OWSM Questions

Hello everyone,
My organization is looking into deploying OWSM for our web services, and I have a few questions about its capabilities and compatibility:
- With what versions of the Oracle Application Server is the OWSM server-side agent compatible?
- Is the server-side agent compatible with IIS?
- The documents I've viewed discuss OWSM's ability to capture statistics to a database for auditing and analysis, etc. A colleague of mine has suggested that it is also able to capture access log information in the same manner. Is this true?
- If yes to the previous question, does the management interface have a built-in display of this information, or would we have to design our own interface and queries?
Our main goal with OWSM is to capture http access logs into a database for easier analysis.
Thanks in advance to anyone that has any information.

You can look into OWSM Certification matrix at Oracle site for supported environment for the version you are looking for. Better starting point would be for you to ask Oracle sales to give you a demo so that you can find out what that product does.
There used to be server side agent for .NET application but was not htere in 10.x release but will be coming again in 11g ( again no guarantees... this is inof i got at Openworld...check with your sales rep for details)
Yes OWSM collects statistics on certain performance and security matrix. Also it can store the message log details within OWSM database. information such as what Web Service input message you received, what transformations were applied and the result. (You have to configure log steps).
If you are just lookikng to capture the http access log, message log, OWSM may not be right product. Its main purpose is for Security (WS-Security).
Thanks
Ram

Similar Messages

Two OWSM questions...

Hi -
We have a 10.1.3.3.1 MLR 15 HA (minus RAC) installation of SOA. We have two general, operational questions about the way OWSM works:
1. Why does OWSM cache all WSDL and XSD imports?
2. We can access a complete list of all services with actual service names via the gateway - we can access the schemas,
by name, directly. Can this be prevented?
An example of this can be seen via the general URL:
http://_hostname_/gateway/inquiry?inspection.wsil
This URL, as documented (Oracle® Web Services Manager Administrator's Guide), will
provide a list of services registered with the OWSM gateway. Can this be
removed via configuration? What is the actual purpose of this "feature"?
We have a 10.1.3.3.1 MLR 15 HA (minus RAC) installation of SOA.
Thanks for any insight into either/both of these questions.

There is a silencer switch above the volume control. If the red dot on it is showing the phone is in silent mode.

SOS~!!!About OWSM Gateway Question

Hi,
I've used the OWSM (SOA SUITE 10.1.3.1-linux)to do the following:
1) Created a Gateway Component
2)set policy
3)Registered a Service
4)Commited the policy
Service URL: http://b.cn.oracle.com:3115/gateway/services/SID0003004
Service WSDL URL: http://b.cn.oracle.com:3115/gateway/services/SID0003004?wsdl
I can access my original service,however failed by it.
the error info is "Oracle Web Services Manager Gateway C0003001: No policies found for service "SID0003004". Make sure the service is registered correctly and the gateway policies are up to date."

Hi,
Take a look at Re: OWSM gateway issue It might help.
Regards,
Mathias

OWSM: SAML message protection policy question

My web services are protected with SAML message protection policy. according to document:
http://download.oracle.com/docs/cd/E15523_01/web.1111/b32511/setup_config.htm#BABJAIHD
On the web service side, "+Needs the intermediary and root certificate corresponding to the client's public key in the keystore.These certificates will be used to verify the signature by generating a trusted certificate chain+."
Also says "+Generally, the recipient does not need to have the sender's public key in its keystore to validate the certificate. It is sufficient to have the root certificate in the keystore to verify the certificate chain+."
Since weblogic default trust store have more than 60 well known CA's trust intermediary and root certificate by default, does this mean that if web service client own a key signed by one of these well know CA, he will be able to access my web service through SAML policy?
What if I would like to limit my web service only to specified client instead of public access, should I remove those well known intermediary and root certificate from weblogic trust store?
Thanks

Hi RaJdeep,
Thank you for your inputs.But I couldnot get what I have to do here.
Could you please pass on your contact details so that I can contact you.
Thank you in advance.
Regards
Narendra

Error while calling Encryption Policy in OWSM

Hi,
I have a simple BPEL process and which is registered in OWSM with Encryption/decryption policies using jks
I get below error in gatway logs.Please let me know any thoughts
2009-06-22 04:57:32,503 FINE [AJPRequestHandler-HTTPThreadGroup-8] CSWComponent - Executing policy step. Policy='SID0003053', Step Name='XML Encrypt', Step Class='com.cfluent.policysteps.security.wssecurity.EncryptStep'
2009-06-22 04:57:32,503 FINER [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - Step XML Encrypt called
2009-06-22 04:57:32,507 FINEST [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.EncryptStep - Encrypting Soap XPATH
2009-06-22 04:57:32,515 FINEST [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - XPath= /descendant-or-self::node()/child::*[(attribute::encrypted = "true")]
2009-06-22 04:57:32,516 WARNING [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - Failure while applying XML Security
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1768)
at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.setLocationsForXPath(SecurityBaseStep.java:518)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.setEncryptLocationsForXPath(EncryptStep.java:225)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.getEncryptLocations(EncryptStep.java:202)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.performXmlSecurity(EncryptStep.java:177)
at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.execute(SecurityBaseStep.java:256)
at com.cfluent.pipelineengine.container.DefaultPipeline.executeStep(DefaultPipeline.java:124)
at com.cfluent.pipelineengine.container.DefaultPipeline.execute(DefaultPipeline.java:97)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.execute(DefaultPolicy.java:63)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.access$300(DefaultPolicy.java:18)
at com.cfluent.pipelineengine.container.DefaultPolicy.execute(DefaultPolicy.java:126)
at com.cfluent.pipelineengine.container.PipelineContainer.execute(PipelineContainer.java:114)
at com.cfluent.agent.Agent.intercept(Agent.java:123)
at com.cfluent.agent.AgentRuntime.intercept(AgentRuntime.java:252)
at com.cfluent.pipelineengine.util.PolicyInvoker.execute(PolicyInvoker.java:30)
at com.cfluent.pipelineengine.util.InvokerChain.execute(InvokerChain.java:30)
at com.cfluent.gateway.Invoker.execute(Invoker.java:148)
at com.cfluent.gateway.listener.ProtocolListener$ListenerTask.run(ProtocolListener.java:272)
at com.cfluent.gateway.listener.ProtocolListener.invoke(ProtocolListener.java:110)
at com.cfluent.gateway.listener.GatewayRuntime.invoke(GatewayRuntime.java:32)
at com.cfluent.gateway.listener.http.HttpListener.invoke(HttpListener.java:30)
at com.cfluent.gateway.listener.http.ServicesServlet.handlePost(ServicesServlet.java:57)
at com.cfluent.common.servlet.BaseServlet.doPost(BaseServlet.java:264)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:713)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
2009-06-22 04:57:32,519 FINE [AJPRequestHandler-HTTPThreadGroup-8] CSWComponent - Step execution failed: Fault Code=[http://schemas.oblix.com/ws/2003/08/Faults/GenericFault] Fault String=[WS-Security process failure:String index out of range: -1] Policy=[SID0003053] Pipeline=[Request] Step Name=[XML Encrypt] Step Class=[com.cfluent.policysteps.security.wssecurity.EncryptStep]
Thanks
Vinay

you missed one question of mine <b>Do you create the PDF after creating the GUID ?</b>
try giving a fixed URL just to test.
Aman

Unable to acess BPEL WSDL from OWSM Gateway

Hello all,
I'm trying to register a BPEL Process as a service on a OWSM gateway.
The BPEL WSLD is as follows:
<definitions name="WR01" targetNamespace="http://xmlns.oracle.com/WR01">
−
     <types>
−
     <schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/WR01">
−
     <element name="WR01ProcessRequest">
−
     <complexType>
−
     <sequence>
<element name="input" type="string"/>
</sequence>
</complexType>
</element>
−
     <element name="WR01ProcessResponse">
−
     <complexType>
−
     <sequence>
<element name="result" type="string"/>
</sequence>
</complexType>
</element>
</schema>
−
     <xsd:schema>
<xsd:import namespace="http://xmlns.oracle.com/pcbpel/adapter/db/top/WR01" schemaLocation="WR01.xsd"/>
</xsd:schema>
</types>
−
     <message name="WR01RequestMessage">
<part name="payload" element="ns1:Input"/>
</message>
−
     <message name="WR01ResponseMessage">
<part name="payload" element="ns1:Input"/>
</message>
−
     <portType name="WR01">
−
     <operation name="process">
<input message="tns:WR01RequestMessage"/>
<output message="tns:WR01ResponseMessage"/>
</operation>
</portType>
−
     <binding name="WR01Binding" type="tns:WR01">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
−
     <operation name="process">
<soap:operation style="document" soapAction="process"/>
−
     <input>
<soap:body use="literal"/>
</input>
−
     <output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
−
     <service name="WR01">
−
     <port name="WR01Port" binding="tns:WR01Binding">
<soap:address location="http://dcmsinusapp02.dc.local:7780/orabpel/default/WR01/1.0"/>
</port>
</service>
−
     <plnk:partnerLinkType name="WR01">
−
     <plnk:role name="WR01Provider">
<plnk:portType name="tns:WR01"/>
</plnk:role>
</plnk:partnerLinkType>
</definitions>
The WSDL generated from the service registation on the gateway is as follows:
<definitions name="WR01" targetNamespace="http://xmlns.oracle.com/WR01">
−
     <types>
−
     <schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://xmlns.oracle.com/WR01">
−
     <element name="WR01ProcessRequest">
−
     <complexType>
−
     <sequence>
<element name="input" type="string"/>
</sequence>
</complexType>
</element>
−
     <element name="WR01ProcessResponse">
−
     <complexType>
−
     <sequence>
<element name="result" type="string"/>
</sequence>
</complexType>
</element>
</schema>
−
     <xsd:schema>
<xsd:import namespace="http://xmlns.oracle.com/pcbpel/adapter/db/top/WR01" schemaLocation="WR01.xsd"/>
</xsd:schema>
</types>
−
     <message name="WR01RequestMessage">
<part name="payload" element="ns1:Input"/>
</message>
−
     <message name="WR01ResponseMessage">
<part name="payload" element="ns1:Input"/>
</message>
−
     <portType name="WR01">
−
     <operation name="process">
<input message="tns:WR01RequestMessage"/>
<output message="tns:WR01ResponseMessage"/>
</operation>
</portType>
−
     <binding name="WR01Binding" type="tns:WR01">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
−
     <operation name="process">
<soap:operation style="document" soapAction="process"/>
−
     <input>
<soap:body use="literal"/>
</input>
−
     <output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
−
     <service name="WR01">
−
     <port name="WR01Port" binding="tns:WR01Binding">
<soap:address location="http://dcmsinusapp02.dc.local:7780/gateway/services/SID0003002"/>
</port>
</service>
−
     <plnk:partnerLinkType name="WR01">
−
     <plnk:role name="WR01Provider">
<plnk:portType name="tns:WR01"/>
</plnk:role>
</plnk:partnerLinkType>
</definitions>
When i test the acess using OWSM console or try and consume it on JDeveloper I get the following error:
java.io.IOException: The document 'http://dcmsinusapp02.dc.local:7780/gateway/services/WR01.xsd' contains HTML tags.
Reason is:
404 Not Found
OracleJSP: java.io.FileNotFoundException:
Set the init-param debug_mode to "true" to see the complete exception message
This file not found exception is related to /gateway/services/WR01.xsd of course.
I've mostly followed the OWSM documentation in order to register the service.
Am I doing anything wrong referencing xsd's or something similar?
Thanks in advance

Answer to my own question:
BPEL processes exposed via OWSM can't be used from JDEV ws proxy generator
But the real question is: how do I prevent relative paths to xsd's on bpel wsdl?
Any pointers?
Thanks

Restricting IP's with OWSM?

Hi guys.
Just started looking at OWSM, cause we're deploying web services by the dozen and I want to get it all into a centrally managed environment before its too late :)
Question: Is it possible with OWSM to restrict the ip's that are allowed to call a WS. In other words to make sure that WS1 can only be called from 127.1.2.3 and not from 128.3.4.5? Never mind any other security layers built into the WS call, just pure IP restrictions. I suspect it is possible to do that on the application server where the WS is really deployed, but if I put a gateway in via OWSM, then all the IP's at the application server level will be the ip of the OSWM where the gateway is running, thus defeating the purpose. Or am I completely off track? (Not an impossible scenario :) )
Eagerly awaiting your replies/comments/wild speculations.
Elmar

Hi,
OWSM can run in two different modes, as a gateway or with agents. When acting as a gateway the original webservices will be proxied via the OWSM gateway. So yes all services will be accessed via the same ip. The original ws however is still accessible if somebody knows its ip address and endpoint. In OWSM you can not restrict the ip addresses that can access the gateway, if you want that you need to do it at a network level. If using only webservices on oracle application servers (and others that have a owsm agent available, ... eg .Net does not have an agent) you can install the agent for your services which will make the webservice itself forward the requests to OWSM. Still this does not allow you to only access the services from certain ip addresses. So the conclusion is, if you need to allow only certain ip addresses to access your webservices it is best to do it at a network level.
Andre

OSB and SOA Server (Mediator) Design question

As OSB is the strategic ESB and is used for external services does it make sense that all communication must go out via the OSB.
For example if I have a request that comes in gets routed through the OSB and then calls a backend composite which contains a BPEL that sits on the Oracle SOA server that calls multiple external services (CRM, SAP etc..) Would all the calls out from the BPEL then go back to the OSB and out to the external services (via proxy/business services.) This seems to add a lot of network hops to the whole architecture.
I can't really seem to find a diagram to explain this but an external service consumer could call the Oracle SOA stack that will come in via the OSB (for security gateway as OWSM 11g doesn't support gateway yet.) Then get transformed into the CDM and then passed on to the Oracle SOA server that has a composite service with BPEL that orchestrates multiple calls to internal and external services. The external ones requiring a transformation back into the service providers format.
How does this flow work?

If you are talking to external B2B systems you should use the Oracle B2B Server, have a look at this link,
http://download.oracle.com/docs/cd/E14571_01/integration.1111/e10229/b2b_intro.htm#CEGGAGJA
Section 1.6 in there gives a good example of doing just that. The OSB mediator is responsible for talking between CDM's in this case so it does some internal work, within one CDM set of services and then when ready the mediator translates from CDM to the format needed for the B2B. The B2B Server then does all the clever stuff needed to talk to the B2B partner.
In the internal case where the call is within the Enterprise the Oracle documentation states that there may be cases when doing this translation from CDM to legacy format may take place within the SOA server but recommends that it is normally done using the mediator in the same way as with partner calls. The 11g developer documentation states "The stated direction by Oracle is for the Oracle Service Bus to be the preferred ESB for interactions outside the SOA Suite. Interactions within the SOA Suite may sometimes be better dealt with by the Oracle Mediator component in the SOA Suite, but we believe that for most cases, the Oracle Service Bus will provide a better solution and so that is what we have focused on within this book."
Just what those exceptions are is an interesting question. If you have a CDM and all of your legacy world has translators you will spend all of your time hoping up to the mediator and back down maybe that is the exception. If everything is using the mediator then the SOA orchestration power is lost. If on the other hand most of your system lives within a canonical schema and there is one exception perhaps you make it pay the price for non-conformance.

OWSM security for a OSB service- authenticate from weblogic security realms

Hello,
I have a requirement to add security to a OSB service.
The user details are configured in weblogic security realms. lets say there are ten different users.
I need to protect my osb service using OWSM policy & the policy should be configured to authenticate the user from realms.
I am new to OWSM & wondering if this is possible?
Can the experts please direct me to any docs or steps?
Thanks
Ganesh

Hi,
Thanks for the links.
I followed the blog and configured it using oracle/wss_username_token_service_policy.
Now my requirement is to send the username,password from proxy to business and to the BPEL. (the bpel needs this username /password & and in header)
The issue I am facing is the proxy service is not sending the soap header details to business service.
I dont want to make the proxy as passthrough. (ie set Process WS-Security Header to NO)
I have to authorize on proxy level and then send the same credential details to business service?
So the question is, how can I retrieve the header after osb process it?
Can anyone please help me here?
Thanks
Ganesh

OWSM Gateway intercept by URL

Hi everybody. As I'm diving deeper into OWSM (10.1.3) the question is raised: is it possible to install OWSM Gateway and configure it in the way that this gateway will listen not only on gateway URL (generated from Register Service) but also on original service endpoint without having changed all my client code to point to gateway URL instead of original service endpoint. If this is not possible then how to prevend client apps from calling service endpoint directly?
Edited by: Baan, Jos on 23-feb-2010 15:56

Can anyone post any help from Oracle?

[OSB and OWSM] - External Web service stacks and frameworks

Hi everyone ! I'm starting to read about OSB and OWSM and I'm having some doubts. I've some developments of Web services with external Stacks like CXF, JBossWS, Metro and I'd like to ask some questions:
1- Will I be able to productively leverage all features of OSB and OWSM like creating a proxy service to add WS-* standards policies and features (WS-Security, for instance) even with these web services implemented in different stacks other than Weblogic's ?
2- If it is possible, do these web services need to be deployed at the Weblogic server to enable the OWSM and OSB to work effectively ?
3- Even if it is possible to use the OSB and OWSM nicely with webservices developed at external stacks and deployed at other application servers is there any reason to quit using these external web service stacks in favor of Weblogic's (like features only enabled on OSB/OWSM when the services use the Weblogic stack) ?
I suppose that if I ignore the JAX-WS stack from Weblogic and use an external framework (like CXF) I'll lose most of the application server administration capabilities since the Weblogic server won't be able to recognize the CXF stack as it does with its own.But, the main doubt I'm in is, since OSB and OWSM might be used with external providers I probably won't need to develop my web services using the Weblogic implementation (which my team does not yet know) since there will be no features of the OSB and OWSM which can only be used with the Weblogic's stack. I would like, please, to know your oppinions about these considerations. Sorry about the long post and possible errors (I just started learning).
Thank you!

Hi Lupan,
I can speak mostly to OWSM as my experience with OSB is small thus far.
+1- Will I be able to productively leverage all features of OSB and OWSM like creating a proxy service to add WS-* standards policies and features (WS-Security, for instance) even with these web services implemented in different stacks other than Weblogic's ?+
OWSM (10gR3) has two types of policy enforcement point (PEP) -- Gateway and Agent. The Gateway acts as a remote proxy and is neutral to the service implementation technology as long as it adheres to SOAP 1.1. In this regard you can use OWSM freely with CXF, MS implementations, etc. Agents run in-process with the service and thus have far greater restrictions on what service implementation frameworks and containers that are supported. There is some certification for AXIS 1.x running in OAS and Tomcat; but practically speaking, my recommendation for Agents is to only use within OAS 10gR3 where it is built in (and using OC4J Web Services through JAX-RPC).
OWSM 11gR1 initially supports only agent-style (in process) PEP and is built-in to Fusion Middleware and WLS. It is only for Fusion and WLS Web Service implementations.
OWSM is quite full-featured for WS-*.
+2- If it is possible, do these web services need to be deployed at the Weblogic server to enable the OWSM and OSB to work effectively ?+
"No" if using OWSM Gateway PEP. A qualified "Yes" if using OWSM Agent PEP.
+3- Even if it is possible to use the OSB and OWSM nicely with webservices developed at external stacks and deployed at other application servers is there any reason to quit using these external web service stacks in favor of Weblogic's (like features only enabled on OSB/OWSM when the services use the Weblogic stack) ?+
There is the manageability that you mention, but also there is the identity propagation scenario and tight security integration. Both OAS and WLS hosted services in the native stacks (JAX-RPC and JAX-WS) allow sophisticated and secure passing of identity in the request -- for instance, via SAML Assertions in the WS-Sec header -- and built-in capabilities to map the passed identity into the running service's Subject (i.e. enabling JAAS security etc.).
In my experience this type of identity propagation functionality has either been absent or less complete in other typical implementation frameworks not closely aligned with the container security mechanisms.
Hope this helps,
Todd

OSB: MTOM and OWSM policies together

Hi,
I've set up a proxy chain, that invokes business service, that invokes soapUI mock.
The mock return a file. All services are set up with MTOM pass by reference.
It works like a charm. I receive my file as ctx:binary-content element.
I have to add an OWSM policy to a business service. I've picked the simplest one, oracle/log_policy.
Now the problem occurs. The business service returns:
[OSB Security:387009]Failed to convert message context to SOAPMessage
com.bea.wli.sb.context.BindingLayerException: Decoding of MIME attachments from MIME Content-Transfer-Encoding='7bit' not supportedDo you have any idea what's going on?
Additonal question: is there a living soul which has been able to set up OWSM policies ant MTOM together?
Edited by: Veronica on 2013-04-12 07:44

I got this to work by switching "WSDL definition" from binding to port. Why would that help?

Possible to include OWSM installation into the AIA 2.x Accelerator Scripts?

Hi,
this is Davide, I have a quick question about the "AIA 2.x Install Accelerator Scripts"
is there any simple way, in your opinion, to include the OSWM installation with the SOA Suite 10.1.3.4 using the "AIA 2.x Install Accelerator Scripts" ?
I'm pretty confident with those scripts, I have used them so many times with no issue at all. Those scripts install a good AIA 2.5 environment with a SOA Suite without the OWSM.
Now I would like to install a new environment using the same Accelerator Scripts but I would like to include the OWSM as well into the implemented SOA Suite.
I was thinking to execute the scripts from 02 to 08, then to install the OWSM with the SOA Suite graphical installation wizard and then to proceed with the script 09 to the end.
Is it possible to use this method or will I miss anything in your opinion? Are there any specific scripts I should customize to do so ?
Should I desist to go ahead because not possible?
Thanks a lot in advance.
Regards.
Davide

Here are is an excerpt from a sample 01_int_env_master.sh file:
export SOFTWARE_DIRECTORY=/u01/downloades
export SOFTWARE_DIRECTORY_J2EE=${SOFTWARE_DIRECTORY}/suite-install
export SOFTWARE_DIRECTORY_BPEL=${SOFTWARE_DIRECTORY}/bpel-install
export SOFTWARE_DIRECTORY_ESB=${SOFTWARE_DIRECTORY}/esb-install
This would mean that script 03 would run /u01/downloades/suite-install/runInstaller. Another example would be script 06 running /u01/downloades/bpel-install/bpel_oc4j/runInstaller, etc.
In order that the scripts can find these installers, you would extract the downloaded installer packes into SOFTWARE_DIRECTORY_J2EE (B34625-01 from edelivery.oracle.com), SOFTWARE_DIRECTORY_BPEL (B34437-01), and so forth.
Gerhard

Oracle Worklist API -- OWSM

Hi,
I am invoking SOA suite 11G (11.1.1.5) human task application (sits in one wls server domain) from a web application (sits in another wls domain) using oracle worklist api and showing the task details in my web app. I would like to do the user credentials validation at SOA application side by adding owsm username token policy to my composite application.
So there are 2 questions:
1.How do I pass (or construct) the username token details in worklist client class which resided in my web application?
2. Will OWSM can check these user credentials against our own database table or always against the weblogic identity store?
Please provide some inputs.
Thanks,
Cdhar

Hi,
i'm also trying to access the worklist from a java program, authentication using jazn xml works fine.
IWorkflowServiceClient wfSvcClient =               WorkflowServiceClientFactory.getWorkflowServiceClient(WorkflowServiceClientFactory.REMOTE_CLIENT);
ITaskQueryService querySvc = wfSvcClient.getTaskQueryService();
IWorkflowContext ctx = querySvc.authenticate("jcooper",     "welcome1",
                         null, null);
List queryColumns = new ArrayList();
               queryColumns.add("TASKID");
               queryColumns.add("TASKNUMBER");
               queryColumns.add("TITLE");
               List tasks = querySvc.queryTasks(ctx,queryColumns,
                         null, ITaskQueryService.ASSIGNMENT_FILTER_MY,
                         null, null, null, 0, 0);
However querySvc.queryTasks always returns empty.
I've tried to check the worklistapp, and the tasks are there.
could somebody tell me what are the mistakes?
Thanks in advance,
santoso

OWSM: it's possible manipulate a xml string date with a policies ?

Hello,
It's the first time that i use the OWSM. The objecties of my project is reuse a old webservice deploy in the old application. The authentication of websercice is inside the structure string xml type. For example any service are the follow soap structure:
<n:getInformation>
<data xsi:type="xs:string">..................</data>
</n:getInformation>
The type string the data is based on the xsd schema rules where among other there is the authentication info (user and pwd)
<authentication>
<user>hello<user>
<password>xxx<password>
<inputdata>
<inputdata>
My question is : It's possible create an agent or gateway policy without affect the webservice ? I wish manipulate a xml string type and add with a policy a xml data authentication information......
Thanks in advance.

Yeah you can certainly do that, but I can tell you that OWSM is not right place to do this.
- You can create custom step and get hold on the entire payload and change
- You can create XSLT to do the transformation from old to new.
HTH,
Chintan

OWSM Questions

Similar Messages

Maybe you are looking for