OSB channels, Service access on ports

Hi,
I am looking to find how I can expose services (OSB proxy) on particular ports.
I've created new HTTP port (9999) under Server/Protcol/Channels. I've created proxy service PS1.
I want PS1 to be exposed only 9999. I can invoke PS1 on http://servername:9999/PS1
However PS1 is available on weblogic default port 7001 also. I dont want PS1 to be allowed on 7001.
Goin forward I will create a new channel - http and port 8888 and want to create a proxy service PS2 and want to expose only on 8888.
Bottom line, want to bind services to particular ports. Is this possible?
Thanks

Thanks Manoj.
I'll look into socket transports.
It appears out of the box there is no support for configuring services to run on specific http and http/s ports.
On a side note, is it possible to restrict access to client IPs at a port level ?
For example, let's say I've a proxy service PS1 on port 7001. I want to restrict the access to PS1 only to certain IPs. Is there a place where I can say all services running on port 7001 will be allowed access to only certain IPs and here are the list of those IPs.

Similar Messages

WSDL format to access osb proxy services in Service Bus 11gR1

We had OSB installed on 10.3. I used to refer to my proxy services from SCA using:
http://myserver.mycompany.com:7001/Folder1/ProxyServices/myService?wsdl
But now we have installed osb11g. The above url is not working. How do I refer my proxy services using SCA?
What is the WSDL format to access osb proxy services in Service Bus 11gR1 ?

in addition to what Anuj has mentioned you can also use resource servlet
Sharing resource across projects in OSB11g
Manoj

Oracle Service Bus -- Business service access to a HTTPS service

Hello,
One of the services OSB has to access runs HTTPS (SSL no authentication).
I can access the service test page from the browser as https://server:port/myservice
From OSB I need to configure the Business Service to access this service.
Which steps should I perform on the WL server and on OSB? (create a service provider? a keystore?)
Any experience welcome,
Thanks
Deborah

The root certificate of the CA who has signed the certificate of the HTTPS site has to be imported into the trust keystore for your managed servers. This includes setting up a custom trust keystore for the servers in WLS console and then importing the CA root certificate into the custom keystores using the keytool utility. All these are WLS configuration and not OSB specific. If your server has Hostname verification enabled ( another option under SSL tab in Server --> SSL on admin console) then ensure that the hostname on the site's certificate matches with the hostname part of the https URL..
Edited by: atheek1 on Mar 4, 2010 4:32 AM

How to implement 2-way SSL in OSB web services

Hi ,
I need to implement secured SSL communication in my OSB web services . For this I have used the self signed certificates in weblogic console and configured them .
I also enabled the https parameter in my proxy service but now when I am trying to open the proxy wsdl in browser it says unauthorised access.
Even in SOAP UI when I am trying to access it says "Error loading wsdl" .
Please help.

Hi,
Do you have created a Service Key provider and attached the same to proxy service.
Oracle Service Bus verifies that you have associated a service key provider with the proxy service and that the service key provider contains a key-pair binding that can be used as a digital signature.
Service Key Providers
Regards,
Abhinav

Cannot access forwarded ports from the internet

Hi all,
I have a Cisco 800 Series router that i configured to do some port forwarding. However i must have done something wrong, because i am unable to access the ports .
Here is the configuration file of the router.
Sorry it i pasted too much info, i'm new working with Cisco routers
Building configuration...
Current configuration : 9429 bytes
! Last configuration change at 13:39:12 PCTime Thu Jan 5 2006 by xxx
! NVRAM config last updated at 19:45:42 PCTime Mon Jan 2 2006 by xxx
version 15.0
no service pad
service tcp-keepalives-in
service tcp-keepalives-out
service timestamps debug datetime msec localtime show-timezone
service timestamps log datetime msec localtime show-timezone
service password-encryption
service sequence-numbers
hostname pbr.mtn.w
boot-start-marker
boot system tftp c860-universalk9-mz.153-3.M.bin 255.255.255.255
boot-end-marker
logging buffered 51200
logging console critical
enable secret 5 xxx
no aaa new-model
memory-size iomem 10
clock timezone PCTime 2
crypto pki trustpoint TP-self-signed-2673109117
enrollment selfsigned
subject-name cn=IOS-Self-Signed-Certificate-2673109117
revocation-check none
rsakeypair TP-self-signed-2673109117
crypto pki certificate chain TP-self-signed-2673109117
certificate self-signed 01
30820250 308201B9 A0030201 02020101 300D0609 2A864886 F70D0101 04050030
31312F30 2D060355 04031326 494F532D 53656C66 2D536967 6E65642D 43657274
69666963 6174652D 32363733 31303931 3137301E 170D3036 30313032 31373232
35395A17 0D323030 31303130 30303030 305A3031 312F302D 06035504 03132649
4F532D53 656C662D 5369676E 65642D43 65727469 66696361 74652D32 36373331
30393131 3730819F 300D0609 2A864886 F70D0101 01050003 818D0030 81890281
8100CD17 E55A2286 3F4D2F14 98499254 8DE9B540 7413A05A C229BD7E 72C6E7AA
7BD657C2 D824C6E4 0C0FD8AB 5EF6871B A28F298C 391DA225 FA4C92D7 5E3C6B06
B3447494 EA058319 72A69FEA 305751EE B7D7087A 406216C3 6CC14AB8 056B52F4
117366AD 531E0515 6801228D 7DAA8454 A00A880D 4023B8B3 983DE19C FB00F077
32450203 010001A3 78307630 0F060355 1D130101 FF040530 030101FF 30230603
551D1104 1C301A82 18706272 2E6D746E 2E772E79 6F757264 6F6D6169 6E2E636F
6D301F06 03551D23 04183016 80148E65 3A8C9B6B E552653E EA96DCD1 F13DD1F1
8198301D 0603551D 0E041604 148E653A 8C9B6BE5 52653EEA 96DCD1F1 3DD1F181
98300D06 092A8648 86F70D01 01040500 03818100 B6F568EE 3AFBBF7A B4DEC150
B6B8860B D953E444 8925C26C 4186AED4 8EAF9F2F D2F335E4 916F941C 1E831EEE
77C5A9A2 EB7EB7AA 540FF094 8FA28668 91C39BB2 2852DEB9 414DD37B EE984C20
CE755A14 37C41233 B0B93B55 52E15783 089B59AA AAE54620 352D3820 59DD24A3
F1E3EC91 CCDE72AA 7544C9C6 1C12EDAF 95767D97
      quit
no ip source-route
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 192.168.1.1 192.168.1.219
ip dhcp excluded-address 192.168.1.241 192.168.1.254
ip dhcp excluded-address 10.10.10.21 10.10.10.254
ip dhcp pool ccp-pool1
   import all
   network 10.10.10.0 255.255.255.0
   default-router 10.10.10.1
ip dhcp pool GuestPool
   import all
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.80
   dns-server 217.14.128.50 212.99.2.8 212.108.200.77 212.82.225.7
   lease 7
ip cef
no ip bootp server
ip domain name yourdomain.com
ip name-server 196.44.250.214
ip name-server 196.44.250.215
ip name-server 41.223.226.30
ip name-server 212.118.241.1
ip name-server 213.157.176.2
ip name-server 62.128.175.14
license udi pid CISCO861W-GN-E-K9 sn FCZ161392V5
username xxx privilege 15 secret 5 xxx
ip tcp synwait-time 10
ip ssh time-out 60
ip ssh version 2
class-map type inspect match-any ccp-cls-insp-traffic
match protocol cuseeme
match protocol dns
match protocol ftp
match protocol h323
match protocol https
match protocol icmp
match protocol imap
match protocol pop3
match protocol shell
match protocol realmedia
match protocol rtsp
match protocol smtp
match protocol sql-net
match protocol streamworks
match protocol tftp
match protocol vdolive
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-insp-traffic
match class-map ccp-cls-insp-traffic
class-map type inspect match-any ccp-cls-icmp-access
match protocol icmp
match protocol tcp
match protocol udp
class-map type inspect match-all ccp-invalid-src
match access-group 100
class-map type inspect match-all ccp-icmp-access
match class-map ccp-cls-icmp-access
class-map type inspect match-all ccp-protocol-http
match protocol http
policy-map type inspect ccp-permit-icmpreply
class type inspect ccp-icmp-access
inspect
class class-default
drop
policy-map type inspect ccp-inspect
class type inspect ccp-invalid-src
drop log
class type inspect ccp-protocol-http
inspect
class type inspect ccp-insp-traffic
inspect
class class-default
drop
policy-map type inspect ccp-permit
class class-default
drop
zone security out-zone
zone security in-zone
zone-pair security ccp-zp-self-out source self destination out-zone
service-policy type inspect ccp-permit-icmpreply
zone-pair security ccp-zp-in-out source in-zone destination out-zone
service-policy type inspect ccp-inspect
zone-pair security ccp-zp-out-self source out-zone destination self
service-policy type inspect ccp-permit
interface Null0
no ip unreachables
interface FastEthernet0
interface FastEthernet1
interface FastEthernet2
interface FastEthernet3
interface FastEthernet4
description $ES_WAN$$FW_OUTSIDE$
no ip address
no ip redirects
no ip unreachables
no ip proxy-arp
ip flow ingress
duplex auto
speed auto
pppoe-client dial-pool-number 1
interface wlan-ap0
description Service module interface to manage the embedded AP
ip unnumbered Vlan1
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
arp timeout 0
interface Wlan-GigabitEthernet0
description Internal switch interface connecting to the embedded AP
switchport mode trunk
interface Vlan1
description $ETH-SW-LAUNCH$$INTF-INFO-HWIC 4ESW$$ES_LAN$$FW_INSIDE$
ip address 192.168.1.80 255.255.255.0
no ip redirects
no ip unreachables
no ip proxy-arp
ip nbar protocol-discovery
ip flow ingress
ip flow egress
ip nat inside
ip virtual-reassembly
zone-member security in-zone
ip tcp adjust-mss 1412
interface Dialer0
description $FW_OUTSIDE$
ip address negotiated
no ip redirects
no ip unreachables
no ip proxy-arp
ip mtu 1452
ip flow ingress
ip nat outside
ip virtual-reassembly
zone-member security out-zone
encapsulation ppp
dialer pool 1
dialer-group 1
ppp authentication chap pap callin
ppp chap hostname xxx
ppp chap password 7 xxx
ppp pap sent-username xxx password 7 xxx
no cdp enable
ip forward-protocol nd
ip http server
ip http authentication local
ip http secure-server
ip http timeout-policy idle 60 life 86400 requests 10000
ip flow-top-talkers
top 20
sort-by bytes
cache-timeout 20
ip nat inside source list 1 interface Dialer0 overload
ip nat inside source static tcp 192.168.1.25 8890 interface Dialer0 8890
ip nat inside source static tcp 192.168.1.25 80 interface Dialer0 80
ip nat inside source static tcp 192.168.1.45 21 41.186.26.35 21 extendable
ip route 0.0.0.0 0.0.0.0 Dialer0
logging trap debugging
access-list 1 remark INSIDE_IF=Vlan1
access-list 1 remark CCP_ACL Category=2
access-list 1 permit 192.168.1.0 0.0.0.255
access-list 100 remark CCP_ACL Category=128
access-list 100 permit ip host 255.255.255.255 any
access-list 100 permit ip 127.0.0.0 0.255.255.255 any
dialer-list 1 protocol ip permit
no cdp run
control-plane
banner exec ^C
% Password expiration warning.
Cisco Configuration Professional (Cisco CP) is installed on this device
and it provides the default username "cisco" for one-time use. If you have
already used the username "cisco" to login to the router and your IOS image
supports the "one-time" user option, then this username has already expired.
You will not be able to login to the router with this username after you exit
this session.
It is strongly suggested that you create a new username with a privilege level
of 15 using the following command.
username <myuser> privilege 15 secret 0 <mypassword>
Replace <myuser> and <mypassword> with the username and password you
want to use.
^C
banner login ^C---------------------------------------------------------------------------
                              NOTICE TO USERS
THIS IS A PRIVATE COMPUTER SYSTEM. Unauthorized or improper use of this
system may result in administrative or disciplinary action and civil and
criminal penalties.
Any or all uses of this system and all files on this system are monitored,
and recorded.
This system is the property of xxx .
Disconnect IMMEDIATELY if you are not an authorized user!
^C
line con 0
login local
no modem enable
transport output telnet
line aux 0
login local
transport output telnet
line 2
no activation-character
no exec
transport preferred none
transport input all
line vty 0 4
privilege level 15
login local
transport preferred telnet
transport input telnet
scheduler max-task-time 5000
scheduler allocate 4000 1000
scheduler interval 500
end

You need...
Either a Fixed IP from your ISP, or a service like no-ip.org to look up your current IP.
How to find the "Outside" IP on that machine go here...
http://www.whatsmyip.org/
If there's a Router involved at home then incoming ports must be directed to the proper local IP.
Setup Sharing on the home Mac.

How can we call a OSB proxy service from a BPEL process?

Hi,
I want to call a OSB proxy service from a BPEL process. Can you please explain me the procedure?

Get the wsdl of the OSB proxy service and create webservice parnerlink in BPEL based on this wsdl to invoke the service
To form the wsdl url, copy the Endpoint URI configured to the proxy service(just click on the proxy service in the console) from the sbconsole - /ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService
Pre append <<protocol://OSB Hostname:OSB Port>> - http://localhost:8000/ and post append with ?WSDL
The final WSDL url look like - http://localhost:8000/ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService?WSDL
Regards
Albin I

OSB Proxy service request is echoed

Hi All
When I test my OSB proxy service, the request is being echoed back and the invocation trace just shows "No Service has been invoked, the request is echoed". I have created a Business service for my BPEL process and this is working fine. Only problem is when invoked from the proxy. The call is not even going to the BS. And there is no authentication or security policy attached to any of my services. Can someone please help?
Also, when I put the endpoint of the proxy service into my browser, it shows a Forbidden-403 error
The log file shows access denied exceptions. The trace from the log file is
Failed to process request message for service ProxyService OracleEbizProductServices/ProxyServices/GetOracleProductInventory: com.bea.wli.sb.security.AccessNotAllowedException com.bea.wli.sb.security.AccessNotAllowedException at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:136) at com.bea.wli.sb.pipeline.RouterSecurity.doAccessControl(RouterSecurity.java:117) at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:586) at
Any suggestions on what's going on?
Thanks in advance
Raja

Hi
We saw a similar issue in our environment. Suddenly all the proxy services were denying access. This happened after an IP address change on the servers running WLS Admin and OSB.
By clearing all the temp/cache files on both servers, and ensuring that the WLS Authentication Setting did not 'cache' results we were able to resolve the problem. Obviously we needed to restart the WLSAdmin and OSB managed servers as well.
Hope this helps.
Thanks

[OSB] Oracle Service Bus: select database DBadapter runtime

Suppose you have 2 databases DB1 and DB2 and both have the SCOTT scheme with the EMP table. The default way to gain access to the databases in the Oracle Service Bus (OSB) is by defining 2 database adapters and defining a business service on each adapter:
- BS1 DBadapter1 DB1.SCOTT.EMP
- BS2 DBadapter2 DB2.SCOTT.EMP
With this setup you can define a proxy service and let the message flow decide which adapter to call.
Now change this configuration a little and suppose you have 25 databases, you can define 25 database adapters and 25 business services, but that involves a lot of repeating work of defining adapters and business services. A more elegant configuration is one business service with one database adapter, and the database connection is set runtime in stead of design time.
PS BS DBadapter DB1.SCOTT.EMP ... DB25.SCOTT.EMP
The challenge is: how do you configure the database adapter runtime (called by an OSB business service).
With kind regards,
Jornica

Oracle Service Bus 10gR3 contains the JCA framework which will eventually allow us to exploit the whole set of JCA adapters currently in use in BPEL Process Manager. Over the next few months several JCA adapters will be certified to be used with Oracle Service Bus - the Database adapter is one of the first of these.
As for SOA Suite and WebLogic bundling, let me explain. SOA Suite contains the following products:
BPEL Process Manager
Business Activity Monitoring
Business Rules
Web Services Manager
Complex Event Processing
B2B
ESB (the old Oracle ESB product)
Service Bus (formerly AquaLogic Service Bus from BEA)
This does not come with an application server as the suite is hot-pluggable (i.e. can be used with a number of application servers). However, the preferred (and cheaper) approach is to purchase SOA Suite and WebLogic Suite (which contains iAS, WebLogic Enterprise Edition, Coherence, JRockit with 100ms deterministic garbage collection and WebLogic Operations Control). This is because some of the elements of the SOA Suite only currently run on iAS (B2B) and some only run on WebLogic Server (Oracle Service Bus) although in the future these will also become hot pluggable.
To find out more, check out the SOA Suite and WebLogic Suite pages below:
[SOA Suite|http://www.oracle.com/technologies/soa/soa-suite.html]
[WebLogic Suite|http://www.oracle.com/appserver/weblogic/weblogic-suite.html]
You will find the DataSheets are particularly useful for giving you an overview of the suite.
Hope that helps.
Chris

OSB: Proxy service used in the WSDL address hostname, I want to use IP

Hi all,
I have a proxy service , open the WSDL address is as follows :
==============================================================================================
<?xml version="1.0" encoding="UTF-8"?>
<s0:definitions name="GeneralInboundServiceDefinitions" targetNamespace="http://nc.sgcc.edb.inbound" xmlns:s0="http://schemas.xmlsoap.org/wsdl/" xmlns:s1="http://www.iec.ch/TC57/2008/schema/message" xmlns:s2="http://nc.sgcc.edb.inbound" xmlns:s3="http://schemas.xmlsoap.org/wsdl/soap/">
<s0:types>
<schema xmlns="http://www.w3.org/2001/XMLSchema" xmlns:ns="http://www.iec.ch/TC57/2008/schema/message" xmlns:s1="http://nc.sgcc.edb.inbound" xmlns:s2="http://schemas.xmlsoap.org/wsdl/soap/">
<import namespace="http://www.iec.ch/TC57/2008/schema/message" schemaLocation="http://10.118.59.85:7001/zxpt/services/GeneralInboundProxyService?SCHEMA%2Fhbdwzxpt%2FgeneralServices%2FResource%2FXSD%2FGeneralInboundService0"/>
</schema>
</s0:types>
<s0:message name="invokeDataService">
<s0:part element="s1:RequestMessage" name="parameters"/>
</s0:message>
<s0:message name="invokeDataServiceResponse">
<s0:part element="s1:ResponseMessage" name="parameters"/>
</s0:message>
<s0:portType name="GeneralInbound">
<s0:operation name="invokeDataService" parameterOrder="parameters">
<s0:input message="s2:invokeDataService"/>
<s0:output message="s2:invokeDataServiceResponse"/>
</s0:operation>
</s0:portType>
<s0:binding name="GeneralInboundServiceSoapBinding" type="s2:GeneralInbound">
<s3:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<s0:operation name="invokeDataService">
<s3:operation style="document"/>
<s0:input>
<s3:body parts="parameters" use="literal"/>
</s0:input>
<s0:output>
<s3:body parts="parameters" use="literal"/>
</s0:output>
</s0:operation>
</s0:binding>
<s0:service name="GeneralInboundServiceSoapBindingQSService">
<s0:port binding="s2:GeneralInboundServiceSoapBinding" name="GeneralInboundServiceSoapBindingQSPort">
<s3:address location="*_http://edb-8163dd8b4cb:7001/zxpt/services/GeneralInboundProxyService_*"/>
</s0:port>
</s0:service>
</s0:definitions>
===============================================================================================
The WSDL location is "http://edb-8163dd8b4cb:7001/zxpt/services/GeneralInboundProxyService", URL is used in the HOSTNAME, I want to return the IP OSB
Kindly Help
Thanks
ptwen

Please refer -
How to get ip number in WSDL instead of host name?
Why do you want to have IP instead of host name?
Regards,
Anuj

OSB: Issue while testing OSB proxy service using SOAPUI

Hi,
I am trying to test an OSB proxy service using SOAPUI.
The below are the steps i have followed in SOAPUI:
1. File->New SOAPUI project
2. Opens the dialog to create REST service
3. Given service endpoint as: http://<osb servername>:<port>
4. Opens dialog to create a REST resource
5. Resource Path/EndPoint is the OSB proxy service end point.
6. HTTP method = POST
The proxy service accepts 'text' input so i have given Media Type as 'text/plain'
But, when i give the request message and run the request. The request is not running. I am not seeing the processing symbol at the bottom right of the SOAP UI request. Whereas i am able to run other services.
Kindly help me resolve this issue.
Thanks,
Kalpana.

your problem:
Missing class: oracle.tip.adapter.jms.JmsManagedConnectionFactory
Dependent class: oracle.tip.adapter.fw.wsdl.WSDLUtils
Loader: oracle.bpel.common:10.1.3
Code-Source: /oraclesoa/oraclesoa/product/10.1.3.1/OracleAS_1/bpel/lib/orabpel.jar
Configuration: <code-source> in /oraclesoa/oraclesoa/product/10.1.3.1/OracleAS_1/j2ee/home/config/server.xml
It happens when server is custom installed, try to reinstall it as full version and problem should disappear otherwise your need another full installation to retrieve and replace orabpel.jar file from (or maybe more)

OSB RESTful service is not reachable

Hi Team,
I defined an OSB REST service as mentioned in https://blogs.oracle.com/jeffdavies/entry/restful_services_with_oracle_s_1
When I test it from SOAPui, it is not reachable. Any pointers please.
Thanks,
AG

You need to make an entry in OHS config files like below:-
Example:With the following configuration, requests for the /myapplication URI received at the Oracle HTTP Server listen port will be forwarded to /myapplication on the Oracle WebLogic Server with the listen port localhost:7001
<IfModule weblogic_module> <Location /myapp1> SetHandler weblogic-handler WebLogicHost localhost WeblogicPort 7001 </Location> </IfModule>
To forward requests to an application running on a cluster of Oracle WebLogic Server instances, specify the details of that destination cluster within a new<location> element.Syntax:
<IfModule weblogic_module> <Location path> SetHandler weblogic-handler WebLogicCluster host:port,host:port,... </Location> </IfModule>
http://docs.oracle.com/cd/E23943_01/web.1111/e16435/oracle.htm#PLGWL553

Tuning SIG 5583 - SMB Remote SAM Service Access Attempt

We are running Active Directory and this sig is firing 30000+ times a day. I do not want to disable the sig as we would likt to watch for external IP's as the source or destination.
Trouble is I cannot get an event filter to work for this beast and I cannot filter it at the sig level since there is no source/destination IP settings in the sig itself (SMB Engine).
Here is the event filter definition:-
NAME: InsideSAM_SMB
signature-id-range: 5583,5579 default: 900-65535
subsignature-id-range: 0-255 default: 0-255
attacker-address-range: $Inside default: 0.0.0.0-255.255.255.255
victim-address-range: $Inside default: 0.0.0.0-255.255.255.255
attacker-port-range: 0-65535 <defaulted>
victim-port-range: 139,445 default: 0-65535
risk-rating-range: 1-100 default: 0-100
actions-to-remove: produce-alert|produce-verbose-alert default:
deny-attacker-percentage: 100 <defaulted>
filter-item-status: Enabled default: Enabled
stop-on-match: True default: False
user-comment: <defaulted>
os-relevance: not-relevant default: relevant|not-relevant|unknown
The $Inside variable is 10.0.0.0-10.255.255.255
basically our entire internal network.
The events I am being flooded with are single events and not summarized.
Here is an example of an alert:-
evIdsAlert: eventId=1192231627181681635 vendor=Cisco severity=informational
originator:
hostId: IDS
appName: sensorApp
appInstanceId: 571
time: 11 February 2008 15:59:52 UTC offset=0 timeZone=GMT00:00
signature: description=SMB Remote SAM Service Access Attempt id=5583 version=S262
subsigId: 0
sigDetails: SMB Remote SAM Service Access Attempt
marsCategory: Info/Misc/NetBios
interfaceGroup: int8
vlan: 36
participants:
attacker:
addr: 10.36.3.52 locality=Inside
port: 2956
target:
addr: 10.11.1.63 locality=Inside
port: 445
os: idSource=learned type=windows-nt-2k-xp relevance=relevant
riskRatingValue: 25 targetValueRating=medium
attackRelevanceRating=relevant
threatRatingValue: 25
interface: ge0_8
protocol: tcp
As you can see BOTH the source and destination are within the ranges specified in the filter but the event is still firing.

You mean replace the $Inside with a specific range like 10.0.0.0-10.255.255.255.
Hmm. Nope. I have tried that and I have even tried specific IP addresses for the source/destination but still get alerts with exactly those two addresses getting through.
Filtering is working though as I have a filter active also for the 'DHCP offer' sig in that I have filtered out all our 'expected' DHCP sources, and SMTP filters for 'expected' SMTP sources.
Why can I not filter out SMB sources/ destinations such as Windows Servers and/or M$ Domain Controllers.
Come on Cisco, event filtering was so easy in IDS4, why complicate it so much in IPS6.

Adding Jax-RPC Handlers to OSB Proxy Service

Hi All,
I am new to OSB and wanted to know if I can add a Client side (My proxy Service -> external business service) Handler chain to OSB Proxy Services. I know how to add handlers to general webservice. But is there any way to intercept the request by adding handlers to OSB proxy service before it goes to business service?
Any help is highly appreciated.
Thanks,
Swetha

Hi Eric,
Thanks for your response. we are trying to access WSRR( manages end point urls for 7 different environments) and generate the end point dynamically at the design time. As we figured out WSRR is not compatible with OSB we are trying to implement these client side (OSB Proxy service) handlers which would get the dynamic endpoint depending on the environment used. I was able to create the handlers for this and set the jar in the classpath but the client service which should be using these handlers have to have these handlers defined in the deployment descriptor(web.xml) which am unable to see with a OSB project.
Will there be a deployment descriptor(web.xml/webservices.xml) associated with Proxy services on OSB? Or Is there any other way to add custom JAX-RPC Handlers to a proxy service? Or is there any way to connect to WSRR directly?
Thanks,
Swetha

HTTP connection from OSB web service to external system via a Proxy Server

Dear experts,
May I know has anyone tried to use HTTP protocol to send a request from OSB web service to external system via a proxy server? Heard that we need to establish some sort of tunnel (socket) to talk to Proxy Server. Can you please any have sample code or configuration steps to share?
Thank you very much!!

http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/consolehelp/global_resources.html#wp1137294
Adding Proxy Servers
Use the Summary of Proxy Servers page to add and configure Proxy Server resources and make them available in Oracle Service Bus as a system resource. You must be in an active session to configure or reconfigure Proxy Server resources.
1. If you have not already done so, click Create to create a new session or click Edit to enter an existing session. See Using the Change Center.
2. Select System Administration > Proxy Servers.
3. Click Add.
4. In the Name field, enter a name for the Proxy Server resource. This is a required field.
5. In the Description field, enter a short description for the Proxy Server resource.
6. In the Host-Port Parameters section, enter the following information:
1. In the Server Host field, enter the host name or IP address of the Proxy Server. This is a required field.
The Server Host name for the Oracle Service Bus proxy server must be identical to the server host name of the actual proxy server.
2. In the Clear Text Port field, enter the Proxy Server clear-text port number.
3. In the SSL Port field, enter the Proxy Server SSL port number. You must enter either a clear text or SSL port number.
4. Click Add.
You can configure multiple Proxy Servers for each Proxy Server resource. This enables Oracle Service Bus to perform load balancing and offer fault tolerance features for the Proxy Server resource.
7. If the Proxy Server performs proxy authentication, enter a user name in the User Name field, and the associated password in the Password and Confirm Password fields.
These fields are optional, and required only if the Proxy Server is secured.
8. Click Save to create and save the Proxy Server resource in the current session.
9. To end the session and deploy the configuration to the run time, click Activate under Change Center.

Name Service in unknown port

Hi!
I'm new to CORBA and I'm trying to access to a name service which is registered in a remote server, whose I know its ip address, but not the port where is it.
Is there any way to "ping" the different ports to know where the name service is... or something like that?
Any idea will be usefull!
Thanks in advance
Excuse me for my english, trying to improve!

I got it! I could see the processes started in the server and I saw the name service and the port where it was started.
The problem now is I don't know exactly the name of the object I have to look for. Is there any way to know the objects registered in the name service?
thanks!
Excuse me for my english, trying to improve!

OSB channels, Service access on ports

Similar Messages

Maybe you are looking for