OSB 11g proxy service test console fail with Broken pipe

Similar Messages

• SOAP Header based user/password authentication in OSB 11g Proxy Service

  Hi,
  I have implemented SOAP Header based authentication in my OSB 11g Proxy Service.
  In the Security settings of my AnySOAP(Soap 1.1) HTTP Proxy service, I have amde the following changes:
  1.
  In Transport Access Control link, i selected the User predicate, and provided an user already existing on weblogic server with following roles(AppTesters, Monitors, Operators).
  The AuthorizationProvider was XACMLAuthorizer
  2.
  Under Custom Authentication, I selected the Custom User Name and Password option, and provided the below mentiioned xpaths
  User Name XPath: ./*/*:Username/text()
  User Password XPath: ./*/*:Password/text()
  3.
  In Message Access Control link, i selected the User predicate with the same user as mentioned in Transport Access Control link.
  Now, when I am testing this service from OSB Test Console, I am providing the following input.
  <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/">
  <soap:Header>
  <AuthHeader>
  <N1:Username>userXYZ</N1:Username>
  <N1:Password>passXYZ</N1:Password>
  </AuthHeader>
  </soap:Header>
  <soap:Body>
  <!-- body payload -->
  </soap:Body>
  </soap:Envelope>
  The response is "The invocation resulted in an error: ."
  The OSB server logs show the below error:
  ####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0
  )>
  ####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException
  com.bea.wli.sb.security.AccessNotAllowedException
       at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
       at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
       at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
       at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
       at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
       at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
       at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
       at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
       at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
       at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
       at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
       at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
       at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
       at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
       at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
       at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
       at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Please suggest where I am going wrong in this. I have cross checked the user/pass credentials with what I am giving in the input, and it is perfectly fine.

  I have added the Username and Password as follows, since the namespace declaration was required due to the namespace prefix 'N1' in the XPath
  declare namespace N1="http://abcd.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Username/text()
  declare namespace N1="http://abcdp.com/common/bodcomponents/transactional/model/1.0/";./AuthHeader/N1:Password/text()
  I have removed the Message Access Control conditions, have only kept Transport Access Control conditions.
  If i keep the condition in Transport Access Control as "Allow access to everyone", and test with proper credentials in the Username/Password tags in SOAP Header, then it works fine. However, if I try to give an incorrect password in the SOAP Header, it denies the access. So that means the XPaths given for Username/Password are working fine. The OSB logs show the below message
  +####<Feb 10, 2011 12:59:21 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000ef2> <1297322961536> <BEA-386008> <Message level username/password authentication failed: [Security:090304]Authentication Failed: User weblogic javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User weblogic denied>+
  However if i add the condition with predicate as "User" and user name argument as "weblogic", and try to pass the same in the SOAP Header as well with the correct password, it denies the access with below message in the logs.
  +####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Security> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-387082> <Proxy service access denied (proxy: ABCD/Services/Common_HTTP_Proxy, subject: Subject: 0+
  +)>+
  +####<Feb 9, 2011 6:05:42 PM IST> <Error> <OSB Kernel> <test.abcd.co.in> <osb_server1> <[ACTIVE] ExecuteThread: '9' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <5a5769b8025ef997:-2bda316:12def49100a:-7fff-0000000000000c92> <1297254942782> <BEA-382004> <Failed to process request message for service ProxyService ABCD/Services/Common_HTTP_Proxy: com.bea.wli.sb.security.AccessNotAllowedException+
  com.bea.wli.sb.security.AccessNotAllowedException
  at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136)
  at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117)
  at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586)
  at com.bea.wli.sb.test.service.ServiceMessageSender.send0(ServiceMessageSender.java:329)
  at com.bea.wli.sb.test.service.ServiceMessageSender.access$000(ServiceMessageSender.java:76)
  at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:134)
  at com.bea.wli.sb.test.service.ServiceMessageSender$1.run(ServiceMessageSender.java:132)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
  at com.bea.wli.sb.test.service.ServiceMessageSender.send(ServiceMessageSender.java:137)
  at com.bea.wli.sb.test.service.ServiceProcessor.invoke(ServiceProcessor.java:454)
  at com.bea.wli.sb.test.TestServiceImpl.invoke(TestServiceImpl.java:172)
  at com.bea.wli.sb.test.client.ejb.TestServiceEJBBean.invoke(TestServiceEJBBean.java:167)
  at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl.invoke(TestService_sqr59p_EOImpl.java:353)
  at com.bea.wli.sb.test.client.ejb.TestService_sqr59p_EOImpl_WLSkel.invoke(Unknown Source)
  at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
  at weblogic.rmi.cluster.ClusterableServerRef.invoke(ClusterableServerRef.java:230)
  at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
  at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
  at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
  at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
  at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
  at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
  at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

• Catching and rethrowing a SOAP Fault from an OSB 11g Proxy service

  Hello,
  We have a chain of proxy services (that last one of which calls a business service) in our 11.1.1.6 OSB project.  At one of the lower levels, we successfully throw a fault like this:
  <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Fault xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
      <soap:faultcode>SOAP-ENV:Client</soap:faultcode>
      <soap:faultstring>Non-Existent User</soap:faultstring>
      <soap:faultActor>Client who consumed this Web Service operation</soap:faultActor>
      <soap:detail>
        <sc:UserNonExistentFault xmlns:sc="http://xmlns.sc.com/Services/V1">
          <sc:CustomerNumber>12345</sc:CustomerNumber>
        </sc:UserNonExistentFault>
      </soap:detail>
    </soap:Fault>
  </soapenv:Body>
  In the proxy service which calls this proxy service, I tried to catch this fault in an Error Handler so that I could confirm that it's available for me to re-throw back up the chain.  Curiously, the proxy service which calls that proxy service cannot see that fault.  But rather it sees what appears to be an OSB-overridden fault:
  <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
    <con:errorCode>BEA-380000</con:errorCode>
    <con:reason>com.bea.wli.sb.pipeline.PipelineException</con:reason>
    <con:details>
      <err:ErrorResponseDetail xmlns:err="http://www.bea.com/wli/sb/errors">
        <err:response-metadata xsi:type="sb:SBResponseMetaDataXML" xmlns:sb="http://www.bea.com/wli/sb/transports/sb" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
          <tran:headers xsi:type="sb:SBResponseHeadersXML" xmlns:tran="http://www.bea.com/wli/sb/transports"/>
          <tran:response-code xmlns:tran="http://www.bea.com/wli/sb/transports">1</tran:response-code>
          <tran:encoding xmlns:tran="http://www.bea.com/wli/sb/transports">utf-8</tran:encoding>
        </err:response-metadata>
      </err:ErrorResponseDetail>
    </con:details>
    <con:location>
      <con:node>PipelinePairNode</con:node>
      <con:pipeline>PipelinePairNode_request</con:pipeline>
      <con:stage>GetCustomerByNumber</con:stage>
      <con:path>request-pipeline</con:path>
    </con:location>
  </con:fault>
  I have tried printing out the values of $body, $fault, $outbound and $inbound from the calling proxy service's Error Handler just to see if our <sc:UserNonExistentFault> is nested anywhere therein.  Unfortunately, it is nowhere to be found.
  How can we force OSB to NOT override our faults with OSB-framework faults and, instead, just throw our custom fault all the way up the chain and back to the consumer?
  Thank you,
  Michael

  I think I figured this out.
  In proxyService-2, build the <soap:Fault> and assign it to the body, then Reply with Failure (as you mentioned above).
  When proxyService-1 receives this, it will still be in the $body variable.  But the $fault variable is now populated with a BEA-38000 error.  It seems that as long as the $fault variable has data in it, then the OSB system will throw that instead of my fault (ignoring the <soap:Fault> I put into the body).
  So what I did was to Delete the $fault variable in the error handler of proxyService-1, then Reply with Failure (again).
  It would seem as if the inner workings of OSB has some logic like:
  if $fault is not null, throw the BEA-####### fault.  Otherwise, return the contents of the $body.
  By removing the fault, I effectively got to that "else/otherwise" condition.
  Of course, the Reply with Failure is still needed to ensure that an HTTP 500 error is passed with the fault (per the SOAP specification).
  Cheers!
  Michael

• [svn:bz-trunk] 14655: Fix hostname in failing MXUnit proxy service tests.

  Revision: 14655
  Revision: 14655
  Author:   [email protected]
  Date:     2010-03-09 18:41:52 -0800 (Tue, 09 Mar 2010)
  Log Message:
  Fix hostname in failing MXUnit proxy service tests. The hostname flexteam.macromedia.com no longer resolves. Changed the tests to just use flexteam as the hostname. We probably shouldn't have tests that rely on flexteam but we can worry about that later.
  Modified Paths:
      blazeds/trunk/qa/apps/qa-regress/testsuites/mxunit/tests/proxyService/202863/bug202863Doc Lit.mxml
      blazeds/trunk/qa/apps/qa-regress/testsuites/mxunit/tests/proxyService/202863/bug202863Rpc Enc.mxml

• OWSM 11gR1 PS2 agent to secure OSB 11g business service

  Hi,
  Can anyone share any resources/information on how to secure an OSB 11g business service by using OWSM 11g agent? Its a new feature released with OWSM 11gR1 PS2 (11.1.1.3.0) release. Also, can we do the same for OSB 10g?
  Thanks,
  Bijoy

  Hi Bijoy,
  Documentation is here (for PS2 with OSB 11g)-
  http://download.oracle.com/docs/cd/E14571_01/doc.1111/e15866/owsm.htm#CHDEEGJI
  can we do the same for OSB 10g?No, it is not supported.
  Regards,
  Anuj

• Snow Leopard unusable with Broken Pipe messages in the console

  Hello
  Recently, probably after having installed OS X 10.6.8, I noticed that after a while, something within the OS becomes saturated leading to no new processes being able to be started.  All existing programs continue to run and all seems normal except if a running program needs to call another program (e.g., Mail needing to fetch a password from Keychain Access).
  The console then becomes awash with broken pipe messages and a whole bunch of error logs are created for various programs.
  This is causing me great irritation as everytime I am forced to restart the machine (sometimes by forcing a hard-reboot).
  I would really appreciate any help on this matter.  I would rather not have to completely re-install the OS if I can help it.
  The following is a typical excerpt from the system.log:
  Oct 29 13:00:11 mbpag activitymonitord[519]: Request failed: Broken pipe
  Oct 29 13:00:11 mbpag Activity Monitor[497]: Error communicating with activitymonitord - ipcErr = 1
  Oct 29 13:00:11 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40918]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:12 mbpag quicklookd[40918]: [QL] Can't remove user interaction with Security framework: 226
  Oct 29 13:00:12 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40918]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:12 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40918]: GetOurLSSessionIDInit(), returned error 0xe2, securitySessionID=0x0 attrs=0 uid=501 euid=501.  cf Radar 5123589.
  Oct 29 13:00:12 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40918]: LaunchServices: GetOurLSSessionIDInit() returned err #226, securitySessionID == 0x0, vers=10600000 uid=501 euid=501
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40919]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40919]: GetOurLSSessionIDInit(), returned error 0xe2, securitySessionID=0x0 attrs=0 uid=501 euid=501.  cf Radar 5123589.
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40919]: LaunchServices: GetOurLSSessionIDInit() returned err #226, securitySessionID == 0x0, vers=10600000 uid=501 euid=501
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40920]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40920]: GetOurLSSessionIDInit(), returned error 0xe2, securitySessionID=0x0 attrs=0 uid=501 euid=501.  cf Radar 5123589.
  Oct 29 13:00:12 mbpag /System/Library/CoreServices/ReportCrash[40920]: LaunchServices: GetOurLSSessionIDInit() returned err #226, securitySessionID == 0x0, vers=10600000 uid=501 euid=501
  Oct 29 13:00:12 mbpag com.apple.launchd.peruser.501[452]: catch_mach_exception_raise_state_identity(): PID: 40920 thread: 0x13d07 type: 0xa code: 0x1000f8044 codeCnt: 0x2 flavor: 0x1000f8054 old_state: 0x1000f805c old_stateCnt: 0x2c new_state: 0x1000f702c new_stateCnt: 0x1000f7028
  Oct 29 13:00:12 mbpag com.apple.launchd.peruser.501[452] (com.apple.ReportCrash.Self[40920]): Job appears to have crashed: Abort trap
  Oct 29 13:00:12 mbpag com.apple.launchd.peruser.501[452] (com.apple.ReportCrash[40919]): Job appears to have crashed: Abort trap
  Oct 29 13:00:13 mbpag com.apple.ReportCrash.Root[40921]: 2011-10-29 13:00:13.015 ReportCrash[40921:2803] Saved crash report for ReportCrash[40919] version ??? (???) to /Library/Logs/DiagnosticReports/ReportCrash_2011-10-29-130012_localhost.crash
  Oct 29 13:00:13 mbpag com.apple.launchd.peruser.501[452] (com.apple.quicklook[40918]): Job appears to have crashed: Abort trap
  Oct 29 13:00:13 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40924]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:13 mbpag quicklookd[40924]: [QL] Can't remove user interaction with Security framework: 226
  Oct 29 13:00:13 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40924]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:13 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40924]: GetOurLSSessionIDInit(), returned error 0xe2, securitySessionID=0x0 attrs=0 uid=501 euid=501.  cf Radar 5123589.
  Oct 29 13:00:13 mbpag /System/Library/Frameworks/QuickLook.framework/Resources/quicklookd.app/Content s/MacOS/quicklookd[40924]: LaunchServices: GetOurLSSessionIDInit() returned err #226, securitySessionID == 0x0, vers=10600000 uid=501 euid=501
  Oct 29 13:00:13 mbpag com.apple.launchd.peruser.501[452] (com.apple.ReportCrash): Throttling respawn: Will start in 9 seconds
  Oct 29 13:00:13 mbpag com.apple.ReportCrash.Root[40921]: 2011-10-29 13:00:13.426 ReportCrash[40921:2f03] Saved crash report for quicklookd[40918] version ??? (???) to /Library/Logs/DiagnosticReports/quicklookd_2011-10-29-130013_localhost.crash
  Oct 29 13:00:13 mbpag activitymonitord[519]: Request failed: Broken pipe
  Oct 29 13:00:13 mbpag Activity Monitor[497]: Error communicating with activitymonitord - ipcErr = 1
  Oct 29 13:00:15 mbpag activitymonitord[519]: Request failed: Broken pipe
  Oct 29 13:00:15 mbpag Activity Monitor[497]: Error communicating with activitymonitord - ipcErr = 1
  Oct 29 13:00:17 mbpag /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/pl ugin-container[40931]: SessionGetInfo(0xffffffff) -> Mach 1102
  Oct 29 13:00:17 mbpag /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/pl ugin-container[40931]: GetOurLSSessionIDInit(), returned error 0xe2, securitySessionID=0x0 attrs=0 uid=501 euid=501.  cf Radar 5123589.
  Oct 29 13:00:17 mbpag /Applications/Firefox.app/Contents/MacOS/plugin-container.app/Contents/MacOS/pl ugin-container[40931]: LaunchServices: GetOurLSSessionIDInit() returned err #226, securitySessionID == 0x0, vers=10600000 uid=501 euid=501
  Oct 29 13:00:17 mbpag activitymonitord[519]: Request failed: Broken pipe

  sangak wrote:
  I was hoping I'd get a magic solution instead of the dreaded OS reinstall.
  That is the magic solution, it gives you a new OS X copy which you immediately update, leaves all your files and programs alone. (unless they have kernel extensions and you need to update those programs)
  It's fast, easy and simple, it's Lion "overwrites" that are a pain because it needs the Internet.
  There is only one person here that spends his time analyzing such under the hood details and usually has to tell you what I'm saying anyway because that's the only way to correct it.
  I'm trying to get you done and out of my way and you back to your life.
  I must say that I am quite disappointed with the kernel failing in this way - it is not really in keeping with the robust/Unix reputation...
  Don't know what the problem is, it is very robust, but hard drives are based on magnetic bits and those bits fail, the best OS in the world can't stand up if the chair it's standing on is kicked out from underneath it.
  OS X only takes 4.5GB, Apple could have incorporates a automatic recovery parttion check upon boot and restored OS X if if didn't boot, but they didn't do that.
  Then when they have to place a recovery partiton like in Lion as they are phasing out the optical drive, they make one get online to get a new copy of OS X.
  How stupid is that?

• Forwarding FAILED: errno=Broken pipe

  Hi,
  I have the following SMTP error when I try to send mail.
  host 127.0.0.1[127.0.0.1] said: 451 4.5.0 Error in processing, id=03105-02, forwarding FAILED: errno=Broken pipe (in reply to end of DATA command
  no matter what i try, it won't work. Does anyone has an idea? that would be really sweet!!!
  _Here is my postconf -n output :_
  command_directory = /usr/sbin
  config_directory = /etc/postfix
  content_filter = smtp-amavis:[127.0.0.1]:10024
  daemon_directory = /usr/libexec/postfix
  debugpeerlevel = 2
  enableserveroptions = yes
  html_directory = no
  inet_interfaces = all
  mail_owner = _postfix
  mailboxsizelimit = 0
  mailbox_transport = cyrus
  mailq_path = /usr/bin/mailq
  manpage_directory = /usr/share/man
  mapsrbldomains =
  messagesizelimit = 15728640
  mydestination = $myhostname,localhost.$mydomain,localhost,server.eremiya.com,eremiya.com
  mydomain = eremiya.com
  mydomain_fallback = localhost
  myhostname = server.eremiya.com
  mynetworks = 168.100.189.0/28, 127.0.0.0/8
  mynetworks_style = host
  newaliases_path = /usr/bin/newaliases
  queue_directory = /private/var/spool/postfix
  readme_directory = /usr/share/doc/postfix
  sample_directory = /usr/share/doc/postfix/examples
  sendmail_path = /usr/sbin/sendmail
  setgid_group = _postdrop
  smtpdclientrestrictions = permitsaslauthenticated permit_mynetworks rejectrblclient zen.spamhaus.org permit
  smtpdenforcetls = no
  smtpdpw_server_securityoptions = cram-md5
  smtpdrecipientrestrictions = permitsasl_authenticated,permit_mynetworks,reject_unauthdestination,permit
  smtpdsasl_authenable = yes
  smtpdtls_certfile = /etc/certificates/Default.crt
  smtpdtls_keyfile = /etc/certificates/Default.key
  smtpduse_pwserver = yes
  smtpdusetls = yes
  unknownlocal_recipient_rejectcode = 550
  unknownvirtual_alias_rejectcode = 450
  unknownvirtual_mailbox_rejectcode = 450
  virtualaliasdomains = hash:/etc/postfix/virtual_domains
  virtualaliasmaps = hash:/etc/postfix/virtual
  virtualmailboxdomains = hash:/etc/postfix/virtualdomainsdummy
  virtual_transport = lmtp:unix:/var/imap/socket/lmtp
  _End of output_
  Thanks a lot in advance!!

  This looks like either a problem in your amavisd configuration in /etc/amavisd.conf (amavisd is the content filter) or in /etc/postfix/master.cf
  If you made any changes to those files, look for typos.

• OSB 1031: proxy service and publishing JMS messages with no duplicates

  Hi all,
  we have a Web Service proxy that publishes messages into a JMS queue. The queue is persistent and the related connection factory is XA enabled.
  The proxy does the call to the JMS business service from a route node.
  If a failure occurrs after the publishing returns successfully, the caller receives back an error and it will try again to call the web service proxy.
  As the message has been published successfully and was not rollbacked by the proxy, the second call could put on the JMS queue a duplicate message.
  As far as we know only with JMS proxy service, OSB starts a transaction within the pipeline or are we wrong ?
  What do you suggest in order to avoid such a scenario described above ?
  Thanks and regards
  ferp

  Try this link to depict the behavior
  http://allthingsmdw.blogspot.com.au/2012/09/osb-service-callouts-and-oql-part-1.html

• OSB 11g: static service account customization

  Hi all,
  I'm currently evaluating OSB 11g with respect to our existing OSB 10g configuration and build process. For OSB 10g, we use a simple and straightforward method to customize service accounts between development stages. We have a plain text file with login and password inside which is applied to configuration in the same way as is the standard customization. In result, there is one configuration for all stages, one customization per stage and one plain text file with passwords per stage. For each stage this triplet is imported through JMX to OSB and we are very happy with that. Regarding service accounts we use a tool quite similar to the one described here:
  customization for static service account
  The problem is that in case of 11g there is probably no chance for us to go the same way any longer. There is no ServiceAccountConfigurationMBean to use. I went through all classes in http://download.oracle.com/docs/cd/E14571_01/apirefs.1111/e15033/index.html and didn't find anything useful for accounts customization.
  The only one relevant idea I found is the trick based on <cus:externalReferenceMap> and described here:
  What needs to be chnaged in ALSBCustomization.xml file
  However, from usability point of view this is far from out current solution.
  Please, isn't there a better way to customize static service accounts in OSB 11g? I have a terrible feeling that either me or somebody at Oracle went mental. :-)

  Just to close this thread ...
  I raised a service request on Oracle support and the answer was that our OSB 10g approach is no longer supported in 11g and that the recommended way is to customize accounts manually using service bus console.

• OWSM Custom Assertion for OSB RESTful Proxy Service

  Hello,
  I have implemented a Custom OWSM Assertion to authenticate requests with a custom token placed in a HTTP header. I can assign this assertion to a SOAP proxy service as a security policy. However I am not able to assign the very same policy to a Restful JSON service (Proxy service defined as messaging service with text message type). I am getting this error:
  [OSB Kernel:398128]One of the Web service policy attached is not allowed on service default/RESTful because the service binding does not support it
  My policy:
  <wsp:Policy xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy"
      xmlns:custom="http://custom"
      orawsp:status="enabled"
      xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" orawsp:category="security"
      orawsp:attachTo="binding.server" wsu:Id="http_customtoken_authentication_policy"
      xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
      wsp:Name="custom/http_customtoken_authentication_policy">
      <custom:customTokenHttpAuthentication
          orawsp:Silent="true" orawsp:Enforced="true"
          orawsp:name="Http custom token Authentication" orawsp:category="security/authentication" >
          <orawsp:bindings>
              <orawsp:Config orawsp:name="authenticationassertion"
                  orawsp:configType="declarative">
                  <orawsp:PropertySet orawsp:name="headerName">
                      <orawsp:Property orawsp:name="headerName"
                          orawsp:type="string" orawsp:contentType="constant">
                          <orawsp:Value>CustomToke</orawsp:Value>
                      </orawsp:Property>
                  </orawsp:PropertySet>
              </orawsp:Config>
          </orawsp:bindings>
      </custom:customTokenHttpAuthentication>
  </wsp:Policy>
  My OSB version is OSB 11g PS6 and in this version, OWSM policies are supported for Restful services. Interesting is, that the built-in policy oracle/http_basic_auth_over_ssl_service_policy can be assigned to my Restful service. Do you know a solution for the problem, how can I assign my custom assertion to the Restful service? Anything special is needed in the policy definition?
  Thanks.
  Marian

  Hi Vinoth,
  The users/groups are picked up from the LDAP configured in Security Realms->myRealm->Providers
  You basically have 2 options:
  - You can configure your LDAP in Providers
  - Use the DefaultAuthenticator that weblogic provides you by default.
  If you do not want to configure an LDAP, and want to use weblogic's default, then all you have to do is add users and groups in Security Realms->myRealm->Users and Groups
  Do mark this as useful or answered, if this has helped.

• Reset the HTTP response code in OSB for proxy service

  Hi,
  I created a HTTP proxy service in ALSB with any XML message option. There are some business scnearios for which i need to send a custom error message in the HTTP body. I am replacing the $body variable with the error message and sending reply with success.As i am using reply with success it sends a HTTP response status code as 200 Ok.
  However based on different error conditions i want to send appropraite http response code. How can this be achieved?

  I would like to share the solution so that it would be useful to all the users of the forum.
  There is a http:http-response-code element in the $inbound variable which is optional element. You need to insert this element to the $inbound using the insert action. Here is the extract of the code:
  Insert [<http:http-response-code>401</http:http-response-code>] [ as last child of ] [./con:transport/con:response] in [inbound]
  Please note namespace con belongs to "http://www.bea.com/wli/sb/context".
  Edited by: [email protected] on Aug 12, 2009 10:47 PM

• OSB Exposing Proxy Service as Web Service to external consumers

  Hi all,
  I am trying to expose my proxy service which I have defined in OSB11g to be exposed to external applications and consumers, rather than listening to a queue or using a business service to receive the traffic. What would be the best approach and practice to this issue? Needless to say that since I mentioned this proxy needs to be exposed as web service, I'll be expecting back response. The endpoint that I am getting as result of creating this proxy comes to be in following format:
  /<project_name>/Services/ProxyServices/MyProxy
  This fine for apps deployed on the same domain, but not if they are not deployed on the same domain.
  thanks in advance

  From the information shared you, looks like you want to create a SOAP over HTTP webservice in OSB which will be the one exposed to external consumers.
  1. So to create such a Proxy service, you will need to define the interface using a WSDL (as mentioned by Pierluigi) first.
  2. Once done, you can create a Proxy (SOAP/HTTP) based using the above WSDL. Then implement your business logic in the message flow.
  3. As a part of the configuration, you can define the context root of the service. (by default you might be getting /<project_name>/Services/ProxyServices/MyProxy)
  You can customize as required, for e.x change this to /services/MyProxy
  4. The final URL that can be used to access the above proxy will be as follow:
  http://<hostname>:<port>/services/MyProxy for HTTP
  https://<hostname>:<port>/services/MyProxy for HTTPS accordingly.
  Depending on the way your domain is configured (managed servers) you can change the hostname and port.
  So irrespective of where this service is deployed, you should be able to access it.
  Do let me know in case my understanding is incorrect.
  Thanks,
  Patrick

• OSB Business -Proxy Service

  Hi,
  I need to call WSDL which has 2 operations. I need to pass default xml payload to operation 1 and the response I get, has to be passed to invoke operation 2. I have created 2 business services and after I create a proxy service :
  How to pass default xml to business service 1 ?
  How to pass response from business service 1 to business service 2 ?
  Thanks

  somebol, Prabhu
  If I use Service Callout , I see Request Document Variable where I can pass in the request ($body/<request>), as you mentioned.But, the default XML payload to business service does not come as input to Proxy Service, I need to pass that XML payload explicitly to business service op1.
  I was thinking if I have to use assign or replace to pass the XML payload to business service op1, but I am not sure how to do in my Proxy.
  My Input to Proxy Service is date , which at this point is not used anywhere.
  Thanks

• OSB: Configuring Proxy Service

  Hi,
  As I understand the "Proxy service" invokes the "Business service".
  Therefore when I configure the "ProxyService" there should be a "Create From Existing Service" section in the "General Configuration".
  But in my workbench I dont see the "Create From Existing Service" section.
  There is no way I can link the Proxy and the Business services.
  Any idea why that section is missing in my workbench and how to resolve it?
  Regards,
  Deepak

  Hi Deepak,
  Good catch. I never observed this specific thing through the Workbench. Yes through the workbench this options seems to be unavailable.
  You can invoke the business service via the Proxy Service by creating a route node and then selecting the business service in the route node configuration.
  this way your proxy service can invoke the business service.
  This might not be the solution you are looking for, but still wanted to let you know that it is not a must to use the "Create From Existing Service" option. The ""Create From Existing Service" would in turn also do the same thing (marked in bold). You can check this out using the sbconsole. :)
  Hope this helps.
  Thanks,
  Patrick

• Proxy Service Testing

  Routed Service - No Service has been invoked, the request in echoed. Can anyone help me about this?

  Do you have a route node in your message flow? If yes, then from route node are you routing it to any business service/another proxy service?
  Routed Service - No Service has been invoked, the request in echoedAbove line says that you have not routed the incoming request to any service in message flow.
  Regards,
  Anuj