How to retrieve user identity in a web service using SSO/SSL?

Similar Messages

• How to embed user credentials in Secured Web Service from OBIEE 11gFMW?

  I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
  Here are the steps I completed:
  - I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
  - I granted the access to this service in EBS R12 to user SYSADMIN
  - I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
  - When I try to execute the action: I get the error:
  Action could not be invoked.
  ServiceExecutionFailure :
  Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
  PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. According to the documentation in the Integrators guide, FMW Security guide, and Web Logic guides..seems we have to configure the SOAP call to have the proper credentials. The documentation is not very clear on exactly how to do this. I tried to set up the credential store and an account in ActionFrameWorkConfig.xml but I am still missing something. I am logged into OBIEE as biadmin and I am trying to call a webservie in EBS that is granted to SYSADMIN/sysadmin user. Pls advise.

  I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
  Here are the steps I completed:
  - I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
  - I granted the access to this service in EBS R12 to user SYSADMIN
  - I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
  - When I try to execute the action: I get the error:
  Action could not be invoked.
  ServiceExecutionFailure :
  Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
  PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. According to the documentation in the Integrators guide, FMW Security guide, and Web Logic guides..seems we have to configure the SOAP call to have the proper credentials. The documentation is not very clear on exactly how to do this. I tried to set up the credential store and an account in ActionFrameWorkConfig.xml but I am still missing something. I am logged into OBIEE as biadmin and I am trying to call a webservie in EBS that is granted to SYSADMIN/sysadmin user. Pls advise.

• How to remove user authentication for SAP Web Service?

  Hi there,
  I am using SAP Web Services in my flex application. Every time wsdl url is called, the username\password window pops up. I want to remove this.
  I searched in the forum and based on the discussions, I tried giving the user name password under Web Service Administration using SOAMANAGER, by selecting No Authentication option. But this did not work. I still get that pop up.
  I also tried giving the credentials in SICF, under Logon Data tab of the service. This too failed. I kept getting the pop up.
  Can someone pls let me know how can I remove this? If username password in mandatory to be passed, I can create a temporary username which will be used to access all of my webservices and use it. But I want to remove this authentication part when I am using the flex application ang calling the web service url from within it.
  Appreciate your help.....
  -Deepak

  Hi,
  It is a little bit tricky, because the interface has changed several times in different releases. I know that it is possible without authentification.
  I remember that i defined somewhere the default client, the username and password in the ERP system to use by this web service.
  Maybe it helps if you try the old transactions WSADMIN, WSCONFIG or WSADMIN2 ?
  Sorry that I cannot help you more. I hope it helps.
  Best regards,
  Joern

• How to retrieve the HttpSession from Axis Web Service

  hello,
  How can I get the HttpSession in Web Service ???
  Eric

  Hi,
  I have generated the java classes from a WSDL using WSDL2Java using the following command line options.
  java -classpath .;%AXISCLASSPATH%;%CLASSPATH% org.apache.axis.wsdl.WSDL2Java -s -S true -d Session -Nhttp://localhost:
  7001/axis=samples.grapha -a samples\grapha\grapha.wsdl
  I need to retrieve HTTPSession in the generated GraphASOAPBindingImpl class. Can you help me?
  Thanks,
  vc

• How to send authentication information to SOAP Web Service using MATE framework

  Hi,
  Can anyone please tell me how to pass authentication info (such as user name & password) while calling a webservice using MATE's webserviceinvoker? the SOAP web service expects authentication info in the header.
  Thanks in advance..

  HI Swayam,
  First of all you should tell us what blogs you have seen to avoid you to repeat information that you already know.
  we want to avoid  setting up SLD configuration for sender system because  sender system is just consuming web service .
  This is not necessary,
  Please let me know  the ways we can configure . I did understand we can publish and register the WSDL from Service interface ,but was not clear on over all  scenario .
  Do you have your ECC webservice available via SOAManager?, you only to access it via soap receiver in SAP PI.
  To publish, you need to publish only the sender SOAP, when you register there the sender soap your partner could access there to get the WSDL (Publish services from PI 7.1 to the Service Registry). Also you can generate directly the wsdl (Display WSDL - Integration Directory - SAP Library), what do you want?
  Regards,

• How to get the cookie from a web service using Axis

  I used the AXIS wizard to consume a WSDL and create a bunch of boiler plate code. It works great in that I can talk to the web service and submit requests.
  The problem is that I need to retrieve the cookie from the login request and use it when making subsequent requests. I have been unable to find the cookie and would appreciate a point in the right direction.
  Currently I'm trying something like this
  String cookie = (String)((Stub)service)._getCall().getMessageContext().getProperty(HTTPConstants.HEADER_COOKIE);
  Thanks in advance.

  Answered on my own:
  Just have to use
  x_result = http_client->response->get_data( ).
  instead of
  x_result = http_client->response->to_xstring( ).
  Just don't knwo why the filesize is wrong also - but I can work with this image!

• How to create a proxy to retrieve the xml file from web services

  Hi Every one,
  We have a requirment where we receive a xml file from Kenexa, a third party HR tool using a middleware tool. from SAP side We have to create a proxy to retrieve the xml  file from web services by initiating call through middleware tool i used earlier.
  these are the steps i intend to follow to accomlish the requirement.  
  1) middleware tool has to initiate the call to kenexa web services to  receive the xml file when it is available.
  2) On SAP we need to create a ABAP Proxy service provider to middleware where this file can be received.
  Can any one guide me how i can create a proxy to retrieve the xml  file from web services by initiating call through other middlewre (its not PI). 
  Any help would be really great, i am not a ABAP developer, so please help me with this. Thanks.

  Thank for reply.
  The computers are in different locations, but yes it's possible, the users in this enviroment are all local administrator of the machines, and we can distribute the script centrally from the DC automatically
  Acrobat use Java, right? I'm not so expert in java, but something about it could not be so difficult to manage.
  Do you know some place where i can get some info about JS and acrobat?

• How can I authenticate and authorize with Web Service on ESB ?

  Hello,
  I want to authenticate and authorize client with Web Service published
  by HTTP/SOAP BC.
  Simply if it is an Web Service as J2EE application, I will use
  Basic Authentication with JAX-RPC and Realm.
  But I think that Web Service published by HTTP/SOAP BC is not belong
  to J2EE Application. Threre is no place to describe security role mapping
  (like web.xml).
  JBI 1.0 the section "5.5.1.1.3 Normalized Message Properties" comments
  JAAS Subject is given in the NM Properties. Really in this package
  com.sun.jbi.internal.security.*
  implements JAAS autentication and authorization (at JaasAuthenticator).
  But I can't see how to configure my Service to use this.
  How can I authenticate and authorize with Web Service on ESB ?
  I referred to the resources.
  Mutual Authentication for Web Services: A Live Example
  http://developers.sun.com/prodtech/appserver/reference/techart/mutual_auth.html
  XML and Web Services Security
  http://java.sun.com/j2ee/1.4/docs/tutorial/doc/Security7.html
  JAAS Authentication Tutorial
  http://java.sun.com/j2se/1.4.2/docs/guide/security/jaas/tutorials/GeneralAcnOnly.html
  Thanks,
  Takurou
  - environment ---------------------------------------------
  OpenESB : Project Open ESB Starter Kit
  AppServer : Sun Java Systems Application Server 9.0 PE
  OS : Windows XP
  I don't assume to use SSL (if It's necessary I will try).
  User information is stored in a LDAP Server.
  -----------------------------------------------------------

  Hello,
  I read this resource.
  SecurityDesign
  http://www.glassfishwiki.org/jbiwiki/Wiki.jsp?page=SecurityDesign
  Then I think [non-ssl and ssl/tls and so on] securing by basic authentication is ongoing feature at this time.
  But I can't see well why this page comments 'HTTP over SSL, TLS'.
  HTTP/SOAP Binding Component Overview
  http://download.java.net/general/open-esb/docs/jbi-components/httpsoap-bc.html
  Does BC support only "SSL server authentication" ?
  Doesn't BC support "SSL client authentication" by username/password ?
  Thanks,
  Takurou

• A user that consumes a Web service is authorized to use then in BackEnd?

  Hello,
  I need to help me please
  Can you validate that a user that consumes a Web service is authorized to use this service?.
  I mean, I have a backend system, which has an RFC, which we published in PI as Web Services, and a third application consumes it with SOAP Adapter. How I can check that the user is consuming the service is authorized (role / profile) in the backend to run this service?
  I searched SAML, but I will not check certificates, I need to check that the user is authorized in the backend, do I need IDM?
  Thanks in advance.

  Hello,
  Please go to back end system and see the authorization profile of the user consuming the service. He must have SOAP Run time aurhorization for object S_SERVICE for the specific service. Also, the user needs application authorization for the underlying RFC call.
  Thanks,
  Venu

• How to pass preprocessing information to a web service report?

  Post Author: rmsky
  CA Forum: Crystal Reports
  Does anyone know how a web service client can provide information to the constructor for a Crystal Reports web service report so that it can preload a non-trivial dataset prior to running a report. For example, if I want to load a dataset based on a user ID prior to calling SetDataSource, how do I get that user ID to the web service report constructor? If I pass a parameter into the report via the CrystalReportsViewer, is there any way to get access to that parameter at the web service? Thanks.

  SSZ wrote:
  Yes.But couldn't understand where to start.In that case use the magic wand.
  Ask specific questions, Many of your posts have an underlying tone , that of you not having read any documentation of bothered to research anything yourself I havent got the time to tell you how if you havent got the time to tell me what you have read , what you grasp and what you do not grasp.

• How can I create a query with web service data control?

  I need to create a query with web service data control, in WSDL, it's query operation, there is a parameter message with the possible query criteria and a return message contains the results. I googled, but cannot find anything on the query with web service. I cannot find a "Named Criteria" in web service data control like normal data control. In Shay's blog, I saw the topics on update with web service data control. How can I create a query with web service data control? Thanks.

  Hi,
  This might help
  *054.     Search form using ADF WS Data Control and Complex input types*
  http://www.oracle.com/technetwork/developer-tools/adf/learnmore/index-101235.html

• How can I call a web service using JAVAscript in LCD

  hi guys,
       I know it can call a WSDL in LCD, but I have not any WSDL web service , and I have a REST web service ,how can I call this REST web service in LCD? I checked some documents and found nothing...if it's possible that it can call a REST web service using JAVAScript code, I mean I can program some code to call this web service ?
  thanks,
  Jesse

  Hi Jesse,
  You can do GET, PUT and POST using FormCalc, so you should be able to access a REST web service. 
  There is a example of accessing a RSS feed in this thread, http://forums.adobe.com/message/5695433#5695433
  Regards
  Bruce

• How to invoke a web service using https

  Hi,
  I have a few security related questions surrounding BPEL process manager.
  1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
  2. If not, what needs to be done to enable accessing a https based web service?
  3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
  Thanks,
  Pranav

  1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
  We currently don't have support for HTTP over SSl. We are working on it to include this functionality in near future.
  2. If not, what needs to be done to enable accessing a https based web service?
  I am not sure it is possible with current product offering. I will confirm it after discussing with our concerned development group. There is some work going to integrate with Oblix security mechanism [recently acquired by Oracle].
  3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
  This will be easier to do if we can use Oblix along with BPEL PM. Could you please let us know more about your application so that we can provide you the customized solution till it's part of the product. You can send this query to [email protected] so that our product management team can give you more detailed roadmap regarding this.
  HTH.
  Thanks,
  Rakesh

• How to call a secure external Web Service using Oracle BPEL and OWSM

  Hi,
  i have to invoke an external secure Web Service using SOA Suite 10.1.3.1, but i don´t know how to do this. Do i use OWSM gateway or Agent? how to configure the gateway or agent to pass the required security to the external secure web service.
  thanks in advance
  Dong

  Are you getting any errors? What type of XAI Class are you using?
  One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
  Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
  Hope this helps.
  Regards,
  Philip

• User Defined Exceptions in Web Service

  I am trying to create complex user defined exceptions in Web services I am creating. Is there a way in JDeveloper to assist in modifying the WSDL to include all required parameters for fault handling that I can use to do this? Or do I have to write the XML manually in the WSDL file. Any recommended ways to accomplish this?

  Hello,
  raise duplicate_loan; won't avoid the trigger to insert and commit. If you really want to avoid the insertion, use the raise_applicatrion_error() instead.
  For instance : Raise_Application_Error( -20001, 'Insertion cannot be validated' );Then in your Forms module, you can catch it like this:
     Begin
     Insert Into ...
     when others then
        LC$Erreur := Substr( SQLERRM,1 , 500 );
        LN$err_code := ABS(SQLCODE);
        If LN$err_code = 20001 Then ...
     End;
  ...Francois