OSB proxy for HTTP GET servlet

Similar Messages

• OSB Proxy service HTTP kerberos authentication

  Is it possible to use kerberos authentification in OSB Proxy service?
  I need it in following scenarios.
  First scenario. We have Sharepoint Portal with Windows SSO. Our Sharepoint developers can invoke webservice on OSB (proxy service) with transfering of kerberos ticket (they talk about process named impersonation). In OSB proxy service I want to know credentials which are passed in kerberos ticket. How to do it? My Weblogic and OSB Consoles already have kerberos auth.
  Second scenario. How can I pass kerberos ticket from proxy service to business service without knowing info in this ticket. Like passthrought for basic auth.
  PS I had read info here: http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/security/security_faq.html and paragraph about OSB SSO looks bad for this task...

  For weblogic console i had done several actions for enabling of kerberos auth... some of them are:
  - NegotiateIdentityAsserter was added to realm's providers,
  - web.xml of consle was configured in section ...<login-config><auth-method>CLIENT-CERT, FORM</auth-method>...
  etc...
  What actions i need to do for proxy service?
  PS Manoj sorry... wait... i missed your link before have not read info yet :) may be it will help...
  Edited by: Andrey L. on 17.03.2010 2:25

• Implementation of OSB service to Http GET XML payload

  Hi,
  I am new to OSB.I have a requirement where Ecommerce system will post a XML over HTTP.
  Our OSB service has to receive that XML using Http GET and send it to a SOA composite as a SOAP.
  My doubt are
  1.can we implement the proxy service with service type any XML structure
  2.Will Ecommerce provide any WSDL so that we can configure it in our proxy service.
  Pls help.
  thanks

  Hi,
  947423 wrote:
  1.can we implement the proxy service with service type any XML structureYes, that should be alright...
  2.Will Ecommerce provide any WSDL so that we can configure it in our proxy service.\Probably not, if they are just sending an XML over HTTP that is probably not SOAP, if at least they can provide you an XSD that would be nice... Otherwise you may have to write one...
  Cheers,
  Vlad
  It is considered good etiquette to reward answerers with points (as "helpful" - 5 pts - or "correct" - 10pts)
  https://forums.oracle.com/forums/ann.jspa?annID=893

• Steps to enable Web Proxy for https

  I have an S160 WSA and want to enable the Web service for http and https. I am using transparent mode with WCCP.
  This is part of the router configuration:
  ACL:
  access-list 110 permit tcp 192.168.80.0 0.0.7.255 any eq 80
  access-list 120 permit tcp 192.168.80.0 0.0.7.255 any eq 443
  ip wccp 97 redirect-list 110
  ip wccp 98 redirect-list 120
  interface FastEthernet0/0.380
  ip wccp 97 redirect in
  ip wccp 98 redirect in
  It is the same configuration for http and for https, but only http traffic is working. When I see the logs in the WSA, it looks like accepted connections for https.
  In Security Services -> Web Proxy it is enabled, when I put the port 443, I get an https error in the end user laptop; when I dont, it keeps trying and I get a timeout.
  I tried enabling https proxy but some sites (as gmail), wont work with self-generated certificates.
  Would you please, list me the steps to enable Proxy services for https.
  Thanks!!!
  Sergio L.

  Hi Sergio,
  When WSA is configured as transparent proxy, it also accepts explitcit connections. So in order to test HTTPS proxy, you can configure client browser to explicitly use WSA as proxy and see if it is working before testing in transparent mode.
  When WSA is used as HTTPS proxy, it uses its self-generated certificate to encrypt the connection between itself and the client browser. Since this certificate is not trusted by browser, it'll throw SSL certificate error when connecting via WSA. In order to get rid of this error, download the self-generated certificate from WSA and install it in your browser as a trusted certificate. That should resolve SSL issue with gmail also.
  Hope this helps.
  Thanks,
  Chetan

• How to invoke a OSB Proxy Service from a Servlet??

  Hi!!
  I'm a begginer in OSB, and right now I have a OSB configuration in production mode. So, using the console test it's very easy to test (doh) my configuration. But now, I have to make a stress test and after read a lot of documentation I did'nt found the way to do that. So I'm trying to do it by using a Servlet, a doPost method in especific, but after a lot of time I can't invoke the proxy service.
  What is the right way to use a proxy service in production mode??
  How can I call it from my servlet??
  How can I send an xml (or any other object, file, text...) as a Request??
  Help please, thank you...
  Edited by: user12116998 on 18-mar-2010 12:40

  If you have your proxy service published as http/soap, then I recommend you to use SoapUI to test it. It can help you with stress test too.

• Using a proxy for http requests and forward

  Hi. My company won't allow access to mail.yahoo.com and www.hotmail.com. However, I can get to my own web server on my Cable Modem at home. Can I use the proxy to accept the http connections and forward them to hotmail ...will this work? If not any other solutions?

  Yes, that would work if you configure it as a reverse proxy.
  IMHO proxy would be overhead for this. There's many freeware out this which is exactly designed for that, see
  http://freshmeat.net/search/?q=http+tunnel&section=projects&Go.x=0&Go.y=0

• Authentication syntax for HTTP GET method using TCP functions in Labview on linux

  Hi,
  Currently, I am trying to communicate to web server. I have Labview installed on a Linux machine. The HTTP function blocks and other labview functions do not work. Hence, I am building a HTTP code string using TCP functions (port 80) to talk to the web server. I am successfully able to fetch a response from web sites (example www.ni.com) from my vi. However, when I try to communicate to my web server, it does not work. It requires an authentication. I am able to open http://ipaddress in my browser from my machine using username and password. Can someone help with Authentication string requirement for GET method?
  so far the string is:
  GET /index/ HTTP/1.1
  Host: http://xx.xx.xx.xx

  An easy option would be to try http://userassword@server syntax for the URL.
  Else I posted a Twitter fetcher once (won't work anymore since Twitter moved to Oauth authentication) at LAVA. Based on code from @cloew.
  The code is part of this LLB.
  Ton
  Free Code Capture Tool! Version 2.1.3 with comments, web-upload, back-save and snippets!
  Nederlandse LabVIEW user groep www.lvug.nl
  My LabVIEW Ideas
  LabVIEW, programming like it should be!

• Setting Proxy for HTTPs Connections

  Hi,
  I have a multi-threaded program where i need to decide which gateway system i would need to post my http requests.
  Both these gateways (eg, GW1, GW2) have to be accessed by proxy. Currently i set the proxy and port as follows:
  System.setProperty("https.proxyHost",PROXY_HOST);
  System.setProperty("https.proxyPort",PROXY_PORT);
  But, this gives me a problem as thread 1 ends up with the proxy details for GW2 and vice versa.
  Any workaround apart from setting this on the system level.
  I do not intend to run two seperate instances of JVM.
  Appreciate your time and input :)
  - Cheers
  Sakthi

  This is called concurrency, and the object needs to be locked while one thread is using it and then relased so the other thread can use it.

• OSB - Support for HTTP Compression

  Does OSB 10.3.1 or any previous versions of it support HTTP compression. We have a requirement to integrate the service bus to integrate with a web service which is capable of returning SOAP response with GZIP encoding.
  We can explictly request the service to turn on compression by setting accept-encoding in the http request using transport headers. Can any one confirm whether OSB decompress the response before handling it to message flow.
  Thanks,
  Atheek

  This is important feature that is missing I feel. we could not use OSB business service feature much, because of the same.

• Proxy authontication popup for Https is not getting displayed

  Hi,
  We have proxy server in java, and it should ask for the authentication, while using old versions of IE (IE6), opera we get proper proxy authentication prompt for Https as well as Http request.
  But with the new version of browser IE8, Firefox 2, ... 3 we are not getting the Proxy authentication prompt for the Https request only (for http its working fine)
  Actually the proxy server ask for authentication for the every first request only, but if the first request is Https then it fails with 407 error, as per the logic whenever we set response.setStatus("407"); response.setMessage("Proxy authentication required"); it should prompt for the proxy authentication and its working fine for old browsers and for Http request but its not working for new browser with Https request
  Could you please provide some information on how to achieve proxy authentications for Https and new versions browsers.
  Following are the code used for it
  /*ResponseProcessor.java*/
       public static Response createResponse(ScriptableConnection connection, String message) {
            Response response = new Response();
            Request request = connection.getRequest();
            response.setRequest(request);
            if (message.equals(SPConstants.TECHNICAL_ISSUES)) {
                 response.setContent(message.getBytes());
            if (message.equals(SPAuthorizationConstants.INVALID_CREDENTIALS)) {
                 //response.setVersion(request.getVersion());
                 response.setHeader("Proxy-Authenticate", "Basic");
                 response.setStatus("407");
                 response.setMessage("Proxy authentication required");
                 if (request.getHeader("Proxy-Authorization") != null) {
                      response.setContent(message.getBytes());
                 return response;
            return response;
  /*ConnectionHandler.java */
  public void run() {
  String authorizationStatus = RequestProcessor.checkUserPreRequiste(request,user,ticket,statusVisitor); //SP CODE
                      if(authorizationStatus.equals(SPAuthorizationConstants.USER_IS_AUHTORIZED)) { //SP CODE
                               try {
                                    response = hc.fetchResponse(request);
                                    if (response.getRequest() != null)
                                         request = response.getRequest();
                                               }catch........
                     } finally {
                 try {
                      if (_clientIn != null)
                           _clientIn.close();
                      if (_clientOut != null)
                           _clientOut.close();
                      if (_sock != null && !_sock.isClosed()) {
                           _sock.close();
                 } catch (IOException ioe) {
                      _logger.warning("Error closing client socket : " + ioe);
  .......Thanks in advance,
  Sachin

  Hi
  Follow the steps
  In your current view where you create your Popupwindow; create a model attribute name "popWin" of type IWDWindow;
  In code;after creating the popup window assign window object to the context element
  IWDWIndow window = WDComponentAPI.getWindowManager().createWindow( WindowInfo, true);
  wdContext.currentContextElement.setpopWin( window);
  At the Popup window view; create a model attribute name popWin of type IWDWindow and map it with the one that created before.
  set the code on btnaction
  IWDWindow popwin = (IWDWindow)wdContext.currentContextElement().getPopWin();
  popwin.destroyInstance();
  This will work
  Regards
    - Vinod
  Edited by: Vinod V on Mar 3, 2008 7:21 PM

• Modify OSB Proxy "HTTPS required" setting through customization file

  Is it possible to modify the "HTTPS Required" setting on the OSB Proxy service? We have different settings to be used for different environments like . DEV, IT, UAT, PROD etc
  My understanding of the OSB customization is as below, and I get a feeling that its not possible through the customization.
  There are 3 types of customizations possible: EnvVariables, FindAndReplaceString, ReferenceType
  EnvVariables allows only pre-defined set of variables to be changed thru the customization file. , HTTPS setting is not there in the list.
  Allowed variables are listed @ http://docs.oracle.com/cd/E23943_01/admin.1111/e15867/customization.htm
  FindAndReplaceString: it’s possible to change the value of the xml elements in the proxy file, but since its boolean value for HTTPS, we cannot use this option, it would replace other settings as well.
  ReferenceType: is used to refer to alternate references like xquery or business services in the proxy service.

  I know that ALSB used to provide APIs for SOME customizations, monitoring and control of services. I have not tried APIs in OSB for a long time and dont know if the APIs are still the same or if some of them have been deprecated. But I can say that the APIs for customization of end point values will definitely be available.
  However, I do not think there will be an API for marking HTTPS as enabled in proxy configuration, that you will need to do using the sbconsole UI or by importing an updated version of service.
  You can find the APIs here:
  http://docs.oracle.com/cd/E23943_01/apirefs.1111/e15033/toc.htm
  http://docs.oracle.com/cd/E23943_01/admin.1111/e15867/app_apis.htm#OSBAG739
  If you do need more info then search for ALSB APIs and you will get older docs but they might have more details.

• Java client for OSB proxy with JMS Transport

  Hi,
  I am trying to call OSB proxy with JMS Transport. I am generating the client through ant task clientgen and following this article
  http://www.oracle.com/technetwork/articles/murphy-soa-jms-092653.html
  The osb proxy is req-response and is simply routing to BS which return a string value.
  When I run my client, it get stuck and does not return at all. Has any one trying java client in such scenario?
  What I may be missing?
  Below is snipped of client code:
  String url = "http://localhost:7021/sbresource?PROXY/MySample/MyJMSProxyService";
  CreditLoanApprovalServiceSoapBindingQSService service = new CreditLoanApprovalServiceSoapBindingQSService_Impl(url);
  MyPortType port = service.getCreditLoanApprovalServiceSoapBindingQSPort();
  LoanStruct in = new LoanStruct(); //populated the data structure
  String loanResult = port.processLoanApp(in); // Stuck here without any error
  System.out.println("LoanResult--> " + loanResult);
  Thx
  /Ashwani

  http://localhost:7021/sbresource?PROXY/MySample/MyJMSProxyService is the WSDL URL of the proxy.
  Transport is is picked by the client from wsdl.
  As far as the documentation of client generation is there, there is no change.
  But meanwhile I have started working on sending the message directly to queue. JMSProxy is getting called. May be I will first run the proxy this way and then try troubleshooting the java client.
  Regards
  Ashwani

• OSB call to remote Web Service via https proxy and https CONNECT problem

  Hi
  I have a service that calls a web service on another server as a web service. This call is via https and the certificate validation raises no errors.
  I now want this call to go via a squid httpd proxy on port 3128 on some machine. So I would like to use HTTP CONNECT (RFC 2817) proxying,. But when I set up this as a proxy, I am getting "Certificate chain" error messages. The certifcate chains is no different now from when I called without the http proxy, so what am I doing wrong? Does OSB support HTTP CONNECT?
  -Johan

  The exeption we are getting is BEA-380000
  General runtime error: [Security:090477]Certificate chain received from XXX - 123.123.123.123 --> test.salesforce.com was not trusted causing SSL handshake failure.
  This is of course not relevant if the callout were using CONNECT. In the CONNECT scenario, OSB would not care about XXX's certificate.

• HTTP GET/POST: J2EE Design Strategy w.r.t servlet implementation

  I am in process of designing a J2EE application with browser interface. I have thought of having "Front Controller" Servlet for all HTTP-GET requests and "Action Controller" servlet for all HTTP-POST requests.
  I have worked this distinction on the basis that GET request maps directly to page being requested and POST request corresponds to action being performed on some page. Here in fact the design is driven by appropriate selection between GET or POST. So all possible requests on the site should get properly mapped to action or page.
  Decision of two servlets is merely to divide the load on single servlet. There being well defined logical (page and action) and implementation (GET/POST) boundary, the division seems workable.
  Before actually finalizing this decision I need to know any inputs (pros and cons) of this approach.
  Further If I start mapping to actual scenerios,
  Request for home page,
  Request from HREFs,
  Request where new transaction is started
  will always be GET Requests.
  However what about request method (POST or GET) for update employee profile page when emp. id is available already available on first page ??
  And further
  Is this GET/POST divison always possible ??
  Any constraints that any one can see in this mapping ??
  Any comments on the update employee profile scenerio - GET/POST - page/action ??
  PS: Pl. discard error scenerios for the moment.

  how would you direct the GET requests to one servlet and the POST requests to the other?
  Wouldn't they need to pass thru' yet another servlet to decide which is which (GET or POST), and redirect them accordingly?
  I would have both GET and POST handled by the same single-point-of-entry servlet. For example, not all data is sent to the server via a POST - you can send form data via a GET, using name/value pairs in the url.

• Best way for HTTP load balancing in OSB

  Hi everybody,
  We have setup an OSB cluster and we need to load balance HTTP requests across managed servers. Looking for info about load balancing in OSB I found that there are mainly two options: using a hardware load balancer or a software solution like Weblogic HttpClusterServlet. At the moment we have no hardware balancer available so we will have to take the software option. I found some articles about configuring HttpClusterServlet like http://redstack.wordpress.com/2010/12/20/using-weblogic-as-a-load-balancer.
  But I have a question about this configuration. If we use a managed server as an HTTP proxy that balances requests between OSB managed servers, what would happen if this server goes down? I think one of the main goals of a clustered deployment is avoiding a single point of failure but with that setup all requests would depend on the availability of the proxy managed server.
  Could you recommend us a setup for implementing load balancing in OSB?
  Thank you in advance,
  Daniel.

  Load balancing in a cluster for http requests can be achieved using atleast 4 different ways:
  (1)- use a hardware load balancer like F5 BigIP LTM
  (2)- use a web server with weblogic plugin to frontend the cluster
  (3)- use weblogic with HTTPClusterServlet
  (4)- use DNS round robin - this works if you have managed servers running on 2 machines (say mach1, mach2) but on the same port. HTTP clients use hostname 'mach' to access the URL's and the dns does a round robin name resolution of mach to mach 1 and mach2 IP addresses..
  All the options except (1) achieve only load balancing and not auto failover on all instances.. Hardware load balancers has the extra feature of probing [ sending periodic pings to the targets] , by which it can detect whether the target resource is alive and if not send the traffic to other nodes which are alive.. this is why hardware load balancers are worth their investment..
  other options may work if client is coded to do retrying on failure.. so on 2nd or subsequent attempt, the routing is done to the machine which is alive..
  For options (1),(2) and (3), you also need some redundancy of load balancing device ( web server, weblogic or hardware load balancer) to prevent single point of failure.. Hardware load balancers are usually deployed in redundant pairs to achieve this..
  Edited by: atheek1 on 22/11/2011 15:31