Custom Policy steps in OWSM

Similar Messages

• Extend OWSM with Custom Policy Step: MessageContext.setResponseMessage()?

  Hi,
  I intend to create a custom policy step for OWSM.
  In the execute method of my step (that extends AbstractStep) I want to set the Response Message using the setResponseMessage() method. According to the Extensibility Guide, this method should be passed a com.cfluent.ccore.message.SOAPMessage object as parameter.
  Basically, the code looks something like this:
  public IResult execute(IMessageContext messageContext) throws Fault {
  MessageContext msgCtxt = (MessageContext)messageContext;
  Result result = new Result();
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  result.setStatus(IResult.SUCCEEDED);
  return result;
  At compile time however, JDeveloper throws the following error:
  SOAPMessage not found in class nl.amis.soa.CustomStep
  and points to the line
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  Should I use AXIS SOAP objects (knowing OWSM is based on AXIS or uses it)? Or a MessageFactory? Or ... ?
  Any tips and preferably a code sample is much appreciated!
  Thanks, Sjoerd

  Hi Sjoerd ,
  Looks like documentation error. Are you importing the om.cfluent.ccore.message.SOAPMessage class? Try compiling without the import. I was able to compile your code with no issues. All I have is coresv-4.0.jar added to my jDev project.
  FYI MessageContext.get/setRequestMessage() really takes javax.xml.soap.SOAPMessage as parameter.
  Here is the code I can compile:
  package com.junk.wsm;
  import com.cfluent.pipelineengine.container.MessageContext;
  import com.cfluent.policysteps.sdk.AbstractStep;
  import com.cfluent.policysteps.sdk.IMessageContext;
  import com.cfluent.policysteps.sdk.IResult;
  import com.cfluent.policysteps.sdk.Result;
  public class junkStep extends AbstractStep {
  public junkStep() {
  public IResult execute(IMessageContext messageContext) {
  MessageContext msgCtxt = (MessageContext)messageContext;
  Result result = new Result();
  msgCtxt.setResponseMessage(msgCtxt.getRequestMessage());
  result.setStatus(IResult.SUCCEEDED);
  return result;
  Regards,
  Rajesh

• OWSM - Logging in Custom Policy Step

  I'm trying to implement a custom policy step for Oracle Web Service Management.
  For debugging purposes, I need to write a diagnostic log file (like gateway.log, policymanager.log, ccore.log...) with the behavior of my step. I have to use log4j library...
  Could you help me with OWSM log configuration?
  Thanks!

  I have been reading more about this issue but I have doubts yet...
  Now, I know that I must use the package "com.cfluent.ccore.util.logging" in my code. For example:
  ILogger logger = LogManager.getLogger(...);
  logger.log(Level.INFO, "..");
  In which owsm log file does this information appear?
  Thanks!

• OWSM Custom Policy Step: use of the setProcessingStage() method?

  Hello,
  When creating a Custom Policy Step for use in an OWSM pipeline the API provides the option to set the processing stage. Possible values are STAGE_PREREQUEST, STAGE_REQUEST, STAGE_RESPONSE and so on.
  Can anyone tell me the use of setting the processing stage. Would it allow me to literally take the message request to a different stagewhat, e.g. what should happen when in the Request Stage I set it to STAGE_RESPONSE?
  I have tried this and cannot see any effect.
  Thanks, Sjoerd

  Hi Vikas,
  Thanks for the reply.
  I suspect that the "fiddling with the Outgoing Transport Protocol that is between OWSM Gateway and actual service" as mentioned in my original post is probably the same as "creating a custom transport messenger between gateway and service" as mentioned by you.
  Any pointers to get me going, e.g. what interfaces te implement, classes to extend, how to register and manage with OWSM?
  Thanks and best regards,
  Sjoerd

• Custom Policy Step calling EJB

  Hi there,
  I'm a newby to OC4J and need some help in regards to some library issues. I've created an EJB using spring and deployed it to the oc4j container. Then I created an owsm custom policy step which retrieves the EJB bean using spring and retrieves the custom security header, which I then add to the current SOAP header. I wasn't quite sure how to create the custom policy step jar as it contains my spring jar as well as my ejb jar, so I used maven to create the jar with all my dependent jars as well. Everything works great, as in, it retrieves the EJB calls the method on the EJB which will retrieve a value from LDAP and then uses that value to query our data store and then return the object, but when it returns the object it throws the following exception:
  java.lang.LinkageError: Class com/cochlear/erpsecurity/domain/ErpSoapHeader violates loader constraints
  Which is due to the fact that I have the ErpSoapHeader in my custom policy step jar as well as my ejb jar. When I don't include the ejb jar in my custom policy step jar however then it give a class not found exception when trying to load the ejb with spring. Then I tried something dodgy and added the ejb jar to my server.xml in oracle.wsm.gateway shared library, but this caused the linkage error as well.
  Any help on how I can resolve this library issue will be great appreciated.
  Thanks so much,
  Ida

  Here's an example on how to add a custom SOAP header to the request message inside a custom step.
  public IResult execute(IMessageContext messageContext) throws Fault {
  MessageContext msgCtxt = (MessageContext) messageContext;
  SOAPEnvelope senv = msgCtxt.getRequest().getAxisMessage().getSOAPEnvelope();
  ((org.apache.axis.message.SOAPEnvelope)senv).setDirty(true);
  Name header = factory.createName("CustomHeader", "http://foo.com/custom/header");
  SOAPHeaderElement headerElement = senv.getHeader().addHeaderElement(header);
  headerElement.addTextNode("My custom header data");
  OWSM uses AXIS implementation internally to represent the SOAP message.
  Cheers,
  Vikas Jain

• Custom Policy Step and the WS-Security header attibute "mustUnderstand"

  Hi there,
  I have some issues testing the custom policy step that comes with OWSM (CustomAuthenticationStep), which i describe next.
  I manage to compile/deploy the custom step successfully. I also restart the server and add the brand new step into the request pipeline. The pipeline only has two steps, a log step and a custom authentication step.
  I develop a client for the gateway service which use the "Username to Authenticate" option of the Proxy Security. The other options (inbound/outbound integrity/encryption) are all unchecked.
  When I test the client, the following SOAP message is produced:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:ns0="http://agesic.entidad/types/"
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <env:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  env:mustUnderstand="1">
  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:Username>test</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </env:Header>
  <env:Body>
  <ns0:reverseElement>
  <ns0:aString>Holas!</ns0:aString>
  </ns0:reverseElement>
  </env:Body>
  </env:Envelope>
  Which looks just fine. However I get the following exception:
  javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
       at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:568)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
       at agesic.cliente.gateway.proxy.runtime.EchoReverseSoapHttp_Stub.reverse(EchoReverseSoapHttp_Stub.java:78)
       at agesic.cliente.gateway.proxy.EchoReverseSoapHttpPortClient.reverse(EchoReverseSoapHttpPortClient.java:44)
       at agesic.cliente.gateway.proxy.EchoReverseSoapHttpPortClient.main(EchoReverseSoapHttpPortClient.java:33)
  If i look at the log produced by the custom step, it looks like the step was successfully passed.
  ********** Entering Custom Authentication execute method **********
  Processing stage is Request
  Request SOAP message is <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="h
  ttp://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-ins
  tance" xmlns:ns0="http://agesic.entidad/types/" xmlns:wsu="http://docs.oasis-ope
  n.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><env:Header><wsse
  :Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004
  /01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.or
  g/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://sche
  mas.xmlsoap.org/soap/envelope/"><wsse:UsernameToken xmlns:wsse="http://docs.oasi
  s-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http:/
  /docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ws
  se:Username>test</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/
  wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">test</wsse
  :Password></wsse:UsernameToken></wsse:Security></env:Header><env:Body><ns0:rever
  seElement><ns0:aString>Holas!</ns0:aString></ns0:reverseElement></env:Body></env
  :Envelope>
  User locale is English
  Client ip address is rhel4.tecinfo.com.uy:7777
  Verified user is test
  The problems is with the mustUnderstand attribute. It looks like no step tells the OWSM that he understands the header, so the OWSM pass through the pipeline and when it ends it thinks that that header was not processed properly.
  I try to find documentation on this issue but I didn't find any.
  Any ideas? Is there any way to specify that the step actually understands the ws-security header?
  Thanks!
  Leo

  Ok. Thanks. The problem here is a little bit different. At the client side, we have the following:
  <?xml version="1.0" encoding="UTF-8"?>
  <oracle-webservice-clients xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance' xsi:noNamespaceSchemaLocation='http://xmlns.oracle.com/oracleas/schema/oracle-webservices-client-10_0.xsd'>
  <webservice-client>
  <service-qname namespaceURI="http://agesic.entidad/" localpart="EchoReverse"/>
  <port-info>
  <wsdl-port namespaceURI="http://agesic.entidad/" localpart="EchoReverseSoapHttpPort"/>
  <runtime enabled="security">
  <security>
  <inbound/>
  <outbound>
  <username-token password-type="PLAINTEXT" add-nonce="false" add-created="false"/>
  </outbound>
  </security>
  </runtime>
  <operations>
  <operation name='reverse'>
  </operation>
  </operations>
  </port-info>
  </webservice-client>
  </oracle-webservice-clients>
  The <outbound> here is requered in order to use the WSS UserName token profile. I try to remove the <inbound/> to check if it was a problem like yours, but we still have the same exception.
  The problem seems to be with the gateway at the server side.
  Intercepting the communication between the client and the server, we are getting the following response:
  <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:ns0="http://agesic.entidad/types/">
  <env:Body>
  <env:Fault>
  <faultcode>env:MustUnderstand</faultcode>
  <faultstring>SOAP must understand error:
  {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  We need a way to instruct the gateway that he actually understands the wss header.
  Any ideas?
  Thanks!
  Leo

• ** OWSM Custom Step: Accessing OWSM Monitor Metrics Programmatically ?? **

  Hi all,
  I have posted this in the SOA Forum with no response, so trying my luck here.
  I would like to programmatically access the OWSM monitor metrics, specifically the Service Statistics (Traffic Analysis and Latency Variance).
  Is there any way to programmatically query the current Stats for the service protected by OWSM policies?
  I would like create a custom policy step that interrogates the current OWSM Monitor status of the Service, and then actions it accordingly.
  I have looked in the Extensibility Guide, but documentation is not very clear.
  I have found classes in com.cfluent.coreman.sdk.* and com.cfluent.webui.uibeans.opcockpit.* which seem useful, but no documentation is available as these APIs do not appear to be published.
  Any help would be greatly appreciated.

  I've come across the following Beans which look like they provide the details I need:
  com.cfluent.webui.uibeans.opcockpit.ServiceLatencyBean;
  com.cfluent.webui.uibeans.opcockpit.MessageTrafficBean;
  Has anyone used these and tried to access data via these beans directly?

• Retrieve Client IP Address in a Oracle WebServices Manager Custom Policy

  Hi everybody,
  For some reasons i had to implement a custom policy in the OWSM, to restrict the access to webservices by Client IP Addresses. I´ve been following the examples for custom policies mentioned in the books: "Oracle Web Services Manager, Oracle Web Services Manager" by Sitaraman Lakshminarayanan, and the "Oracle® Web Services Manager Extensibility Guide 10g (10.1.3.3.0)" by Oracle. I followed the examples mentioned in those books to implement my Custom policy, the policy is successfully deployed to OWSM and it works, only by the issue that when i want to retrieve the Client Ip address it returns null, and following the example by the Oracle Guide, the HttpServletRequest its also returns null, im desperated because in every site that i finally find some info about it, quotes any of these 2 examples in those books, and mine doesnt work! this is the code of the custom policy, i´ve combined the 2 aproaches:
  package project1;
  import com.cfluent.ccore.util.logging.ILogger;
  import com.cfluent.ccore.util.logging.Level;
  import com.cfluent.ccore.util.logging.LogManager;
  import com.cfluent.pipelineengine.container.MessageContext;
  import com.cfluent.policysteps.sdk.AbstractStep;
  import com.cfluent.policysteps.sdk.Fault;
  import com.cfluent.policysteps.sdk.IMessageContext;
  import com.cfluent.policysteps.sdk.IResult;
  import com.cfluent.policysteps.sdk.InvocationStatus;
  import com.cfluent.policysteps.sdk.Result;
  import java.util.HashMap;
  import java.util.Iterator;
  import java.util.Vector;
  import javax.servlet.http.HttpServletRequest;
  public class CustomPolicy extends AbstractStep {
  private static String CLASSNAME = CustomPolicy.class.getName();
  private static ILogger LOGGER = LogManager.getLogger(CLASSNAME);
  private String allowedIpAddress = null;
  private String allowedRoleName = null;
  private String protectedServiceMethodName = null;
  public CustomPolicy() {
  public void init() throws IllegalStateException {
  // nothing to initialize
  public void destroy() {
  * This is the main method which will validate that the request is coming from
  * the correct IP Address and has permission to access the specified metod.
  public IResult execute(IMessageContext messageContext) throws Fault {
  LOGGER.entering(CLASSNAME, "execute");
  Result result = new Result();
  result.setStatus(IResult.FAILED); //initialize result
  String processingStage = messageContext.getProcessingStage();
  LOGGER.log(Level.INFO, "Processing stage is " + processingStage);
  HttpServletRequest httpServletRequest = (HttpServletRequest)
  messageContext.getProperty("javax.servlet.request");
  String remoteAddr = httpServletRequest.getHeader("Host");
  LOGGER.log(Level.SEVERE, "Dir IP:"+remoteAddr);
  String remoteHost = httpServletRequest.getRemoteHost();
  LOGGER.log(Level.INFO, "ADDR" + remoteAddr+ "HOST"+remoteHost);
  boolean isRequest =
  (IMessageContext.STAGE_REQUEST.equals(messageContext.getProcessingStage()) ||
  IMessageContext.STAGE_PREREQUEST.equals(messageContext.getProcessingStage()));
  //Execute the step Only when its a Request pipeline else return success
  if (!isRequest) {
  result.setStatus(IResult.SUCCEEDED);
  return result;
  MessageContext msgCtxt = (MessageContext)messageContext;
  String _MethodName = msgCtxt.getRequest().getMethodName();
  LOGGER.log(Level.INFO,
  "Writing Allowed IP Addr before creating SOAP header " +
  allowedIpAddress);
  LOGGER.log(Level.INFO,
  "Writing Remote IP Addr before creating SOAP header " +
  msgCtxt.getRemoteAddr());
  /*LOGGER.log(Level.INFO,
  "Writing Remote IP Addr before creating SOAP header " +
  remoteAddr);*/
  String cadTempo = allowedIpAddress;
  Vector vect = new Vector();
  for (int i = 0; i < allowedIpAddress.length(); i++) {
  if (cadTempo.indexOf(",") != -1) {
  //vect.add(cadTempo.substring(0, cadTempo.indexOf(",") - 1));
  vect.add(cadTempo.substring(0, cadTempo.indexOf(",")));
  cadTempo =
  cadTempo.substring(cadTempo.indexOf(",") + 1, cadTempo.length());
  LOGGER.log(Level.INFO,
  "AQUI111");
  } else {
  if (!cadTempo.equalsIgnoreCase("")) {
  vect.add(cadTempo);
  LOGGER.log(Level.INFO,
  "AQUI222");
  break;
  for(int i=0;i<vect.size();i++){
  String temp = (String)vect.get(i);
  if (temp.equals(msgCtxt.getRemoteAddr()) &&
  _MethodName.equals(protectedServiceMethodName)) {
  LOGGER.log(Level.INFO,
  "AQUI333");
  result.setStatus(IResult.SUCCEEDED);
  break;
  } else {
  msgCtxt.getInvocationStatus().setAuthorizationStatus(InvocationStatus.FAILED);
  LOGGER.log(Level.INFO,
  "AQUI444");
  /*if(allowedIpAddress!=null){
  result.setStatus(IResult.SUCCEEDED);
  /*if (allowedIpAddress.equals(msgCtxt.getRemoteAddr()) &&
  _MethodName.equals(protectedServiceMethodName)) {
  result.setStatus(IResult.SUCCEEDED);
  } else {
  msgCtxt.getInvocationStatus().setAuthorizationStatus(InvocationStatus.FAILED);
  // Set the result to SUCCESS
  //result.setStatus(IResult.SUCCEEDED);
  return result;
  public String getIpAddress() {
  return allowedIpAddress;
  public void setIpAddress(String IpAddress) {
  this.allowedIpAddress = IpAddress;
  LOGGER.log(Level.INFO, "IP Address is.. " + allowedIpAddress);
  public String getServiceMethodName() {
  return protectedServiceMethodName;
  public void setServiceMethodName(String serviceMethodName) {
  this.protectedServiceMethodName = serviceMethodName;
  public String getRoleName() {
  return allowedRoleName;
  public void setRoleName(String roleName) {
  this.allowedRoleName = roleName;
  And the xml:
  <csw:StepTemplate xmlns:csw="http://schemas.confluentsw.com/ws/2004/07/policy"
  name="Custom authenticate step" package="project1"
  timestamp="Oct 31, 2005 05:00:00 PM" version="1"
  id="0102030405">
  <csw:Description>Custom step that authenticates the user against the
  credentials entered here. This step requires Extract
  credentials to be present before it in the request pipeline.</csw:Description>
  <csw:Implementation>project1.CustomPolicy</csw:Implementation>
  <csw:PropertyDefinitions>
  <csw:PropertyDefinitionSet name="Basic Properties">
  <csw:PropertyDefinition name="Enabled" type="boolean">
  <csw:Description>If set to true, this step is enabled</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>true</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  </csw:PropertyDefinitionSet>
  <csw:PropertyDefinitionSet name="Custom Access Rules">
  <csw:PropertyDefinition name="IpAddress" type="string" isRequired="true">
  <csw:DisplayName>IpAddress</csw:DisplayName>
  <csw:Description>IP Address that is allowed access</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>192.168.0.1</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  <csw:PropertyDefinition name="ServiceMethodName" type="string"
  isRequired="true">
  <csw:DisplayName>ServiceMethodName</csw:DisplayName>
  <csw:Description>Service Method Name that is Protected (Secured)</csw:Description>
  <csw:DefaultValue>
  <csw:Absolute>getTime</csw:Absolute>
  </csw:DefaultValue>
  </csw:PropertyDefinition>
  </csw:PropertyDefinitionSet>
  </csw:PropertyDefinitions>
  </csw:StepTemplate>
  Please any tip or idea is welcome, thanks in advance for the help.
  Carlos.

  Hi again
  copied your code for testing. And it works fine.
  So both the code and policy-step definition is fine, log output below.
  What is your log output?
  Using soapui to send the request will give the ip of my localhost, using the test client will give the ip of the server, because that is the actual client.
  I guess the server ip is 192.168.0.1 in your case, as you are testing from test console.
  <b>anyway, results from SOAPUI:</b>
  2009-05-19 09:52:15,096 FINE [HTTPThreadGroup-4] CSWComponent - Executing policy step. Policy='SID0003004', Step Name='Custom Policy Step', Step Class='com.*.soa.wsm.CustomPolicy'
  2009-05-19 09:52:15,096 FINER [HTTPThreadGroup-4] wsm.CustomPolicy - com.*.soa.wsm.CustomPolicy execute:ENTERING
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Processing stage is Request
  2009-05-19 09:52:15,096 SEVERE [HTTPThreadGroup-4] wsm.CustomPolicy - Dir IP:hostname.domain:8890
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - ADDRhostname.domain:8890HOST10.47.89.116
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - MethodName=getHostNameElement
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Allowed IP Addr before creating SOAP header 10.47.89.116, 192.168.0.1
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Remote IP Addr before creating SOAP header 10.47.89.116
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI111
  2009-05-19 09:52:15,096 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI222
  2009-05-19 09:52:15,097 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI333
  2009-05-19 09:52:15,097 FINER [HTTPThreadGroup-4] agent.Agent - com.cfluent.agent.Agent intercept:ENTERING
  <b>But if I use the test client the remote IP would be 10.47.137.50 and execution fails, as code is written</b>
  <i>
  2009-05-19 09:54:12,266 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Allowed IP Addr before creating SOAP header 10.47.89.116, 192.168.0.1
  2009-05-19 09:54:12,266 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - Writing Remote IP Addr before creating SOAP header 10.47.137.50
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI111
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI222
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI444
  2009-05-19 09:54:12,267 INFO [HTTPThreadGroup-4] wsm.CustomPolicy - AQUI444
  2009-05-19 09:54:12,267 FINE [HTTPThreadGroup-4] CSWComponent - Step execution failed: Policy=[SID0003004] Pipeline=[Request] Step Name=[Custom Policy Step] Step Class=[com.tandberg.soa.wsm.CustomPolicy]
  2009-05-19 09:54:12,267 FINER [HTTPThreadGroup-4] common.PrepareForServiceStep - Step PrepareForServiceStep called
  </i>

• OWSM 11g: Custom policy implementation

  Hi all,
  I am unable to replicate the example as discussed in the section 14 of Security and Administrator’s Guide for Web Services 11g Release 1 (11.1.1) B32511-03, April 2010. I am applying the custom policy on a osb (11g r3) proxy service. Kindly take a look at the steps mentioned below & suggest suitably where i may be going wrong:
  1. Creation of the IpAssertionExecutor class which holds the implementation logic (same as Step 1)
  2. Creation of the policy-config.xml file (same as Step 2)
  3. oracle.logging-utils_11.1.1.jar was also added to compile the above class.
  4. IpAssertionExecutor Class & policy-config.xml were added as a jar file as mentioned in page no: 4 of the following link: http://www.scribd.com/doc/25941008/How-to-Create-OWSM-11g-Custom-Policy-Assertion (same as Step 4)
  5. Updation of classpath (same as Step 5)
  6. Creation of oracle/ip_assertion_policy file (same as Step 2)
  7. Importing the Custom Policy File (same as Step 6)
  8. Attaching the Custom Policy to a Web Service or Client (same as Step 7)
  For testing purpose, i used soapui and specified the bind address in the request properties. However, the policy is not working as desired.
  Additionally, i hardcoded the String ipAddr (ip address) in the IpAssertionExecutor class & redeployed the jar. But still couldn't get it working.
  I shall be obliged if someone can help me.
  Thanks in advance

  In the security tab for your OSB Service, ensure that you set the radio button for processing of ws header. Otherwise no policies appear to be called.

• OWSM customize policy step sign message

  Hi,
  is it possible to customize the OWSM policy step "sign message" ?
  - to set the attribute mustUnderstand of the element wsse:Security to 0 (default is 1)
  - to add the timestamp wsu:Expires to the security header (in addition to the wsu:Created timestamp)
  Bye,
  Markus

  Hi Vikas,
  Thanks for the reply.
  I suspect that the "fiddling with the Outgoing Transport Protocol that is between OWSM Gateway and actual service" as mentioned in my original post is probably the same as "creating a custom transport messenger between gateway and service" as mentioned by you.
  Any pointers to get me going, e.g. what interfaces te implement, classes to extend, how to register and manage with OWSM?
  Thanks and best regards,
  Sjoerd

• Owsm policy step verify certificate

  We try to use the OWSM for client authentication using "verify certificate". for what i understand of it i have to send along the public certificate with my request and that certificate should be in the trusted store. Can this store be the same store as the wallet the http server is already using.
  when i look for the details of the verify certificate step i see that there are a few prerequisites
  Prerequisite Steps      Verify Signature, Decrypt and Verify, or if the transport security uses SSL.
  i use a https://<server>/gateway/services/SID0003006?wsdl as endpoint from within the webserviceproxy and added the following before setting the endpoint in de proxy.
  System.setProperty("javax.net.ssl.keyStore", "/home/maqish/keystore");
  System.setProperty("javax.net.ssl.keyStoreType", "JKS");
  System.setProperty("javax.net.ssl.keyStorePassword", "changeit");
  System.setProperty("javax.net.ssl.trustStore", "/home/maqish/keystore");
  System.setProperty("javax.net.ssl.trustStoreType", "JKS");
  System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
  I have added the server certificate in my trusted keystore and the public key is send to the server to be added as a trusted certificate.
  using verify certificate it should be possible to verify that a request is from a trusted source. but this does not seem to work very well. or else there could be some other problem in my thoughts.
  anyone who tried the same? or has ever used the policy step verify certificate?

  i do use the soa suite and jdeveloper 10.1.3.3 i have created a webservice which i have deployed to the soa application server. using this webservice works using http and https
  when i use owsm to add this webservice as a service this also works. using http and https
  when i add the request policystep verify certificate i get the following error
  Failed to initialize pipeline 'Request' in policy 'repeater(0.1)

• Custom Policy Issue 10G

  Hi All,
  I have created a custom policy in OWSM 10g for WS-Header Insertion, that inserts user credentials(username/password) in UserToken of SOAP Headers.
  But I am getting following error while testing my web service on OWSM.
  SOAP-ENV:Envelope
  xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Body>
  <SOAP-ENV:Fault>
  <faultcode
  xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults"
  xmlns="">p:Client.PolicyInitializationFailure</faultcode>
  <faultstring
  xmlns="">Failed to initialize pipeline 'Request' in policy 'testCustom(1.0)'</faultstring>
  null</SOAP-ENV:Fault>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  Kindly help

  Hi All,
  Pls help

• Error while invoking webservice attached with custom policy

  I created a webservice in SOA 11g and attached a custom policy which is doing encryption(message protection) to its exposed service endpoint .This web service runs fine if i run it independently. Then i created a simple SOA process and call this web service.Then i am getting Fabric Invocation Exception.Can anyone tell me what can be the problem?

  I want to do the encyrpton only in secured webservice. I just want to invoke that web service from another process. In this case which policy can i attach in the reference of the SOA process which is calling secured web service?

• Error during Custom Build - error PRJ0019: A tool returned an error code from "Performing Custom Build Step"

  Hi All,
  I was trying to develop C++ web service using GShop with Visual Studio 2005.I refered a tutorial :-
  http://guruce.com/blogpost/hosting-webservices-on-windows-embedded-compact-windows-ce-using-gsoap .
  AS per the tutorial i proceeded. But, i stuck-up when making a custom build with Helloworld.wsdl.Here is the output :
  1>------ Rebuild All started: Project: HelloWorldWebService, Configuration: Debug Pocket PC 2003 (ARMV4) ------
  1>Deleting intermediate and output files for project 'HelloWorldWebService', configuration 'Debug|Pocket PC 2003 (ARMV4)'
  1>Performing Custom Build Step
  1>'D:\Test' is not recognized as an internal or external command,
  1>operable program or batch file.
  1>Project : error PRJ0019: A tool returned an error code from "Performing Custom Build Step"
  1>Build log was saved at "file://d:\Test Code\HelloWorldWebService\HelloWorldWebService\Pocket PC 2003 (ARMV4)\Debug\BuildLog.htm"
  1>HelloWorldWebService - 1 error(s), 0 warning(s)
  ========== Rebuild All: 0 succeeded, 1 failed, 0 skipped ==========
  As given in the tutorial i kept my custom build command line as : -
  $(SolutionDir)\gsoap-2.8\gsoap\bin\win32\wsdl2h.exe -s $(InputPath) -o $(ProjectDir)$(InputName).h
  and outpouts : $(InputName).h
  I kept GSHOP in the project filder :- D:\Test Code\HelloWorldWebService
  Kindly help.
  Jyotiranjan

  Hi Jyotiranjan,
  I’m glad to hear that you got it working.
  Thank you for sharing your solutions
  experience here. It will be very beneficial for other community members who
  have similar questions.
  Best regards,
  Lucy
  Lucy Liu [MSFT]
  MSDN Community Support | Feedback to us
  Get or Request Code Sample from Microsoft
  Please remember to mark the replies as answers if they help and unmark them if they provide no help.

• "Performing Custom Build Step"-Reg.

  Dear All,
  I am the new person in Plug-In creation, now i start the "Basic-Dialog" program and compile in VC++ software, but they shows the below error:
  'odfrc' is not recognized as an internal or external command,
  operable program or batch file.
  Project : error PRJ0019: A tool returned an error code from "Performing Custom Build Step"
  So please any one can help me!....
  Regards
  T.R.Harihara SudhaN

  Dear Charles Anderson
  Many Thanks for the informations and useful guide,
  and please help me!
  I added the below as you told paths:
  "Tools | Options. Go to Projects, then VC++ Directories. In the "Show Directories for" dropdown list, select "Executable Files". Add the directory containing odfrc"...
  First I clarify to you... I am using the MicroSoft Visual Studio. NET 2003, using the VC++ compiler...
  I am adding the ODFRC file in the executable files, But same error shown in the Output Window. So please give me the solutions.
  I am waiting for your solutions.
  Thanks & Regards
  T.R.Harihara SudhaN