service using auto generated client stub (created using clientgen) or weblogic server console (service test page) , I get the following error:
<Nov 8, 2006 12:01:46 PM GMT+05:30> <Info> <WebService> <BEA-220024> <Handler weblogic.webservice.core.handler.WSSEClientHandler threw an exception from its handleRequest method. The exception was:
java.lang.AssertionError: Bad password type: wsse:PasswordText.>
Failed to create web service client:java.rmi.RemoteException: SOAP Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
Detail:
<detail>
<bea_fault:stacktrace xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0">java.lang.AssertionError: Bad password type: wsse:PasswordText
at weblogic.xml.security.wsse.v200207.UsernameTokenImpl.<init>(UsernameTokenImpl.java:64)
at weblogic.xml.security.wsse.v200207.SecurityElementFactoryImpl.createToken(SecurityElementFactoryImpl.java:59)
at weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandler.java:300)
at weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandler.java:100)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:143)
at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
at com.cts.sipservices.implementation.client.MrmPartyServiceImplementationPort_Stub.getParty(MrmPartyServiceImplementationPort_Stub.java:46)
at com.cts.sipservicesclient.client.SecureClient.<init>(SecureClient.java:76)
at com.cts.sipservicesclient.client.SecureClient.main(SecureClient.java:38)
</bea_fault:stacktrace>
</detail>; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Exception during processing: java.lang.AssertionError: Bad password type: wsse:PasswordText (see Fault Detail for stacktrace)
This is the ‘security’ tag of my ‘web-services.xml’:
<security>
<spec:SecuritySpec xmlns:spec="http://www.openuri.org/2002/11/wsse/spec"
Namespace="http://schemas.xmlsoap.org/ws/2002/07/secext"
Id="default-spec">
<spec:UsernameTokenSpec xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext"
PasswordType="wsse:PasswordText">
</spec:UsernameTokenSpec>
</spec:SecuritySpec>
</security>
ThanksApply these debug flags, to get some more debug information from WSSE server side processing following debug flags are helpful:
-Dweblogic.webservice.security.debug=true
-Dweblogic.webservice.security.verbose=true -
Web Service Security username token...
Hi All,
I am presently trying to build in security authentication into my web service using the username-token and the verify-username-token tokens.
My WS_stub.xml on the proxy side looks like the following:-
other tokens
<security>
<inbound/>
<outbound>
<username-token name="NAME" password="PASS" password-type="DIGEST" add-nonce="true" add-created="true"/>
</outbound>
</security>
other tokens
and my oracle-webservices.xml on hte web service side looks like the following:-
other tokens
<security>
<inbound>
<verify-username-token name="NAME" password="PASS" password-type="DIGEST"
require-nonce="true"
require-created="true"/>
</inbound>
<outbound/>
</security>
other tokens
I have set the javacache.xml for the embedded OC4J location as follows:-
</persistence>
<max-objects>1000</max-objects>
<max-size>48</max-size>
<clean-interval>60</clean-interval>
</cache-configuration>
When I run the web service followed by the proxy I get the following error at the proxy side.
javax.xml.rpc.soap.SOAPFaultException: Policy requires DIGEST passwords
at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
at com.airliquide.smartcyl.runtime.TrailerWSSoapHttp_Stub.addtrailerinfo(TrailerWSSoapHttp_Stub.java:76)
at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.addtrailerinfo(TrailerWSSoapHttpPortClient.java:60)
at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.main(TrailerWSSoapHttpPortClient.java:47)
Also it gives exceptions with repect to nonces such as "Policy requires nonce". Please could someone tell me how to setup an nonce in the xml files above and how to use nonce in web services?
Regards,
Lester.Hi All,
Presently I am trying to set the security for my web service and am receiving the following error when doing so at the proxy side:-
oracle.j2ee.ws.common.soap.fault.SOAP11FaultException: java.lang.NullPointerException
at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.createSoapFaultException(InterceptorChainImpl.java:338)
at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleException(InterceptorChainImpl.java:256)
at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleRequest(InterceptorChainImpl.java:128)
at oracle.j2ee.ws.common.mgmt.runtime.AbstractInterceptorPipeline.handleRequest(AbstractInterceptorPipeline.java:87)
at oracle.j2ee.ws.client.StubBase._preRequestSendingHook(StubBase.java:699)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:147)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
at com.airliquide.smartcyl.runtime.TrailerWSSoapHttp_Stub.addtrailerinfo(TrailerWSSoapHttp_Stub.java:76)
at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.addtrailerinfo(TrailerWSSoapHttpPortClient.java:62)
at com.airliquide.smartcyl.TrailerWSSoapHttpPortClient.main(TrailerWSSoapHttpPortClient.java:49)
Process exited with exit code 0.
My WS_Stub.xml file under runtime of the proxy project looks as follows:-
<?xml version="1.0" encoding="UTF-8"?>
<oracle-webservice-clients xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:noNamespaceSchemaLocation='http://xmlns.oracle.com/oracleas/schema/oracle-webservices-client-10_0.xsd'>
<webservice-client>
<service-qname namespaceURI="http://trailerinfo/" localpart="TrailerWS"/>
<port-info>
<wsdl-port namespaceURI="http://trailerinfo/" localpart="TrailerWSSoapHttpPort"/>
<runtime enabled="security">
<security>
<key-store name="mytestkeystore" store-pass="mytestkeystore" path="C:\Temp\mytestkeystore.jks"/>
<signature-key key-pass="sampwd" alias="sam"/>
<encryption-key key-pass="davepwd" alias="dave"/>
<inbound>
<verify-signature>
<signature-methods>
<signature-method>DSA-SHA1</signature-method>
<signature-method>RSA-MD5</signature-method>
<signature-method>RSA-SHA1</signature-method>
</signature-methods>
<tbs-elements>
<tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<verify-timestamp created="true" expiry="28800"/>
</verify-signature>
<decrypt>
<encryption-methods>
<encryption-method>AES-128</encryption-method>
<encryption-method>AES-256</encryption-method>
<encryption-method>3DES</encryption-method>
</encryption-methods>
<tbe-elements>
<tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
</tbe-elements>
</decrypt>
</inbound>
<outbound>
<username-token password-type="PLAINTEXT" add-nonce="false" add-created="true"/>
<signature>
<signature-method>RSA-SHA1</signature-method>
<tbs-elements>
<tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<add-timestamp created="true" expiry="28800"/>
</signature>
<encrypt>
<recipient-key alias="dave"/>
<encryption-method>3DES</encryption-method>
<keytransport-method>RSA-1_5</keytransport-method>
<tbe-elements>
<tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
</tbe-elements>
</encrypt>
</outbound>
</security>
</runtime>
<operations>
<operation name='addtrailerinfo'>
<runtime>
<security>
<inbound/>
<outbound>
<username-token password-type="PLAINTEXT" add-nonce="false" add-created="true"/>
<signature>
<signature-method>RSA-SHA1</signature-method>
<tbs-elements>
<tbs-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<add-timestamp created="true" expiry="28800"/>
</signature>
<encrypt>
<recipient-key alias="test"/>
<encryption-method>3DES</encryption-method>
<keytransport-method>RSA-1_5</keytransport-method>
<tbe-elements>
<tbe-element local-part="Body" name-space="http://schemas.xmlsoap.org/soap/envelope/" mode="CONTENT"/>
</tbe-elements>
</encrypt>
</outbound>
</security>
</runtime>
</operation>
</operations>
</port-info>
</webservice-client>
</oracle-webservice-clients>
My oracle-webservices.xml file looks like the following:-
<oracle-webservices xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/oracle-webservices-10_0.xsd">
<webservice-description name="TrailerWS">
<port-component name="TrailerWSSoapHttpPort">
<runtime enabled="security">
<security>
<key-store name="mytestkeystore" store-pass="mytestkeystore"
path="META-INF/mytestkeystore.jks"/>
<signature-key key-pass="sampwd" alias="sam"/>
<encryption-key key-pass="davepwd" alias="dave"/>
<inbound>
<verify-username-token password-type="PLAINTEXT"
require-nonce="false"
require-created="true"/>
<verify-signature>
<signature-methods>
<signature-method>DSA-SHA1</signature-method>
<signature-method>RSA-MD5</signature-method>
<signature-method>RSA-SHA1</signature-method>
</signature-methods>
<tbs-elements>
<tbs-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<verify-timestamp created="true" expiry="28800"/>
</verify-signature>
<decrypt>
<encryption-methods>
<encryption-method>AES-128</encryption-method>
<encryption-method>AES-256</encryption-method>
<encryption-method>3DES</encryption-method>
</encryption-methods>
<tbe-elements>
<tbe-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbe-elements>
</decrypt>
</inbound>
<outbound>
<signature>
<signature-method>RSA-SHA1</signature-method>
<tbs-elements>
<tbs-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<add-timestamp created="true" expiry="28800"/>
</signature>
<encrypt>
<recipient-key key-pass="" alias="dave"/>
<encryption-method>3DES</encryption-method>
<tbe-elements>
<tbe-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbe-elements>
</encrypt>
</outbound>
</security>
</runtime>
<operations>
<operation name="addtrailerinfo"
input="{http://trailerinfo/}addtrailerinfoElement">
<runtime>
<security>
<inbound>
<verify-username-token require-nonce="false"
require-created="true"
password-type="PLAINTEXT"/>
<verify-signature>
<signature-methods>
<signature-method>DSA-SHA1</signature-method>
<signature-method>RSA-MD5</signature-method>
<signature-method>RSA-SHA1</signature-method>
</signature-methods>
<tbs-elements>
<tbs-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"/>
</tbs-elements>
<verify-timestamp created="true" expiry="28800"/>
</verify-signature>
<decrypt>
<encryption-methods>
<encryption-method>AES-128</encryption-method>
<encryption-method>AES-256</encryption-method>
<encryption-method>3DES</encryption-method>
</encryption-methods>
<tbe-elements>
<tbe-element local-part="Body"
name-space="http://schemas.xmlsoap.org/soap/envelope/"
mode="CONTENT"/>
</tbe-elements>
</decrypt>
</inbound>
<outbound/>
</security>
</runtime>
</operation>
</operations>
</port-component>
</webservice-description>
</oracle-webservices>
I checked this exception out at hte following link
http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html#keystore
which lists hte instructions to secure a web service. The trouble shooting section lists this exception and says it might be due to a timestamp created flag being set to false. However I have made sure that both the client and service side xml files above have this set to true and are matching.
However I am still not able to eliminate this error. Please could someone help me out? This is urgent.
Regards,
Lester. -
Pros & Cons for consuming web services in ABAP using ABAP PROXY
Hi,
Other then performence is there any other disadvantages like security,etc for consuming web services in ABAP using ABAP proxy?
I really appreciate if some one provide the more details(Pros & Cons ) regarding cosuming web services and I also want to know is there any other way to consume web services in ABAP.
Thanks.<i> is there any other way to consume web services in ABAP</i>
you can use cl_http_client class to make your program to act as http client and post the soap message too webservice. This way you dont need to generate proxy, but you should know the soap message format.
Regards
Raja -
How to call a secure external Web Service using Oracle BPEL and OWSM
Hi,
i have to invoke an external secure Web Service using SOA Suite 10.1.3.1, but i don´t know how to do this. Do i use OWSM gateway or Agent? how to configure the gateway or agent to pass the required security to the external secure web service.
thanks in advance
DongAre you getting any errors? What type of XAI Class are you using?
One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
Hope this helps.
Regards,
Philip -
Can i use flex to consume web services?
I am not a Flex developer and before delving into it I want
to be sure that it satisfies my project requirements. Mainly,
consuming web services. the other part of the project are a bunch
of buttons and graphs that constitute any GUI. so I think Flex can
handle this part as good as Flash.
Currently, I am using flash but my current client insists on
using flex. so my question is: can I develop in Flex whatever I can
develop in flash? or are there limitations?If you are developing applications in Flash, then you will
love Flex. Flex will make you much more productive than Flash for
producing applications of any complexity. You can do at least
"most" of what you can do in Flash, and more. There might be a few
things you can do only in Flash, or more easily in Flex, but your
client has it right. They want Flex and they should want it. Check
out the FB3 help for the WebService, RemoteObject, and HTTPService
components. -
How to consume Web Service with Password digest from PLSQL
We have Oracle 10g (10.2.0.3.0) 64 bit. We have a situation where we need to consume web service whose security header looks like as follow,
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-50">
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">d2enK45chjBPVvvukbYU6OX56kI=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">YAhEtLJfp4lzycLd3hZYjQ==</wsse:Nonce>
<wsu:Created>2013-01-22T06:28:38.897Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Here we need passowrd digest, Nonce and Timestamp.
How to create password digest from PLSQL? or if any other alternatives available please response soon.I do not see why it will not be possible to do digest authentication with a web server using PL/SQL.
As for the digest password - the web server supplies a token (a nonce) which you need to use for creating the hashed authentication token (the digest password). The URL I posted explains this authentication process.
As for the technical how-to in PL/SQL - as I mentioned, never had to do this (only dealt with Basic and NTLM authentication thus far). But as other auth methods (such as Microsoft's NTLM) can be implemented, I do not see why digest authentication could not.
Suggest you spend some time googling for technical articles/sample code on the subject - and try to find specific PL/SQL related sample code too.
Maybe you are looking for
-
Is adobe photoshop cs2 compatable with windows 8?
Is adobe photoshop CS2 compatable with windows 8?
-
How to trigger a pop-up on click of dial button on IC web UI - CRM 7.0
I want to enahcne the standard button 'Dial' that is displayed on Interaction center web UI. I am trying to show a custom popup with list of phone numbers of the BP for the sales agent to select from. I created the custom component to display the dat
-
My MacBook Pro stated that it needed to be updated. I clicked yes to restart the computer and update but when it restarted it stays on the gray screen with the apple logo and then pops up, stating "unable to find driver for this platform." What do I
-
How to find how many times a t code has been processed by a user
How to find how many times a t code has been processed by a user I am not able to get the exact number from the ST03 or STAD/STAT transaction. I am requiring the specific number that this T code has been processed completely this many no of times for
-
Hi, I need to install Flash Player after OS install. Please provide a link with exact procedure that will include silent install and no updates option. Thanks. "When you hit a wrong note it's the next note that makes it good or bad". Miles Davis