How to encrypt Payload in Composite BPEL 11g

Similar Messages

• How to encrypt payload in BPEL 11g,Specific Fileds.

  How to encrypt payload in BPEL 11g,Specific Fileds.

  By adding a wsm policy to the service and encrypt parts of the payload?
  http://download.oracle.com/docs/cd/E12839_01/integration.1111/e10224/sca_policy.htm#CHDHAJIH

• How to call the WS in BPEL 11g

  Hi,
  I have a WS externally provided, which need the following soap header...
  <soap:Header><fmw-context xmlns="http://xmlns.oracle.com/fmw/context/1.0"/><wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken>
  <wsse:Username>MASKED</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">MASKED</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security></soap:Header>
  Please let me know how do i call the WS in BPEL 11g.
  Please let me know the entire solution, kind of urgent...
  Thanks,
  Rosh

  Hi All,
  got the solution.
  Its working...
  http://soa-howto.blogspot.com/2008/09/how-to-set-security-credentials.html
  Thanks,
  Rosh

• How to Use Oracle Coherence in BPEL 11g

  i have a scenario to cache the results some where, so that i can make use of the same for the same request.
  I hope this can be done using Oracle Coherence. Could you please let me know how can i use this coherence for cacheing in BPEL 11g (in my bpel process)
  thanks for the help in advance.

  Hi.
  U can use the Coherence API within a Spring bean.
  Take a look at this https://blogs.oracle.com/jaylee/entry/accessing_coherence_cluster_using_spring
  That's one way to do it.
  best

• How to enable logging in oracle bpel 11g

  Hi,
  My requirement is see log files in bpel which shows complete transaction which I generally view from em console opening a instance everytime.
  You can take an example of OSB 11g where we have a log action and we can log any request by giving variables like $body, header etc.
  Everytime going to em console and opening instance is quite hectic . So my question is as under :
  1. Is any kind of log activity available in bpel 11g by which I can log my messages going through ?
  Thanks & Regards,
  Neeraj Agrawal

  You could use Sensors to log certain information. See Swim The Fusion: Sensors in SOA 11g for Details.

• OWSM: How to encrypt payload and SOAP header?

  Hi,
  Anybody know how I can encrypt the payload and the SOAP header via OWSM? I can only find references on how to do it using SSL. The reason for using OWSM/WS-Security was to move away from using transport based encryption (SSL).
  Regards Pete

  http://download.oracle.com/docs/cd/E10291_01/doc.1013/e10299/policy_steps.htm#sthref612
  if you look at the topic :XML Encrypt
  you will see you can encrypt every part of the xml
  Encrypted Content
  Part of the SOAP envelope to be encrypted. Valid values are: BODY, HEADERS, ENVELOPE, and XPATH. The default is BODY.

• How to create templates for composites in 11g

  Hi
  In SOA Suite 10g we had an option as mark as template with which we can mark the bpel as template and use it do develop other Projects.In SOA Suite 11g i want the same functionality so that common piece of code can be used across different composites like error handling and i don't need to create these things in other composites again.My starting template has those things.Can someone help me with this.
  Thanks
  Edited by: Nitin on Aug 14, 2012 7:53 PM

  To learn about templates, see http://developers.sun.com/prodtech/javatools/jscreator/learning/tutorials/2/project-templates.html
  Another solution is page fragments: See http://developers.sun.com/prodtech/javatools/jscreator/learning/tutorials/2/pagefragments.html

• 11g - Encrypt Payload shown in Audit Trail

  How to encrypt payload that's shown in Audit Trail of Composite in 11g ? I want to encrypt information like SSN, that's coming as input to my composite service, so that its protected from support teams monitoring the logs and audit trail through EM console.
  Is it possible to do this for whole composite or atleast within BPEL ?

  Eric,
  Is it possible to make the payload invisible or encrypted inside an 11g BPEL process? The policies will allow to encrypt the payload while sending to external services.
  What if I have a simple BPEL process that uses simple Assign activity and I want to encrypt the payload so that Admin might not be able to comprehend it in the Audit Trail.
  Audit level if set to Production can be changed by the Admin and hence is not a foolproof mechanism.
  Regards,
  Neeraj Sehgal

• How to delete the deployed composite in weblogic server 11g

  Can someone tell me how to delete the deployed composite in weblogic server 11g ?I'm facing an issue where the weblogic server is getting started and immediately after sometime the server changes to "Force shutdown"..When i checked the logs,there is an error in one of the composite i deployed..So now i wanted to delete the deployed composite?Please help ....
  Thanks

  Hi
  1. Deleting a domain will not hold any references. But make sure that under your user_projects/applications also remove the folder that matches with your domain. Basically under user_projects folder you will see 2 folders named applications and domains. When you create a domain say mySoaDomain, it will crate a folder with the same name under applications folder also with few files like em.ear. If you do this, then you can crate a new soa domain and use the same old name.
  2. NOW comes the most important thing. If you create a new SOADomain, at one point, you had to give details for soainfra and mds schemas. If you give your current existing db details (that was used for your old deleted domain), then you may still have the issues. Because the soainfra db may still have the instances for your old process.
  3. If you really want to have a full clean soa domain, here is what you do:
  a) Run rcu and drop the existing schemas for soainfra and mds.
  b) Run rcu again and create above schemas again.
  c) Now create SOADomain using config wizard and refer above clean rcu db and you are all set.
  3. Under your domain root folder, just searh for files named with your workflow and you should see the .jar location.
  Thanks
  Ravi Jegga

• [Urget Help] [BPEL 11g] How to use Database 11g as Identity Service source?

  Dear all,
  My customer is using BPEL 11g for current project. They have a legacy user database (Oracle DB 11g) which store all accounts info.
  Now we want to connect BPEL with this database as identity service and pick up the users and groups as approver. I saw following graph from below link, but I don't know how to implement it. It seems a huge change in BPEL 11g.
  Can you give me an idea on it? Any suggestions are welcome.
  http://download.oracle.com/docs/cd/E12839_01/integration.1111/e10224/bp_workflow.htm#BABEIHDD
  Thanks in advance.

  repost

• How to update the payload of a BPEL process instance

  Hi I have another question.
  How do I update the payload of a BPEL process instance without the activity being a Human Task. I know there are ton's of example showing how to update the payload of a user task using BPEL API's. But in my case I need to update the payload of a BPEL process instance which has no human task.

  Thanks
  For confirming that the payload in the BPEL process instance is read-only. Now I can see what alternatives I come up with besides the DB save option.
  Guys if you can take the time to answer/comment on another question I have posted in this forum that will be great
  here is the link
  Multi step Human Task
  Regards,
  Jayesh Nazre
  MCSD, MCSE, SCJP, PMP

• How delimited by header and footer from Source file in BPEL 11g

  Hi Friends,
  I have source data below like This..
  SOFTWARE COMPONENTS:
  BPEL 11G,
  J DEVELOPER(11.1.1.3)
  FILE READ ADAPTER
  WEB LOGIC EM SERVER(10.3.3.0)
  1|10005|857896|BR |0000 |6544|kantro|54635
  1|10265|69875|.36544|2456112|00000|000000|00000|SE|5456|466554|789745|54.325|KVM|56476.32
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55566|4454544|45669
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55566|4454544|45664
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55776|4454544|45660
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55566|4454544|85668
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55566|4454544|45666
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|85876|4454544|45666
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|55566|4454544|69848
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|69566|4454544|45666
  1|10235|JA|5456|4565|56|656|5855|5555|55445|5444|D|45457|0000|KIL|6555|78966|4454544|85669
  1|10255|km|5653|RJ |00000|5557544|13-08-1998
  But i need to Delimited and insert the data into table ..Here Header data insert into saperate table and
  middlle of the data insert into main table and footer data insert in another table it all happen one attempt by using file read Adapter(11.1.1.1.3)

  You have a header parameter in the file datastore. You can provide any number to skip rows from top of the file. For footer you can create a filter in staging area.
  Filter coould be something like this.
  where source_alias.source_column not like '%FOOTER_OR_ANY_VALUE_AS_PER_YOUR_REQ'

• Message protection (Encryption) through OWSM in BPEL process 11g

  What is my requirements ?_
  I want to encrypt the messages in BPEl process using OWSM message protection policies
  What is the configuration i am using ?_
  Weblogic Server 10.3.3
  Soa Server 11.1.1.3.0
  Oracle JDeveloper 11.1.1.3.0
  What I have done so far ?_
  (1) Created one Sync BPEl process (CalledAddition) which take two input and add them and give the output
  (2) Created one more Sync BPEL process (CallerProcess) which takes two input and call the above created bpel process
  (CalledAddition) and get the response back as addition of two number.
  Now I want to Add OWSM Message protection policy to Encrypt the message in Main BPEl process(CallerProcess) and the called service (CalledAddition) decrypt the message upon invocation. It is a very simple scenario.
  For this purpose I have done the following OWSM Policy Configuration:
  (1) Created a java keystore as follows
  keytool -genkey -keyalg RSA -keystore test_keystore.jks -storepass welcome1 -alias client_key -keypass welcome1 -dname "CN=Client, OU=WEB AGE, C=US" -keysize 1024 -validity 1460
  (2) Copy the keystore (test_keystore.jks) to location domain/config/fmwconfig.
  (3) Go to EM console/WeblogicDomain/Security/Credential and delete the map oracle.wsm.security and then again created it, with no key inside.
  (4) Go to EM console/WeblogicDomain/Security/SecurityProviderConfiguration and configure the above created keystore as follows:
  (i) Keystore Type=JKS, Keystore Path=./test_keystore.jks, password=welcome1, confirmPassword=welcome1
  (ii) Signature Key:
  Key Alias=client_key, Signature Password=welcome1, confirmPassword=welcome1
  (iii)Encryption Key:
  Crypt Alias=client_key, Crypt Password=welcome1, confirmPassword=welcome1
  (5) Now restart the server (both Weblogic and SOA server)
  (6) Now again go to EM console/WeblogicDomain/Security/Credential and open expand the oracle.wsm.security map, Automatically
  the following keys are made inside it:
  (i) sign-csf-key
  (ii) enc-csf-key
  (iii) keystore-csf-key
  Created one more key inside it explicitly:
  (iv) basic.credentials with username=weblogic and password=welcome1
  (7) Go to EM console/WeblogicDomain/WebServices/Policy and cretaed the following policies:
  oracle/wss11_message_protection_service_policy:
  (i) select policy oracle/wss11_message_protection_service_policy from list and click on create like button. This will create a copy of the policy with different name.
  (ii) Give the new name as oracle/wss11_message_protection_service_policy_Copy ( which is by default)
  (iii) Local Optimization = off and enabled is checked
  (iv) Attachment Attributes …..
  Applies To=Service BIndings and Service Category=Service Clients
  (v) Assertions …..
  Select middle assertion MessageProtection and Advertised=checked and Enforced=checked
  (vi) Configuration....
  Add following Configure properties, if present already edit them as follows:
  (a) name=keystore.enc.csf.key, property set=standard-security-properites, value=enc-csf-key, Type=Optional
  (b) name=keystore.sig.csf.key, property set=standard-security-properites, value=sign-csf-key, Type=Optional
  (c) name=role, property set=standard-security-properites, Default=ultimateReceiver, Type=Optional
  (v) Setting.........
  Done the following setting
  - Message Security/include timestamp=unchecked
  - Message Signing Setting/Include entire body=unchecked (since we need only encryption, no signing of message)
  - Message Encrypt Setting/include entire body=checked
  (vi) Validate and save
  (vi) Thus a new policy is made in domain with name oracle/wss11_message_protection_service_policy_Copy
  Simmilarly create oracle/wss11_message_protection_client_policy:
  (ii) Give the new name as oracle/wss11_message_protection_client_policy_Copy ( which is by default)
  (iv) Attachment Attributes …..
  Applies To=Service BIndings and Service Category=Service Endpoint
  (vi) Configuration....
  Add following Configure properties, if present already edit them as follows:
  (a) name=keystore.recipient.alias, property set=standard-security-properites, value=client_key, Type=Optional
  (b) name=role, property set=standard-security-properites, Default=ultimateReceiver, Type=Optional
  (vi) Thus a new policy is made in domain with name oracle/wss11_message_protection_client_policy_Copy
  Rest of the steps(i,iii and v) are same as described above in case of service policy
  After creating the policies in domain attach them to the bpel process as follows:
  (1) Go to SOA project (CallerProcess) in EM console.
  (2) Click on policy tab
  (3) First attach the client policy (oracle/wss11_message_protection_client_policy_Copy) to the endpoint of the process CallerProcess.
  (4) Then attach the service policy (oracle/wss11_message_protection_serivce_policy_Copy) to the reference in CallerProcess which is calling CalledAddition.
  (5) Now test the process (CallerProcess)
  pass input say 10 and 20 in input
  Upon testing it give the following error_
  Web Service invocation Failed:
  oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: InvalidSecurity : error in processing the WS-Security security header
  I have made all thing clear. I have gone through several documents but unable to find the solution. If anyone please help me in this case.
  Thanks

  I have followed same steps and getting same errror.
  User 868153, were you able to resolve this issue.
  Appreciate your help.
  Thanks

• Set dynamic authentication credentials to Partner link - BPEL 11g PS1

  Hi,
  I am working on BPEL SOA 11g PS1. I need to know how i can dynamically set the Authentication details (Username and password) as well as Timeout while invoking a web service reference.
  I have been successful in setting these values using properties of the partner-link which is static.But actually as per my use-case, i need to read these information dynamically from a repository say Database/DVM and set these value while invoking.
  Regards
  Sesha

  Hi Sridhar
  Below is the composite.xml snippet which works for me as static mapping. I have added "wss_username_token_client_policy" to the reference interface.
  <reference name="getNameService" ui:wsdlLocation="getNameService.wsdl">
  <interface.wsdl interface="http://www.amazon.com/css/mmbi/getNameService/#wsdl.interface(getNameServiceSoapPort)"/>
  <binding.ws port="http://www.amazon.com/css/mmbi/getNameService/#wsdl.endpoint(getNameService/getNameServiceSoapPort)"
  location="getNameService.wsdl" soapVersion="1.1">
  *<wsp:PolicyReference URI="oracle/wss_username_token_client_policy"*
  orawsp:category="security" orawsp:status="enable"/>
  <property name="weblogic.wsee.wsat.transaction.flowOption"
  type="xs:string" many="false">WSDLDriven</property>
  *<property name="oracle.webservices.auth.username" type="xs:string"*
  many="false" override="may">username11</property>
  *<property name="oracle.webservices.auth.password" type="xs:string"*
  many="false" override="may">password11</property>
  *<property name="oracle.webservices.httpReadTimeout" type="xs:string"*
  many="false" override="may">30000</property>
  <property name="oracle.soa.ws.outbound.omitWSA" type="xs:string"
  many="false" override="may">true</property>
  </binding.ws>
  </reference>
  Here you can find property value for oracle.webservices.auth.username,oracle.webservices.auth.password & oracle.webservices.httpReadTimeout are static , What i want to make here is to read these from a bpel variable in runtime.
  OR
  Is there any means i can do this same basic authentication in BPEL 11g which would support dynamic credentials.
  Thanks
  Sesha

• PGP Encryption support in SOA Suite 11g

  Hi,
  Looking for PGP encryption support in SOA Suite 11g as we have a requirement to encrypt the file using PGP encryption and send over SFTP.
  I already went through some of the forums posts but they are date back to 2007, so just wanted to confirm if there is anything in recent releases of SOA Suite.
  - FTP adapter support or
  - OWSM suppport.
  As far as i know, we have to install some PGP tool and write a script to encrypt/decrypt and call the script from BPEL. this conclusion is based on a stmt given in the OWSM 10g book by sitaraman.
  Please provide your insights on this.
  Thanks
  Siva

  Hi Siva,
  I don't think still there is any support for PGP in Oracle SOA. You may use java for PGP encryption/decryption and transfer externally encoded messages over SFTP.
  Please refer -
  Re: PGP Encryption/Decryption
  PGP Encryption in B2B
  Regards,
  Anuj