Invoking a secure web service from a standalone java client

Similar Messages

• Problems to invoke a secure Web service from Oracle BPM Studio 10.3

  Hi all
  I'm trying to consume a web service through HTTPS protoloco Oracle BPM Studio v10.3, but I get the following error: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target.
  Some help!!
  Thanks

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Error while invoking a WS-Security secured web service from Oracle BPEL..

  Hi ,
  We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0).
  For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl/blog/1607/how-to-call-a-ws-security-secured-web-service-from-oracle-bpel]
  but sttill,after deploying it and passing values in it,we are getting the following error on the console :-
  “Header [http://schemas.xmlsoap.org/ws/2004/08/addressing:Action] for ultimate recipient is required but not present in the message”
  Any pointers in this regard will be highly appreciated.
  Thanks,
  Saurabh

  Hi James,
  Thanks for the quick reply.
  We've tried to call that web service from an HTML designed in Visual Studios with the same username and password and its working fine.
  But on the BPEL console, we are getting the error as mentioned.
  Also if you can tell me how to set the user name and password in the header of the parter link.I could not find how to do it.
  Thanks,
  Saurabh

• Problems invoking a secure 8.1 web service from a 6.1 client

  I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
  Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
  In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
  If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
  Any help would be GREATLY appreciated.

  Hi Paul,
  This sound familiar, but I cannot at the moment locate a reference to
  the issue. I would encourage you to seek the help of our super support
  team [1].
  Regards,
  Bruce
  [1]
  http://support.bea.com
  [email protected]
  Paul Merrigan wrote:
  >
  I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
  Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
  In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
  If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
  Any help would be GREATLY appreciated.

• Calling secured web service from Pl SQL

  Hi
  I am trying to call a secured web service from pl/sql using utl_http.
  Is there a sample pl/sql program that i can refer to call a secured web service.
  sample soap header that am trying to acheive.
  <soap:Header>
  <wsa:Action>http://myactaction</wsa:Action>
  <wsa:MessageID>uuid:asdfadrewrwqr</wsa:MessageID>
  <wsa:ReplyTo>
  <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
  </wsa:ReplyTo>
  <wsa:To>http://myact</wsa:To>
  <wsse:Security soap:mustUnderstand="1">
  <wsse:UsernameToken wsu:Id="SecurityToken-321321">
  <wsse:Username>mordfsafsdae</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">werwqrewrwe</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  Thanks a ton in advance

  Hi,
  On way we can call a web service is to pass the Web Service URL to UTL_HTTP package:
  Sample Web Service URL
  ===================
  lv_url :=
  'http://67.97.189.151:8888/plsqlsample/dbfunc?invoke=placeOrder'
  || '&'
  || 'param0=1'
  || '&'
  || 'param1=1'
  || '&'
  || 'param2=1';
  Sample Call using UTL_HTTP
  =====================
  SELECT UTL_HTTP.request (lv_url)
  INTO lv_result
  FROM DUAL;
  Thank you.
  Regards,
  Balu

• Error when trying to access a secured web service from Forms 10g 10.1.2.3

  Hello,
  I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
  java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
  javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
  DECLARE
  jo ora_java.jobject;
  pdfObject ora_java.jobject;
  pdf     varchar2(900);
  rv varchar2(100);
  ex ora_java.jobject;
  BEGIN
  JO := SEARCHSOAPCLIENT.new;
  SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
  SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
  pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
  pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
  message(pdf);
  message(' ');
  EXCEPTION
  WHEN ORA_JAVA.JAVA_ERROR then
  message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
  WHEN ORA_JAVA.EXCEPTION_THROWN then
  ex := ORA_JAVA.LAST_EXCEPTION;
  :error := Exception_.toString(ex);
  END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
  import oracle.webservices.transport.ClientTransport;
  import oracle.webservices.OracleStub;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Stub;
  public class SearchSoapClient {
      private webservicesproxywebcontent.proxy.SearchSoap _port;
      public SearchSoapClient() throws Exception {
          ServiceFactory factory = ServiceFactory.newInstance();
          _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
          this.setUsername("weblogic");
          this.setPassword("welcome1");
          System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
       * @param args
      public static void main(String[] args) {
          try {
              webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
              System.out.println("calling " + myPort.getEndpoint());
          } catch (Exception ex) {
              ex.printStackTrace();
       * delegate all operations to the underlying implementation class.
      public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
          return _port.quickSearch(queryText, extraProps);
      }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
  Kind Regards
  Carlos

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Invoking a SAP web service from Dreamweaver MX

  I am trying to invoke a SAP web service from ColdFusion and it looks like ColdFusion does not even recognize the rfc generated wsdl file as a wsld file.  I have tried other wsdl url's outside my company and they work...so I know that web services at least work in ColdFusion.  Can anyone advise on this topic?
  Thanks!

  Paula,
  I suppose you're using CFINVOKE (http://www.activsoftware.com/code_samples/code.cfm/CodeID/44/ColdFusion/Invoking_SOAP_Web_Services_with_ColdFusion_MX_CFINVOKE_Tag) or are you using a third party tool like CFX_SOAP (http://www.activsoftware.com/products/productdetail.cfm/id/1015)?
  Are you working with WebAS 6.4 or 6.2?
  It works with web services created with WebAS 6.4, but you should generate proxy classes. Check Thomas' weblog (second part of it)->https://www.sdn.sap.com/irj/sdn/weblogs?blog=/pub/wlg/1012. [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken] [original link is broken]
  The WSDL generated by this method is more standard than the one generated when you just Remote enable an FM and look at the webservice browser.
  Th core of CF MX is Java and that engine is rather strict in standards.
  Eddy

• Unable to consume secured Web service from a Dynpro application

  Hello,
  I have followed <a href="http://help.sap.com/saphelp_nw04/helpdata/en/c3/bac36a469e4c75aba646077e71516d/frameset.htm">this tutorial</a>
  in order to protect and consume a secured Web service from a Dynpro application using SAP logon ticket.
  The problem is that after implementing everything needed I  receive 401 Unauthorized when I am trying to consume it from the web dynpro side.
  If I manually transfer the request the credentials, before the execute i.e:
  modObj._setUser
  modObj._setPassword
  modObj.execute();
  I am able to call it, meaning the dynpro application doesn't transfer these credentials to the Webservice even though it's authentication property is set to true.
  Any idea how to solve it?
  Roy
  Message was edited by:
          Roy Cohen

  Try below steps
  • Add jars
  o security.class
  o tc/sec/destinations/interface
  • Setting WebDynpro project property
  o Project>Properties>Web Dynpro References-->Interface references
  &#61607; Name=tcsecdestinations~interface
  o Project>Properties>Web Dynpro References-->Service reference
  &#61607; Name=webservices
  &#61607; Name=tcsecdestinations~service
  • Dynamically Set httpdestination and Call web service
  final InitialContext ctx = new InitialContext();
  final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);
  if (dstService== null)
  throw new NamingException ("Destination service not available");
  final Destination destination = dstService.getDestination("HTTP"," DestinationName");
  // getting user name
  Properties destprop = destination.getDestinationProperties();
  String username = destprop.getProperty("USERNAME");
  String password = destprop.getProperty("PASSWORD");
  final HTTPDestination httpDestination = (HTTPDestination) destination;
  HttpURLConnection httpConnection = httpDestination.getURLConnection();
  String httpURL = String.valueOf(httpConnection.getURL());
  Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();
  obj._setUser( user );
  obj._setPassword(pass);
  obj._setEndPoint(httpURL);
  obj.execute();
  Rahul

• Unable to invoke a protected web service from PL/Sql

  Hi All
  I am trying to invoke a protected web service from Plsql. But getting the below error.
  error message is ORA-31011: XML parsing failed
  ORA-19202: Error occurred in XML processing
  LPX-00104: Warning: element "html" is not declared in the DTD
  Error at line 2
  If i try to invoke the service after disabling the protection then i am able to call it and getting response. Pls let me know how to deal with this authentication issue.
  Below is the invoking code i am using.
  BEGIN
  generate_envelope(p_request, l_envelope);
  show_envelope(l_envelope);
  l_http_request := UTL_HTTP.begin_request(p_url, 'POST','HTTP/1.0');
  UTL_HTTP.set_header(l_http_request, 'Authorization', 'Basic Y29tcGxpYW5jZS5nZW46Y29tcGxpYW5jZQ11');
  UTL_HTTP.set_header(l_http_request, 'Content-Type', 'text/xml');
  UTL_HTTP.set_header(l_http_request, 'Content-Length', LENGTH(l_envelope));
  UTL_HTTP.set_header(l_http_request, 'SOAPAction', p_action);
  UTL_HTTP.write_text(l_http_request, l_envelope);
  l_http_response := UTL_HTTP.get_response(l_http_request);
  UTL_HTTP.read_text(l_http_response, l_envelope);
  UTL_HTTP.end_response(l_http_response);
  l_response.doc := XMLTYPE.createxml(l_envelope); -- Error Line
  l_response.envelope_tag := p_request.envelope_tag;
  l_response.doc := l_response.doc.extract('/'||l_response.envelope_tag||':Envelope/'||l_response.envelope_tag||':Body/child::node()',
  'xmlns:'||l_response.envelope_tag||'="http://schemas.xmlsoap.org/soap/envelope/"');
  show_envelope(l_response.doc.getstringval());
  check_fault(l_response);
  RETURN l_response;
  END;
  I tried invoking the service by passing username and password in LDE tool and captured the Request SOAP Message. I saw username/password encrypted to "Y29tcGxpYW5jZS5nZW46Y29tcGxpYW5jZQ11". Hence tried with that.
  I have also tried the below line for authentication but it is not working.
  utl_http.set_authentication(l_http_request, 'myusername', 'mypassword','Basic',false);
  Pls assist me in resolving this.
  Thanks,
  PKV

  One more update i tried printing l_http_response.status_code and got 302.
  Thanks,
  PKV

• Invoking web service from EJB3 throw java.lang.IllegalArgumentException

  I used JAX-WS to develop a web service and deployed it on webloigc 10.3.5. The web service was invoked from web application and it worked fine. However, when I tried to invoke the web service from a stateless session bean, java.lang.IllegalArgumentException was thrown out and complained that "*interface gov.fema.web.nimcast.service.client.UpdateEmailPortType is not visible from class loader*". I tried following three ways to solve the problem
  1. put the web service client artifacts under APP-INF/classes of the EAR
  2. bundle the web service client artifacts into a jar file and put it under APP-INF/lib of the EAR
  3. put the web service client artifacts into the same jar file of the EJB
  However, none of the above approaches worked out, every time same exception thrown out.
  I used following commands in my ant script to generate the web service client artifacts
  <path id="deploypathref">
  <fileset dir="${wl.server}">
  <include name="server/lib/weblogic.jar"/>
  <include name="server/lib/weblogic_sp.jar"/>
  <include name="server/lib/xqrl.jar"/>
  <include name="server/lib/webservices.jar"/>
  <include name="../modules/features/weblogic.server.modules_10.3.3.0.jar"/>
  </fileset>
  </path>
  <taskdef name="clientgen"
  classname="weblogic.wsee.tools.anttasks.ClientGenTask" >
       <classpath refid="deploypathref"/>
  </taskdef>
  <clientgen
                 wsdl="http://${wls.hostname}:${wls.port}/nimscast/UpdateEmailService?WSDL"
                 destDir="${path.service}/src"
                 packageName="gov.fema.web.nimcast.service.client"
                 type="JAXWS"/>
                 <javac
                 srcdir="${path.service}/src" destdir="${path.assembly}/ear/APP-INF/classes"
                 includes="**/*.java"/>
  and following is the detail information from the stack trace:
  Caused By: java.lang.IllegalArgumentException: interface gov.fema.web.nimcast.service.client.UpdateEmailPortType is not visible from class loader
       at java.lang.reflect.Proxy.getProxyClass(Proxy.java:353)
       at java.lang.reflect.Proxy.newProxyInstance(Proxy.java:581)
       at weblogic.wsee.jaxws.spi.ClientInstance.createProxyInstance(ClientInstance.java:143)
       at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.getPort(WLSProvider.java:855)
       at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:344)
       at weblogic.wsee.jaxws.spi.WLSProvider$ServiceDelegate.getPort(WLSProvider.java:792)
       at com.sun.xml.ws.client.WSServiceDelegate.getPort(WSServiceDelegate.java:326)
       at javax.xml.ws.Service.getPort(Service.java:92)
       at gov.fema.web.nimcast.service.client.UpdateEmailService.getUpdateEmailPortTypePort(Unknown Source)
       at gov.fema.prepcast.beans.UserManagement.updateUserEmailInNimscast(UserManagement.java:622)
       at gov.fema.prepcast.beans.UserManagement.changeUserProfileInfo(UserManagement.java:324)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.core.repackaged.springframework.aop.support.AopUtils.invokeJoinpointUsingReflection(AopUtils.java:310)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.invokeJoinpoint(ReflectiveMethodInvocation.java:182)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:149)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.jee.spi.MethodInvocationVisitorImpl.visit(MethodInvocationVisitorImpl.java:37)
       at weblogic.ejb.container.injection.EnvironmentInterceptorCallbackImpl.callback(EnvironmentInterceptorCallbackImpl.java:54)
       at com.bea.core.repackaged.springframework.jee.spi.EnvironmentInterceptor.invoke(EnvironmentInterceptor.java:50)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:89)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.doProceed(DelegatingIntroductionInterceptor.java:131)
       at com.bea.core.repackaged.springframework.aop.support.DelegatingIntroductionInterceptor.invoke(DelegatingIntroductionInterceptor.java:119)
       at com.bea.core.repackaged.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:171)
       at com.bea.core.repackaged.springframework.aop.framework.JdkDynamicAopProxy.invoke(JdkDynamicAopProxy.java:204)
       at $Proxy144.changeUserProfileInfo(Unknown Source)
       at gov.fema.prepcast.beans.UserManagement_dinn8k_UserManagementLocalImpl.__WL_invoke(Unknown Source)
       at weblogic.ejb.container.internal.SessionLocalMethodInvoker.invoke(SessionLocalMethodInvoker.java:39)
       at gov.fema.prepcast.beans.UserManagement_dinn8k_UserManagementLocalImpl.changeUserProfileInfo(Unknown Source)
       at gov.fema.prepcast.actions.secret.UpdateUserAction.saveProfileInfo(UpdateUserAction.java:287)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.opensymphony.xwork2.DefaultActionInvocation.invokeAction(DefaultActionInvocation.java:452)
       at com.opensymphony.xwork2.DefaultActionInvocation.invokeActionOnly(DefaultActionInvocation.java:291)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:254)
       at com.opensymphony.xwork2.interceptor.DefaultWorkflowInterceptor.doIntercept(DefaultWorkflowInterceptor.java:176)
       at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.validator.ValidationInterceptor.doIntercept(ValidationInterceptor.java:263)
       at org.apache.struts2.interceptor.validation.AnnotationValidationInterceptor.doIntercept(AnnotationValidationInterceptor.java:68)
       at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ConversionErrorInterceptor.intercept(ConversionErrorInterceptor.java:133)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:207)
       at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ParametersInterceptor.doIntercept(ParametersInterceptor.java:207)
       at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.StaticParametersInterceptor.intercept(StaticParametersInterceptor.java:190)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.interceptor.MultiselectInterceptor.intercept(MultiselectInterceptor.java:75)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.interceptor.CheckboxInterceptor.intercept(CheckboxInterceptor.java:94)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.interceptor.FileUploadInterceptor.intercept(FileUploadInterceptor.java:243)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ModelDrivenInterceptor.intercept(ModelDrivenInterceptor.java:100)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ScopedModelDrivenInterceptor.intercept(ScopedModelDrivenInterceptor.java:141)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.interceptor.debugging.DebuggingInterceptor.intercept(DebuggingInterceptor.java:267)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ChainingInterceptor.intercept(ChainingInterceptor.java:142)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.PrepareInterceptor.doIntercept(PrepareInterceptor.java:166)
       at com.opensymphony.xwork2.interceptor.MethodFilterInterceptor.intercept(MethodFilterInterceptor.java:98)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.I18nInterceptor.intercept(I18nInterceptor.java:176)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.interceptor.ServletConfigInterceptor.intercept(ServletConfigInterceptor.java:164)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.AliasInterceptor.intercept(AliasInterceptor.java:190)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at com.opensymphony.xwork2.interceptor.ExceptionMappingInterceptor.intercept(ExceptionMappingInterceptor.java:187)
       at com.opensymphony.xwork2.DefaultActionInvocation.invoke(DefaultActionInvocation.java:248)
       at org.apache.struts2.impl.StrutsActionProxy.execute(StrutsActionProxy.java:52)
       at org.apache.struts2.dispatcher.Dispatcher.serviceAction(Dispatcher.java:485)
       at org.apache.struts2.dispatcher.FilterDispatcher.doFilter(FilterDispatcher.java:395)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
  Edited by: 938276 on Jul 25, 2012 7:55 AM

  No you haven't, because
  Caused by: java.lang.NoClassDefFoundError: org.example.www.Sample_PortType a relevant class can still not be found and Java really is not going to lie to you; this class is not on your application's classpath so it is either missing or put in the wrong place. Note that missing classes can be caused by you forgetting to properly redeploying your application - its usually something silly like that. Figure out what you did wrong and correct your mistake.
  The fact that you have to mention that you "setup the classpath" is questionable; in web applications you don't touch the classpath at all. So what exactly did you do?

• How to call OWSM secured web-service from ADF application

  I have a OWSM secured web-service, which takes username/password.
  I want to invoke this webservice from ADF application. ADF application has its own security and it takes its own username/password. End user can't provide the username/password for web-service call. My ADF application should call the webservice and provide it appropriate username/password.
  What is the best practice to handle such scenario. I don't want to hardcode username/password in Java (ADF) code.
  Thanks
  Sanjeev.

  it is not clear to me if you are having problems with calling java code from OIM or if the problem is the web service API.
  Lets do some divide and conquer:
  Can you create a simple java class that just writes a couple of lines to the log? Please attach this code to the OIM task and make sure it runs.
  Once this works we can start looking at the web service call.
  Best regards
  /Martin

• Unable to invoke a secured web service

  Hi all
  I have been trying to call a secured web service which enforces wss11_saml_token_with_message_protection_client_policy policy. To create a web proxy in JDev, I am using the following wiki - http://aseng-wiki.us.oracle.com/asengwiki/display/ASDevOWSM/How+can+I+create+a+JSE+client+to+invoke+ADF+BC+Web+Service+with+OWSM+wss11_saml_token_with_message_protection_service_policy (scroll down to find "Creating JSE client for above Web service")
  I have got the default-keystore.jks, cwallet.sso and jps-config.xml from the webservice env. I am getting this error now -
  SEVERE: WSM-00055 The keystore located at xyzabc\default-keystore.jks cannot be loaded due to java.io.IOException: Keystore was tampered with, or password was incorrect. Ensure that valid keystore type and password are configured.
  Any pointers would be appreciated.
  Thanks,
  Pushkal

  One more update i tried printing l_http_response.status_code and got 302.
  Thanks,
  PKV

• Invoking multiple host web services from JCAPS web service (RemoteException

  I am trying to invoke 2 web services sequentially ( not JCAPS service , some host service exposed as web service ), from my jcd which is also exposed
  as a web service.Both the host service have incorporated basic http authentication scheme,and i am setting the security credentials in the enviornment.
  (ie SOAP/HTTP external systems - client).
  However when I deploy my web service and try to invoke the host services,the first host service being called is invoked successfully and i get the response back.But the second service throws a RemoteException and the SOAP response carries "Client not authorized" message in faultstring detail tag.
  I do have separate external SOAP/HTTP systems for both the services,also the external systems have been configured with
  the HTTP basic authentication credentials.
  Infact I tried creating 2 separate JCAPS service for calling the host services individually.I am able to get the expected output
  from the services.
  The issue only arises when the host services are invoked in a sequential manner from a single JCAPS service.
  Please do let me know if i can fill in some more gaps in the information i have provided.
  Could this possibly be an issue in JCAPS?

  I have couple of doubts in this context.
  a) Is this issue only restricted when web services not developed using JCAPS are invoked or it arises also when 2 JCAPS external services are invoked
  sequentially.(I tried a PoC where in i created 2 deployments for calling the host services and invoked the deployment using another JCAPS web service and it worked fine)
  b) Also if this issue only arises when the external web services being invoked have security credentials or just invoking any web services in sequence create
  this problem.
  PS : Any link to contact the sun support team?

• Failed Calling A X.509 Certificate Secured Web Service From OSB

  Hi,
  I have wsdl resource, business service and proxy service setup in OSB 11.1.1.6 on Linux. The business service will consume a X.509 certificate secured web service running on a remote server.
  Below is my approach:
  The consumer of the proxy service of OSB signs its saop request header.
  My OSB proxy service authenticates the signature and forward the request to business service.
  The business service signs the outbound soap request header. (To do this I configured the keystore in Security Provider Configuration of my SOA_domain in Enterprise Manager. Also I applied Web Service Policy of Service Client type to the business service.)
  This is not working yet. Not sure if my approach is correct or not?
  Thank you,
  Eric

  I validated the keystore, all the certificates used and the value for keystore.sig.csf.key / value for keystore.recipient.alias. They are all as expected. Restarted the server. Still failed for OSB to invoke the remote secured web service, but worked if only use soapUI to invoke the same remote secured web service directly.
  The error message is:
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption)
  In the soap request / reponse message shown in the OSB Test Console, there seems to be two signature sections in the header and encryption section although I tried not to encrypt the soap request. I am using Web Service Client Policy "calpers/wss11_x509_token_with_message_integrity_client_policy_osb" which was created based on "oracle/wss11_x509_token_with_message_protection_client_policy". The difference between the two policies is my policy not to sign nor to encrypt entire body.
  In the "Message Signing Setting" section, I unchecked the "Include Entire Body" and left the three default namespaces under the Header Elements.
  In the "Message Encrypt Setting" section, I unchecked the "Include Entire Body" and also left the one default namespace under the Header Elements.
  I don't know how to attach document here, so i add long saop message here.
       Business Service Testing - BookSec_Biz_Svc_52
       Request Document
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsu:Timestamp wsu:Id="Timestamp-eEud1RcUOPcnV0fDqd6gZQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsu:Created>2013-03-14T18:10:00Z</wsu:Created>
  <wsu:Expires>2013-03-14T18:15:00Z</wsu:Expires>
  </wsu:Timestamp>
  <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-VnzMtSwHMI8THKi2hhG2SQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  MIICazCCAdSgAwIBAgIEUTY65zANBgkqhkiG9w0BAQUFADB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwHhcNMTMwMzA1MTgzNTE5WhcNMTMwNjAzMTgzNTE5WjB6MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxEzARBgNVBAcTCk1ldHJvcG9saXMxFjAUBgNVBAoTDUp1c3RpY2UgTGVhZ2UxFjAUBgNVBAsTDUp1c3RpYyBMZWFndWUxEzARBgNVBAMTCkNsYXJrIEtlbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJhF0cMUwB/EjAyIOy9Cq8KCDqTXvlnlvMGq6LEhiGOtrATYy+JnHURcPUeusi65Ua3bE7JACWhHJ0fYEl7NtxPPSN3Q1RovkWGQ6I5O2XuEyMHg3MISh2CHhnkGSR+W6riDSUoB0ZC0KTgu14OTwqo54JSY/ugQszY7QC9DAuabAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAWeQ6LjMo12bY65GmnrmLdbRNm95RkL6gJCKa9pyUaMfvaIqKpmMQW8RM+eB90CR5DrM8oO2+8uKcqTt/pGNRYi2UJh2X0CdmyQQTmf3mCfgoZ597VTl+k3mKHKeeST7ZwAyBRL2jI0VisopFHpUhIwABoDgwOMpLcCF974AZ2rA=
  </wsse:BinarySecurityToken>
  *<dsig:Signature* Id="XSIG-oISn2AADumTdR86sONuz8g22" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
  <dsig:Reference URI="#Timestamp-eEud1RcUOPcnV0fDqd6gZQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>3LQ1IpQR3rKHvP6Ov/m9ZRoecZM=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>X2BUn9TLL26Ay9A3HGEn/mnGCCE=</dsig:SignatureValue>
  <dsig:KeyInfo>
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#EK-h7saqC1VyBKZw2n1IHz8GQ22" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<dsig:Signature* xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <dsig:SignedInfo>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <dsig:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>dau9qjB2lxIvlaoDIHuWVHqjulI=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#STR-QC3ZDBRwsXv8unEWVns9rQ22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
  <wsse:TransformationParameters>
  <dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </wsse:TransformationParameters>
  </dsig:Transform>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>nPO9mKSC9cMg2fEkGZI+ujy5O1Q=</dsig:DigestValue>
  </dsig:Reference>
  <dsig:Reference URI="#XSIG-oISn2AADumTdR86sONuz8g22">
  <dsig:Transforms>
  <dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </dsig:Transforms>
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <dsig:DigestValue>qXkW/ZFFNc8Bu0VL9eF6c4np7IA=</dsig:DigestValue>
  </dsig:Reference>
  </dsig:SignedInfo>
  <dsig:SignatureValue>
  MuHCTh5cW8TiVKtkWFl+Of2EFAiHwuPTR7J9b4/n2KZtPy2OCrgi1lBpuzhFKLhoBxYNOK8TMOa/3b223Vv+CQUfUP7z0YVj5Ck7QETYngaQlS07KulnstJjsAgHBV8Zk3A0EafuWF2c3t5wBzEkgEC99v0EdY3mRiCzt7vh2qs=
  </dsig:SignatureValue>
  <dsig:KeyInfo Id="KeyInfo-0LT1QavoIVXOHesZfrxTwg22">
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#BST-VnzMtSwHMI8THKi2hhG2SQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  +*</dsig:Signature>*+
  *<xenc:EncryptedKey* Id="EK-h7saqC1VyBKZw2n1IHz8GQ22" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
  <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
  <dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"/>
  </xenc:EncryptionMethod>
  <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
  <wsse:SecurityTokenReference wsu:Id="STR-QC3ZDBRwsXv8unEWVns9rQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">q9Z9yPxvNw4CvSLQNI4rxVlSF+w=</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  </dsig:KeyInfo>
  <xenc:CipherData>
  <xenc:CipherValue xmime:contentType="application/octet-stream" xmlns:xmime="http://www.w3.org/2005/05/xmlmime">
  Tgdhxy6wMJBBrw23iq1GLCm0TYKBXSVQvBcN+7TXdXL6FPSjhcbfXqtoz7wzirbSwUZuu+DrYuWs
  0BjRXqw3auUSCMlkm4IoT1ag3wFQQ/PEbB8HNlYhW3gp/At3toTw+k5p9wOUd4BMFAiXyeHQ8+dQ
  8JUiohXhiHErTDn6fFQ=
  </xenc:CipherValue>
  </xenc:CipherData>
  </xenc:EncryptedKey>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <book:BookRequest xmlns:book="http://www.dortman.com/books/BookService">
  <book:bookId>10</book:bookId>
  <book:bookTitle>eric</book:bookTitle>
  <book:bookAuthor>Z</book:bookAuthor>
  </book:BookRequest>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Document
  The invocation resulted in an error: Internal Server Error.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Body>
  <soapenv:Fault>
  <faultcode>soapenv:Client</faultcode>
  <faultstring xmlns:lang="en">
  General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption) </faultstring>
  </soapenv:Fault>
  </soapenv:Body>
  </soapenv:Envelope>
       Response Metadata
  <con:metadata xmlns:con="http://www.bea.com/wli/sb/test/config">
  <tran:headers xsi:type="http:HttpResponseHeaders" xmlns:http="http://www.bea.com/wli/sb/transports/http" xmlns:tran="http://www.bea.com/wli/sb/transports" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <tran:user-header name="Accept" value="text/xml"/>
  <tran:user-header name="Expires" value="Thu, 14 Mar 2013 18:10:01 GMT"/>
  <tran:user-header name="SOAPAction" value="&quot;&quot;"/>
  <http:Cache-Control>max-age=0</http:Cache-Control>
  <http:Connection>close</http:Connection>
  <http:Content-Type>text/xml; charset=UTF-8</http:Content-Type>
  <http:Date>Thu, 14 Mar 2013 18:10:01 GMT</http:Date>
  <http:Server>Apache</http:Server>
  <http:Transfer-Encoding>chunked</http:Transfer-Encoding>
  </tran:headers>
  <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">2</tran:response-code>
  <tran:response-message xmlns:tran="http://www.bea.com/wli/sb/transports">Internal Server Error</tran:response-message>
  <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">UTF-8</tran:encoding>
  <http:http-response-code xmlns:http="http://www.bea.com/wli/sb/transports/http">500</http:http-response-code>
  </con:metadata>

• Invoking Webcenter sites web services from SoapUI

  Hi,
  I want to invoke the OOTB web services of WCS from soap UI.
  I have installed the soap UI and trying to create a new project. I entered the WCS web service URL "http://localhost:8080/cs/REST/types" in the create new project pop up in soapUI.
  On hitting OK button, I am getting the following error:
  Error loading [http://localhost:7001/cs/REST/types]: org.apache.xmlbeans.XmlException: org.apache.xmlbeans.XmlException: error: does not close tag
  If I use the same URL in IE browser, I am redirected to the CAS login page, and upon entering the credentials for WCS site, I am shown the XML result
  I think I am not able to figure out how to pass WCS site credentials from soapUI. Please help.

  It is not a simple case of appending or posting credentials to the REST call, you first need to get a ticket, then a service ticket, then you can make the rest call with your service ticket. You can find a description of the sequence of http calls here http://docs.oracle.com/cd/E29542_01/doc.1111/e29634/wemsecurity.htm#autoId2
  I am not very familiar with soapUI to describe exactly how to create this as a continuous and automatic sequence of steps but it seems you can do it within a generic project with a TestCase, containing two HttpRequest TestSteps, one to get the ticket, one to get the service ticket.
  The first TestStep needs to post "username" and "password" params to http://{host}:{port}/cas/v1/tickets, with the postQueryString box checked. The response contains the TGT (ticket granting ticket), which you can extract and store as a variable using an assertion with a script (see here). The response looks like this
  HTTP/1.1 201 Created
  Server: Apache-Coyote/1.1
  Location: http://celovmfw010.us.oracle.com:8080/cas/v1/tickets/TGT-20-EokDucPIpGduAfbazhmK7cDTPJ2ZZeaNH07AyazZ4eFOcCJbMP-cas-celovmfw010.us.oracle.com-1
  Content-Type: text/html;charset=UTF-8
  Transfer-Encoding: chunked
  Date: Tue, 04 Feb 2014 02:53:46 GMT
  <!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML 2.0//EN"><html><head><title>201  The request has been fulfilled and resulted in a new resource being created</title></head><body><h1>TGT Created</h1><form action="http://celovmfw010.us.oracle.com:8080/cas/v1/tickets/TGT-20-EokDucPIpGduAfbazhmK7cDTPJ2ZZeaNH07AyazZ4eFOcCJbMP-cas-celovmfw010.us.oracle.com-1" method="POST">Service:<input type="text" name="service" value=""><br><input type="submit" value="Submit"></form></body></html>
  The second TestStep then posts "service" param to http://{host}:{port}/cas/v1/tickets/{your_TGT}. The response contains the ST (service ticket), which you can extract with another assertion.
  Then you can make the REST call http://{host}:{port}/cs/REST/types?ticket={your_ST}
  Phil