How to establish WS Security for BPEL processes running on Web Logic

Similar Messages

• Inbound security for BPEL processes

  Hello,
  I am trying to enable Inbound security for BPEL processes. i made changes to message-handlers.xml as specified in the document.
  However when i sent a test message using AXIS API, i am getting the below error.
  Error while invoking inbound message handler.
  An error has occurred while attempting to invoke the inbound message handler class "class com.collaxa.cube.security.Authenticator" for the message "". The exception reported was: Could not apply security [No username provided, security expects user]
  I am using one of User Ids specified in system-jazn-data.xml and I can see that input soap message has a usernametoken . Any Inputs please?
  Thanks

  If you want to use the BPEL tool you can simulate some load using the initiate option. There is a checkbox where you can specify the load you want to perform.
  Otherwise you need to use products such as Mercury (now HP) Load Runner. This is an expensive option but gives you very good output. The other option is to develop your own scripts to test the performance.
  cheers
  James

• Implementing Security for BPEL Process

  Hi,
  We have a requirement to add security layer to BPEL processes (BPEL 10.1.3.4) deployed on WL 9.2. Client has asked us to implement PKI for WL domain.
  Please guide me regarding the same.
  Regards,
  Prabodh Mitra
  P.S. we are not using OWSM due to some business reasons

  Hi,
  Can you please provide any docs related to implementing pki/ssl in a BPEL-WLS env ? I have tried, but in vain.
  These are the questions I have,
  1. BPEL is installed on a separate domain in WLS. How will we enable SSL here? Is it ok if we enable at admin server level ?
  2. Do we need to do some configuration on BPEL side as we do in OAS setup?
  Thanks in advance.
  Regards,
  AP

• Enabling https to the bpel process deployed in web logic server

  hi All,
  I have to enable https instead http is to ensure that the communication is encrypted for my bpel process(bpel version - 10.1.3.5.0), which will be deployed in weblogic server11g(10.3.1).
  Am using the following environment...
  This is an immeadite requirement.
  Any help would be really appreciated.
  Thanks in advance...
  JK

  Hi
  You can view this document to configure the ssl.
  http://download.oracle.com/docs/cd/E12840_01/wls/docs103/secmanage/ssl.html

• How to maintain List Of Values (LOV's) for BPEL Processes

  We are integrating two systems.Source and destination systems store data in different formats. For example State is stored as a string in source and its stored as an number in destination system. In BPEL we are trying to transform this information and send it to destination system so that it understands the incoming data.
  A sample of transformation we need to do is as shown below.
  State in Source     Sate in Destination
  Texas               1
  Nebraska          2
  But we have so many fields that we need to transform as we are doing for State.
  What is the best way of handling these domain mappings in BPEL. I want to know is there any efficient way we can handle this in BPEL as we do in J2EE applications(Maintaining them in Domain tables and making them available for all functionalities).
  We are looking to hold all these domain mappings at one place and use in all the processes we design.Can anyone suggest a better way to handle this for BPEL processes.

  Hi,
  I am using the lookup-xml for maintaining list of values.But dont know whats the problem unable to get the output.
  Example: this is just a sample one which i am testing.
  My xml file is placed in c folder with the name "StateList.xml" which contains the following info.
  <?xml version="1.0"?>
  <Countries>
  <Country><Abbreviation>CO</Abbreviation><FullName>CO</FullName></Country>
  <Country><Abbreviation>CT</Abbreviation><FullName>Connecticut</FullName></Country>
  <Country><Abbreviation>ID</Abbreviation><FullName>Idaho</FullName></Country>
  <Country><Abbreviation>NJ</Abbreviation><FullName>New Jersey</FullName></Country>
  <Country><Abbreviation>AP</Abbreviation><FullName>Andhra Pradesh</FullName></Country>
  </Countries>
  And in BPEL, in the transformation i am taking the input and assigning this lookup value to the output variable as follows :
  <ns1:result>
  <xsl:value-of select="orcl:lookup-xml('file:/c:/StateList.xml','/Countries/Country','Abbreviation','FullName',/ns1:HelloWorldPavanaProcessRequest/ns1:input)"/>
  </ns1:result>
  But unable to get the result.Kindly help me out in this.
  Regards,
  Pavana

• How to design multiple file polling BPEL process?

  Hi all,
  I am trying to solve/design the following in BPEL process:
  - The integration process flow I am trying to design is an interaction b/n system A (FTP server), an Integration platform and system B.
  - The integration platform will poll files from an internal FTP server. It has 2 Time files (“Time1” and “Time2”) alternatives to poll from the FTP server. It will then transform the message/information inside the files (time information) to an internal XML format. At the end it shall send the message to system B.
  - The information inside the files is identical. The reason to have 2 files with identical information is for redundancy. The integration-platform shall only poll file “TIME1” as long as the conditions are met. If the conditions are not met, then it polls file “Time2”.
  Normal succeeded scenario:
  1- The integration platform polls the latest “Time1” file from the internal FTP server. The polling is done every 15th minute.
  2- The integration platform logs to BAM and reports that the file is received.
  3- The platform then converts the message to an internal format.
  4- The platform sends the converted message/time information to system B.
  5 - The use-case ends.
  Not normal scenario:
  1- The platform cannot get/receive file “Time1” file.
  - The platform logs to BAM and reports that the file could not be received.
  - The platform polls file “Time2” from the FTP server and it does the same normal scenario as above. The use case ends.
  2 - Time message/information from the Time1 file has not full information (less than 24 rows). The file is supposed to have 24 rows (for 24 hours).
  - The platform logs to BAM and reports that there is missing information on the message.
  - The platform gets/polls instead the “Time2” file from the FTP server and it does the normal scenario.
  - The use case ends.
  3- The platform can find/get neither file “Time1” nor “Time2”.
  - The platform alarms to BAM that it could not get/find the files.
  ** I am considering either the pick activity or the switch activity solution. Does any one of you have an idea how to design this in oracle BPEL process?
  Thanks.

  Not sure I understand your use case completly so if I'm off track I apploigise.
  I think there are 3 ways to solve this. The 3rd may be closest to what you are looking for.
  1. Have 2 processes that read into a common area, e.g. database where you can compare. From there you can choose which file to pick. This is high leve but I think this would be dificult to implement.
  2. Implement a combination of a rejectedMessage handler and error processing witn the BPEL process itself. The rejecte message handler can call another BPEL process if the time1 file is in a invalid state. This process will then read the time2 file. The issue with this is that the rejecte message handler will only get invoked when the file doesn't conform to the schema.
  3. Use the quarts scheduler whcih invokes a BPEL process every 15 miniutes. Using the file adapter to perform a synchronous read to read time1, analyse it, if it fails read time2 using synchronous read. Then perform the approprate action id this fails.
  hope this give some ideas.
  cheers
  James

• Secure a BPEL process in 11g with username/pass

  Hi All,
  How to secure a BPEL process with username and password.

  As mentioned in my previous post and link I provide this is done in the Enterprise Manager.
  In 11g we have composites so more often than not you want the composite to be secure then you pass the credentials to the other components, e.g. BPEL.
  1. Go to Enterprise Manager
  2. Click on the composite that has the BPEL process
  3. Click the policy Tab
  4. Select the BPEL process in the Attach To/Detach From" drop down. If BPEL is not the component that invokes the composite then select that component.
  5. Select wss_username_token_service_policy, click attach
  6. If in step 4 you have a mediation step in front of your BPEL process then select your BPEL process in the drop down and attach the policy wss11_saml_token_with_message_protection_client_policy.
  The user name password is taken from the WLS authentication, so this will be something like weblogic/welcome1
  hope this helps.
  James

• How to config the proxy of Bpel process manager(with password)

  HI, i met the quetion as below
  The The Oracle BPEL Process Designer & Manager server is installed on my computer in domin of my company, so if One of the BPEL processes deployed on the BPEL server needs to access a synchronous Web service hosted outside the firewall .i need to config the proxy, but the proxy of my company needs my ID and password to access outside . after I congfig the proxy
  option of designer and build the Process, there will be pop-up a dialog box and ask for my ID & password .But how i config the proxy of Bpel process manager?? I read the tecnote about HTTP Proxy Configuration and config the proxy in the obsetenv.bat ,but it seems has no information about my ID&password in obsetenv.bat.
  The question is How can i let the Bpel process manager know my proxy and ID&password ?? pls help me ,thx!

  I have set these value in obsetenv.bat as follows, and I restart the Bpel manager server and designer.
  but the same issue still occur:
  set OB_JAVA_PROPERTIES="-Djavax.wsdl.factory.WSDLFactory=oracle.j2ee.ws.wsdl.factory.WSDLFactoryImpl" "-Dhttp.proxySet=true" "-Dhttp.proxyHost=pxysha" "-Dhttp.proxyPort=8080" "-Dhttp.proxyUser=oocldm\hanfi" "-Dhttp.proxyPassword=123456" "-Dhttp.nonProxyHosts=localhost".
  At the same time, I have set proxy server in bpel designer of eclipse, after I build the process,it can works well(which display BUILD SUCCESSFUL), but the bpel server display error message as below :
  Exception Name:
  Failed to read wsdl
  Exception Description:
  Error happened when reading wsdl at "C:\orabpel\domains\default\tmp\.bpel_TerraFlow_1.0.jar\TerraServiceRef.wsdl", because "WSDLException: faultCode=PARSER_ERROR: Error reading file: Server returned HTTP response code: 407 for URL: http://terraserver.microsoft.com/TerraService.asmx?WSDL".
  what happen ?

• Securing a BPEL Process with username/password in 10g

  securing a BPEL Process with username/password in 10g

  use OWSM gateways..
  create a gateway and define your policy in the gateway

• How to make a program for backgroung processing used servlet

  how to make a program for backgroung processing used servlet

  well i need the coding part written in servlet ,in which servlet is always ready for accepting a client request.

• How to set Actual indicator for Business Process

  Hi,
  Can anybody tell me as "how to set Actual indicator for Business Process " in Activity Based Costing.
  Regds,
  Bijay

  ok

• How many memory is used for the process of one connection?

  Hi,
  how many memory is used for the process of one connection in unix
  when the user connects to the database?
  Thanks,

  Write some queries using v$sesstat, v$statname, v$session to find the statistics for different stats. Query name from v$statname and find whatever you wants. I don't think there is a common rule that tells how much memory will be used for each connection, it depends on different factors like , resources available, type of databases, database memory settings etc.
  Example query.
  select s.osuser osuser,s.serial# serial,se.sid,n.name,
  max(se.value) maxmem
  from v$sesstat se,
  v$statname n
  ,v$session s
  where n.statistic# = se.statistic#
  and n.name in ('session pga memory','session pga memory max',
  'session uga memory','session uga memory max')
  and s.sid=se.sid
  group by n.name,se.sid,s.osuser,s.serial#
  order by 2
  ;

• "Error do not know how to establish stage 'imported' for module "

  I get this error  (imported or checked) on an OPN module I am developing after resolving syntax errors. I am assuming it is complaining about something semantic, but there is not much information there. Is there somewhere else to look for more
  information? Here is a excerpt from the log file:
  11/7/2014 5:56:57 AM Information Module cache file doesn't exist: C:\Users\xxl_2\AppData\Local\Microsoft\MessageAnalyzer\CompilationCache\EGIEnums_7b90e77b9119eacbd90f47fbebe9f9eb_4_0_7056_0.mdb
  11/7/2014 5:56:57 AM Information running Runtime on EGIEnums
  11/7/2014 5:56:57 AM Information running Reducer on EGIEnums
  11/7/2014 5:56:57 AM Information running ReducerPrechecked on EGIEnums
  11/7/2014 5:56:57 AM Error do not know how to establish stage 'checked' for 'EGIEnums'
  11/7/2014 5:56:57 AM Information ReducerPrechecked failed with errors
  11/7/2014 5:56:57 AM Information Reducer failed with errors
  11/7/2014 5:56:57 AM Information Runtime failed with errors

  I assume this is directly from the MessageAnalyzer.log file and not from the output window?  Usually what I do is open the log and search for error.  Sometimes the problem is repeated multiple times as each reference triggers another error.
  If you want I could try with your OPN to fine your problem.  But in general we don't have a lot of support for the OPN developer.  Maybe we'll have more in the future if there is enough demand.
  Thanks,
  Paul

• A problem with initiating a BPEL process through its web service interface

  hi,
  i am trying to initiate the helloWorld BPEL process through its web service interface. i use a proxy class that i wrote and i use it from J#.net.
  this is the relevant code part:
  hello.HelloWorldBinding wsProxy = new hello.HelloWorldBinding();
  wsProxy.initiate("Hello");
  and the server shows the following message:
  ORABPEL-05002
  Message handle error.
  An exception occurred while attempting to process the message "com.collaxa.cube.
  engine.dispatch.message.invoke.InvokeInstanceMessage"; the exception is: Cannot
  decode properties.
  The process domain was unable to decode the properties for message guid 10, whic
  h are stored in column String index out of range: 3094; the exception reported i
  s: {2}.
  sql statement: SELECT conv_id, message_guid, domain_ref, process_id, revision_ta
  g, operation_name, receive_date, state, priority, properties FROM invoke_message
  WHERE message_guid = ?
  at com.collaxa.cube.engine.dispatch.DispatchHelper.handleMessage(Dispatc
  hHelper.java:152)
  at com.collaxa.cube.engine.dispatch.BaseScheduledWorker.process(BaseSche
  duledWorker.java:70)
  at com.collaxa.cube.engine.ejb.impl.WorkerBean.onMessage(WorkerBean.java
  :86)
  at com.evermind.server.ejb.MessageDrivenBeanInvocation.run(MessageDriven
  BeanInvocation.java:123)
  at com.evermind.server.ejb.MessageDrivenHome.onMessage(MessageDrivenHome
  .java:755)
  at com.evermind.server.ejb.MessageDrivenHome.run(MessageDrivenHome.java:
  928)
  at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(Relea
  sableResourcePooledExecutor.java:186)
  at java.lang.Thread.run(Thread.java:534)
  <2006-05-10 21:21:15,171> <ERROR> <default.collaxa.cube.engine.data> <BaseDeliveryPersistenceAdaptor::loadInvokeMetaDa
  java.lang.StringIndexOutOfBoundsException: String index out of range: 3094
  at java.lang.String.substring(String.java:1441)
  at com.collaxa.common.util.LVDecoder.decodeElement(LVDecoder.java:152)
  at com.collaxa.common.util.LVDecoder.decodeToMap(LVDecoder.java:45)
  at com.collaxa.cube.engine.adaptors.common.BaseDeliveryPersistenceAdaptor.loadInvokeMetaData(BaseDeliveryPersi
  r.java:2186)
  at com.collaxa.cube.engine.adaptors.common.BaseDeliveryPersistenceAdaptor.__loadInvoke(BaseDeliveryPersistence
  :2112)
  at com.collaxa.cube.engine.adaptors.common.BaseDeliveryPersistenceAdaptor.loadInvoke(BaseDeliveryPersistenceAd
  079)
  at com.collaxa.cube.engine.data.DeliveryPersistenceMgr.loadInvoke(DeliveryPersistenceMgr.java:357)
  at com.collaxa.cube.engine.delivery.DeliveryService.handleInvoke(DeliveryService.java:465)
  at com.collaxa.cube.engine.ejb.impl.CubeDeliveryBean.handleInvoke(CubeDeliveryBean.java:335)
  at ICubeDeliveryLocalBean_StatelessSessionBeanWrapper16.handleInvoke(ICubeDeliveryLocalBean_StatelessSessionBe
  java:1796)
  at com.collaxa.cube.engine.dispatch.message.invoke.InvokeInstanceMessageHandler.handle(InvokeInstanceMessageHa
  7)
  at com.collaxa.cube.engine.dispatch.DispatchHelper.handleMessage(DispatchHelper.java:125)
  at com.collaxa.cube.engine.dispatch.BaseScheduledWorker.process(BaseScheduledWorker.java:70)
  at com.collaxa.cube.engine.ejb.impl.WorkerBean.onMessage(WorkerBean.java:86)
  at com.evermind.server.ejb.MessageDrivenBeanInvocation.run(MessageDrivenBeanInvocation.java:123)
  at com.evermind.server.ejb.MessageDrivenHome.onMessage(MessageDrivenHome.java:755)
  at com.evermind.server.ejb.MessageDrivenHome.run(MessageDrivenHome.java:928)
  at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:186)
  at java.lang.Thread.run(Thread.java:534)
  what is the problem? how come i can't initiate the process?
  i will be happy if i could get help..
  thanks in advance

  can you initate the process from the bpel console successfully?
  if so can you use obtunnel from the installation to trace the soap message (that goes over the wire), my best guess in this case is a problem with a header (holding the wsa information) ..
  after starting obtunnel it will liesten to a custom port, and will forward the request to the engine, so you need to point your client to this new port..
  hth clemens

• How do you determine which programs or processes run following a reboot?

  How do you determine which programs or processes run following a reboot?  Also when you reboot Mac tries to reopen anything running before the reboot.  Is there any way to turn off that functionality?

  10.7 Lion
  dadpope wrote:
  How do you determine which programs or processes run following a reboot?
  Login items
  Follow the  instructions in this article.
  http://support.apple.com/kb/PH4333
  Also when you reboot Mac tries to reopen anything running before the reboot.  Is there any way to turn off that functionality?
  System Preferences > General
  Section: Number of recent items
  Uncheck the box for "Restore windows when quitting and re-opening apps".