Sample with Securing Identity Web Services using jee sdk update 3 fails!!

Similar Messages

• Unable to call WSS (WS-Security) enabled Web Service using UTL_DBWS

  We are attempting to call a WSS (WS-Security) enabled Web Service from PL/SQL using the UTL_DBWS package (see [http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/u_dbws.htm#CHDIDGJH] ). We are doing this in similar fashion to [http://www.oracle-base.com/articles/10g/utl_dbws10g.php] with calls to utl_dbws.create_service, utl_dbws.create_call and utl_dbws.invoke.
  Using this method we can successfully call an unsecured Web Service, but calls to WSS-enabled Web Services fail. We are currently using Oracle Database 10.2.0.3.
  The failure we are getting is:
  ORA-29532: Java call terminated by uncaught Java exception: javax.xml.rpc.soap.SOAPFaultException:
  com.sun.xml.wss.XWSSecurityException: Message does not conform to configured
  policy ( AuthenticationTokenPolicy(S) ): No Security Header found;nested
  exception is com.sun.xml.wss.XWSSecurityException:
  com.sun.xml.wss.XWSSecurityException: Message does not conform to configured
  policy ( AuthenticationTokenPlicy(S) ): No Security Header found
  Apparently UTL_DBWS does not support calling WSS enabled services, although this doesn't appear to be an officially recognised position. Does anyone know if Oracle are planning to support this soon (if ever)? Looking at Re: Calling WS from PL/SQL using WS-security suggests that support has been considered before, but not yet realised.
  Thanks,
  Tom

  Having raised a Service Request with Oracle support on this, I got the following response from Oracle Development (On unpublished bug [8542959|https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=BUG&p_id=8542959]):
  Development has confirmed that WS-Security is not supported through UTL_DBWS. They have also acknowledged that this is not documented and they will change the official Oracle documentation will reflect this fact. From what is being stated, it would appear that there is no plan to support the use of WS-Security through UTL_DBWS in any release in the near future.
  So, in short, without developing your own home-grown SOAP request, there is no way to call a WSS enabled web service from within PL/SQL.
  -Tom

• How to call a secure external Web Service using Oracle BPEL and OWSM

  Hi,
  i have to invoke an external secure Web Service using SOA Suite 10.1.3.1, but i don´t know how to do this. Do i use OWSM gateway or Agent? how to configure the gateway or agent to pass the required security to the external secure web service.
  thanks in advance
  Dong

  Are you getting any errors? What type of XAI Class are you using?
  One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
  Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
  Hope this helps.
  Regards,
  Philip

• Issue with Calling Rest Web Service using Designer workflow

  Hello all
  I am calling a Rest web service- HTTP Post (yammer API)-
  http://www.yammer.com/api/v1/messages.json?data-app-id=myappid&group_id=groupid&body=MyPost in yammer  using sharepoint 2013 designer workflow.(My Requirement is to create a yammer post when I approve an item in sharepoint).
  but my header parameters are creating issue while executing workflow.
  Currently I have these many parameters configured in request header
  Accept -application/json; odata=verbose
  Content Type -application/json; odata=verbose
  content length header -255
  Is there anything wrong or I need to additionally pass some values in call web service action?
  Any help would be highly appreciated

  Hi Mahesh,
  One you are missing is authentication token or credentials.
  Please refer to the following articles.
  http://www.cleverworkarounds.com/2014/02/05/tips-for-using-spd-workflows-to-talk-to-3rd-party-web-services/
  A Series of articles related to Web Service in SPD Workflow
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 1
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 2
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 3
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 4
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 5
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 6
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 7
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 8
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 9
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 10
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 11
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 12
  Please don't forget to mark it answered, if your problem resolved or helpful

• Exception while accessing web service secure through web services Manager

  Hi All,
  I deployed sime Hello World web service on JWSDP1.6 and secure it through web service manager(gateway) using Certificate based security.But when I try to access this web service using JWSDP client,I got the following Error while monitoring the soap messages through TCP-Monitor:
  /////////////////////////////////Request///////////////////////////////////////////////////////////////
  POST /gateway/services/SID0003009 HTTP/1.1
  Content-Type: text/xml; charset=utf-8
  Accept: text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
  Content-Length: 5631
  SOAPAction: ""
  User-Agent: Java/1.5.0_05
  Host: ivy.cs.ucl.ac.uk:8082
  Connection: keep-alive
  <?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://hello.org/wsdl" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><env:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <wsse:SecurityTokenReference>
  <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">eN9famBBWzHNUIwWRhMPktcM+VQ=</wsse:KeyIdentifier>
  </wsse:SecurityTokenReference>
  </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>MHjtgA4wOtvI1B+SuRVEmD07yE+jl6axd4XbJ0nvQ3EzSuVVoST9vHzURh+B47yj41187s8T+yjt
  Bmpk9OB278Jghonkacv6r+q+LVlxRrQDudNGir7plzFeM6bUadMxf+FLgn5O0a44vU/tvy6V9+zi
  yqFdhTvS21No/aW62No=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#XWSSGID-1155126003241-1198323932"/></xenc:ReferenceList></xenc:EncryptedKey><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-11551260018331598979688">MIIC3TCCAkagAwIBAgIBATANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzEMMAoGA1UECBMD
  U0NBMQwwCgYDVQQKEwNTVU4xHjAcBgNVBAMTFWNlcnRpZmljYXRlLWF1dGhvcml0eTAeFw0wNjAz
  MTkxMzQ5MDJaFw0xNjAzMTYxMzQ5MDJaMEcxCzAJBgNVBAYTAlVTMQwwCgYDVQQIEwNTQ0ExDDAK
  BgNVBAoTA1NVTjEcMBoGA1UEAxMTeHdzLXNlY3VyaXR5LWNsaWVudDCBnzANBgkqhkiG9w0BAQEF
  AAOBjQAwgYkCgYEAzNDPKUz1MhUH1LsrLqXKxciOKSWeTrdoe/SVwe/4uy5eobAWSsSTposaOYFy
  uxf3cGCCIs7u0jMAXLQ9jzobDbt9XQ4tXPoBzKKzS+yU6hDk2TcOCkioeT9A9db5LF8yevhwXKB4
  AJ1Eh//Dp/djoonXCCxsxupQZp3ueRJrR98CAwEAAaOB1jCB0zAJBgNVHRMEAjAAMCwGCWCGSAGG
  +EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUECH05VC3/WGW
  H4AGD6tnH0h+kFUweQYDVR0jBHIwcIAUdry1wGRZ2fyJSKisVSxpMEmIiaahTaRLMEkxCzAJBgNV
  BAYTAlVTMQwwCgYDVQQIEwNTQ0ExDDAKBgNVBAoTA1NVTjEeMBwGA1UEAxMVY2VydGlmaWNhdGUt
  YXV0aG9yaXR5ggkA4HaEvd6hq8YwDQYJKoZIhvcNAQEEBQADgYEA0RhOk67pCrO6MgZZGqrmAMW6
  76fZowBxTKlFq88nrf8v1MUxV8H9wgbTDrwR0HtxY3TGpDFw2tNAww2pyDX/pQ2Wt46ichluGxjf
  aEV53loKTOM7syAmlicWqViGzBfgzriIl918TzFaX9BD/Y55bKZQk057maBCSkUuFfF453s=</wsse:BinarySecurityToken><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse enc env ns0 xsd xsi"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#XWSSGID-1155126002593447652186"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UJ1kuwI+WuF/RkrQpZrj1GvraLI=</ds:DigestValue></ds:Reference><ds:Reference URI="#XWSSGID-1155126002602761294100"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>sKG/z5OIGgqJ2nw7JtpXyJzr8pY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SBc65VTG1xpEkRUTz70H0fVGIgoBJ0QnNad0k07RMSfw4vG1WHJdt19R05pO2AvU5aoYuBSaguJe
  ZGEjmWzw8mnSWKBi+zeDMeJiwgqwW6HHHX9P7JDslxuTIqoJIVUbSjUTSVz6ww8siIK65quXdkMT
  ZzLfp7Cd0gBuA3EEZpg=</ds:SignatureValue><ds:KeyInfo><wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-11551260025411896275738">
  <wsse:Reference URI="#XWSSGID-11551260018331598979688" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
  </wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1155126002602761294100"><wsu:Created>2006-08-09T12:20:02Z</wsu:Created><wsu:Expires>2006-08-09T12:20:07Z</wsu:Expires></wsu:Timestamp></wsse:Security></env:Header><env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1155126002593447652186"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1155126003241-1198323932" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><xenc:CipherData><xenc:CipherValue>XNqEzHNp47ILtOagAUNCXYkxOCWv4CjHqmZ7j6VKN/NO96ce4BsNSL6lKzqa9dPxHB1sTVGZQ8KA
  COQ6DGwyWCP8ip+CU2hor3uUAml7nzHTx1LUw3Db+0p31VAT3EqKJA3aFy38GQrBTr9ojMOUA6tm
  Cj71yucN3UCKRUl3RpE8qU68y7AwNxPsyAZeSa2AVm2cmWvSDZlxgMsx+JCEZaf3+D0o1zMp0Fxb
  MSISPt/JrEolt1H5UM1AoFGU4QkckWrQNLPyEF9oxEgZ8oCE5U8v/YJwZIAHFrx67XfaLwQLjzXw
  VPigsH9gLkfbP2BU8Vp31GsPwBZtUeNz9S35+CZPD7EiqoAB1QuAxZkJV7n00VChYH+scT64tNja
  c81bcD8tf4sAr7toCMNDAU6+74+Qy0EyPqgwLtotDxErn4kF8e72cONMMQBQ91tQs+iI+D6C1I6+
  f9UiSfgtm/MTuKQK1CRqarEtI9N6lpqVH8k7ulUwH/jFstihxmhMJ3aZY+qQgSwSs3pwSSim+e18
  eR7dOEq4vG8ivKuGvTDO4sSV2RP/nL/3eXr0y7eM0kMFKwTUA4JqL4Y/l8Bo/rie/ZXkkbF6hwEu
  dX1QmB0gf5k=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></env:Body></env:Envelope>
  ////////////////////////////////Response///////////////////////////////////////////////////////////////
  HTTP/1.1 100 Continue
  Server: Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)
  Date: Wed, 09 Aug 2006 12:28:47 GMT
  HTTP/1.1 500 Internal Server Error
  Date: Wed, 09 Aug 2006 12:28:47 GMT
  Server: Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)
  Connection: Keep-Alive
  Keep-Alive: timeout=15, max=100
  Content-Type: text/xml
  Transfer-Encoding: chunked
  157
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode><faultstring>Step execution failed with an exception</faultstring><detail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
  0
  So basically, what I am doing here as follows:
  HelloClient(using JWSPD1.6)->gateway(web service manager for securing the web service using message level security through certificate )->helloservice(deployed using JWSDP1.6)
  I would appreciate if someone could tell me the cause of this errror.Thanks.
  Kashif

  time to look into the gateway logs as stated by the fault ..
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode><faultstring>Step execution failed with an exception</faultstring><detail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
  looks like the cipher step might have failed

• Access Java SOAP based web service using WS Security

  Hi,
  I need to call a Java based SOAP webservice which has message level security enabled with Binary Token.
  I have connected to the service using SOAPUI and below is the sample header for the same. I need to achieve the same in my Windows form application from where I am calling the SOAP service over https.
  I am not an expert in WS Security. Need some tips or sample code to achieve this.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://www.bombardier.com/aerospace/notification/V1.0"
  xmlns:v11="http://www.bombardier.com/aerospace/effectivity/V1.0">
     <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
           <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
  ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-76146B887E7568491C142289201149318">MIIKZTCCCE2gAwIBAgIKXdo6EQACAAXqazANBgkqhkiG9w0BAQUFADB3MRMwEQYKCZImiZPyLGQBGRYDbmV0MRowGAYKCZImiZPyLGQBGRYKYm9tYmFyZGllcjEUMBIGCgmSJomT8ixkARkWBGFlcm8xFDASBgoJkiaJk/IsZAEZFgRhZXJvMRgwFgYDVQQDEw9BZXJvLUlzc3VpbmctQ0EwHhcNMTUwMTIzMTkzMzIyWhcNMTcwMTIyMTkzMzIyWjCBvzELMAkGA1UEBhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzERMA8GA1UEBxMITW9udHJlYWwxGDAWBgNVBAoTD0JvbWJhcmRpZXIgSW5jLjESMBAGA1UECxMJQWVyb3NwYWNlMScwJQYDVQQDEx5jb2xsYWItZGV2LmFlcm8uYm9tYmFyZGllci5uZXQxNTAzBgkqhkiG9w0BCQEWJm10bF9pdF9vcHNfd2luZG93c0BhZXJvLmJvbWJhcmRpZXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlzvsKg9LVifnEtxq947BXIcMV14ivIOvBgcoTdH6cw44ZUErp8MCSVBZnzJCmaRl4Qb1zUBrIjJk0h5omQPbFTUcpE84oHfvlJzNLknCVirks94RAvqtQFl0RgCl6EKiT3yNNncSI1OjPlL1wmebtghTyyRH3mqixWn2L43AF114nH/uIm5zozxCCIqW4biwx7PaHbuT6Kj3UzmarTXoGCDE8mbwUfCaQowaNWSCphU9BIqXUE2sW0FzNQnyjg0Z64FvSI07fJXCxb9URw61uQ3M5HCj8OqR5yQsiDuAnmw1AIccaoEBZu5yIhcY0xMVoNOKo3901xVEExBjbFJSwIDAQABo4IFqDCCBaQwCwYDVR0PBAQDAgWgMIICCwYDVR0RBIICAjCCAf6CHmNvbGxhYi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIkY3Jhd2wtY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0giJhZG0tY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0gh5teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCImFkbS1teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCJGNyYXdsLW15c2l0ZS1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiYWRtLWVudHNydi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDEuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDIuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDMuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIlc2VhcmNoZmFzdC1kZXYuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIpc2VhcmNoZmFzdC1hZG0tZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXSCI210bHdhc21zcDYwMS5jYS5hZXJvLmJvbWJhcmRpZXIubmV0giFjbWlzc3AtZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXQwHQYDVR0OBBYEFDa9eetNyQfJSvGWMqLM6PUY5Pe/MB8GA1UdIwQYMBaAFPcL/75Iad8EnXpbXm/8o/81NQHJMIIBYgYDVR0fBIIBWTCCAVUwggFRoIIBTaCCAUmGgc1sZGFwOi8vL0NOPUFlcm8tSXNzdWluZy1DQSxDTj1NVExXSVBLSTAwMixDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZXJvLERDPWFlcm8sREM9Ym9tYmFyZGllcixEQz1uZXQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50hkNodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EuY3JshjJodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBLmNybDCCAW0GCCsGAQUFBwEBBIIBXzCCAVswgcEGCCsGAQUFBzAChoG0bGRhcDovLy9DTj1BZXJvLUlzc3VpbmctQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9YWVybyxEQz1hZXJvLERDPWJvbWJhcmRpZXIsREM9bmV0P2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MFIGCCsGAQUFBzAChkZodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EoMikuY3J0MEEGCCsGAQUFBzAChjVodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBKDIpLmNydDA9BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiFoPNlhYL3Xob1lTKCsPMIguTeGxOD/oINhsufMAIBZAIBDTATBgNVHSUEDDAKBggrBgEFBQcDATAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4ICAQCtFw4FKpzNr8gpnpHHJvgjUfe7FbXvzuf8qENJQA+5KJjD6rqeSGpDJcvSwiFblZobFswFb7OABrxfpvDnmDbBfvozHPhAWBnmISz0t2ydb7R/SY1cl8NihamCPrtVN/azVDVqvj1kHkrVRM18BGSFowqGixMFQr4rDgB75214FN69a85AnxV5O5ip+U9g/JdW2qRSGcfUd1np2QActllDimc+33rp/nXIaoXjRlXhkm+WxCt3Ca5OgwnVm3a4Ceiljj+1i5+8XV2zngv6eq4HlrBg0sFPaHWdjrIGcNyaWW0h0dPQUuv4Gm3zKDkQ3AQSC3cV5qCqmh6fCaCsI3us2kSJjHMZa+OSDLI7K01pDP85TieHeoONBo8mRKsOQ0e1FGXH2BkbXSN1DgfJ1IzddaBbSsnjR5gNrRMmZJnCXnluT8Gmwyv9EKjMit6yt0sWwrADd5ZIjYUnxnrkgfXpPY2kqK2gOl12IHjFK6d5vUsGTlIv9H3OmtCWVBHpR125C0CZvU987z3u9Gv4Jiuv/LpDuv1bNuqNHsQfSqSYsjEreGIP+DapzhMOefiv+kN4nLj3Owk4VdQm9+dxekwaS7HFwAQGOVik877mXxmjRhwxtZPW0ZrWs3fZ2z90Ppki4cGN/rtaLGz+WwicrPt1B34296kQkkIolWtiGjkpnQ==</wsse:BinarySecurityToken>
           <ds:Signature Id="SIG-76146B887E7568491C142289201149421" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
              <ds:SignedInfo>
                 <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                    <ec:InclusiveNamespaces PrefixList="soapenv v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                 </ds:CanonicalizationMethod>
                 <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                 <ds:Reference URI="#id-76146B887E7568491C14228915193694">
                    <ds:Transforms>
                       <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                          <ec:InclusiveNamespaces PrefixList="v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                       </ds:Transform>
                    </ds:Transforms>
                    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
                    <ds:DigestValue>3OlmMDNX7kDCNz4cRIZD+O/2xdA=</ds:DigestValue>
                 </ds:Reference>
              </ds:SignedInfo>
              <ds:SignatureValue>mfeQ+wTS5eMpaU7tmrAZeG9GBLegQFe35fuHRsDXBJfq1Kcd1jRwgpIR+iSIymXGzF3ToJZzCOnE
  MdW+UWdi8WAQOqw6YopJg82Tb2RJpQJADAzxbbLD2hOn1GLdXuLxtV040UsiumGi9kaKk4BaD2gSdW9Q
  EHwbrbQReo1bN8kNEJhFSWalhquPqD3WVK5+6A==</ds:SignatureValue>
              <ds:KeyInfo Id="KI-76146B887E7568491C142289201149319">
  <wsse:SecurityTokenReference wsu:Id="STR-76146B887E7568491C142289201149320">
                    <wsse:Reference URI="#X509-76146B887E7568491C142289201149318" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
                 </wsse:SecurityTokenReference>
              </ds:KeyInfo>
           </ds:Signature>
        </wsse:Security>
     </soapenv:Header>

  Hi,
  The following articles would be helpful:
  .net call WS-Security enabled web service (created in java)
  http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
  WS-Security Protocol with .NET – A Overview
  http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
  An introduction to Web Service Security using WSE - Part I
  http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
  As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
  Best Regards
  Dennis Guo
  TechNet Community Support

• Use of security in web service

  Hi,
  I have tried to use security from the example jaas-sample of jwsdp 1.5 .
  I just want to secure my web service with a username/password.
  When I called my service from the client...I see the xml flow :
  <?xml version="1.0" encoding="UTF-8"?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
  <env:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
  <wsse:UsernameToken>
  <wsse:Username>Ron</wsse:Username>
  <wsse:Password>****</wsse:Password>
  <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">3k18Sv+DMhcO3aoq6YWLB4xa</wsse:Nonce>
  <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-03-01T15:26:05Z</wsu:Created>
  </wsse:UsernameToken>
  </wsse:Security>
  </env:Header>
  <env:Body>
  <ns0:getInformations/>
  </env:Body>
  </env:Envelope>
  it seems to be correct but I have an exception :
  Thread : main at 01 mars 2005 16:10:06,593 ERROR Error occured during retrieving informations
  java.rmi.ServerException: JAXRPCSERVLET28 : Informations sur le port manquant
       at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:497)
       at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
  It works when I not use the security option (in wscompile) ...
  Have you any idea for a solution?

  Hi,
  I tried the xws-security samples and everything worked fine.
  After editing the "java.security" according to the manual with:
  security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
  After that change and a restart of the application server I get the same error message.
  I copied the jar file "bcprov-jdk14-127.jar" from bouncycastle to the jre/lib/ext folder.
  I will check further.
  br
  Dieter

• Consuming Web Service using WS-Security: USERNAME Token

  Hi ABAP Experts,
  we like to consume a self defined web service between to SAP systems (ECC6 701/006). Without any security settings the connection is successfully.  But we like to setup a message security like USERNAME Token.
  The wss profiles are already created by using TX: WSSPROFILE. Therefore we used the templates "SET_USERNAME" and "CHECK_USERNAME". The service user "DELAY_L<sid>" has been generated as well. The problem is in SOAMANAGER we can't find the related configuration (For Provider and Consumer) to set the parameters "PROFILE In" and "Profile Out" like it was in the obsolete TX "LPCONFIG".
  Can anybody help me to find out how to configure USERNAME Token using SOAMANAGER.
  Thank you very much in advance.
  Kind regards
  Axel

  Hi,
  The following articles would be helpful:
  .net call WS-Security enabled web service (created in java)
  http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
  WS-Security Protocol with .NET – A Overview
  http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
  An introduction to Web Service Security using WSE - Part I
  http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
  As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
  Best Regards
  Dennis Guo
  TechNet Community Support

• How to Create web service using JMS with PUB/SUB pattern.

  Hi All,
  I need to expose web service using JMS with PUB/SUB pattern.
  if you have any source for this.
  I tried to use @WLJmsTransport annotation but unable to get it done.
  I have configured all JMS server, topic, and connection factory.
  Thanks.

  Hi, I am having web sample web service program which is simple one.
  But I need to Modify this to JMS enable.
  Can any one help me?
  Thanks.

• Issue with calling an external web service using web service proxy

  Hi,
  I've created several web services using JDeveloper succesfully in the past, however I'm getting an issue with one that was working ok previously. Have spoken to the developers of the external web service and they say they haven't changed anything. Also if I test the external web service through soapUI for example it seems fine so it would seem that the issue is with the autogenerated code created by JDeveloper.
  Basically I get the following exception as it sends the request to the external service:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: Bad Authentication header format: 'Basic realm="Integration Server" encoding="UTF-8"'
  Expected "," at position 33
  The user name/password appear correct.
  JDev version 10.1.3.42.70
  Any ideas?
  Many Thanks
  Gary
  Edited by: user10916721 on 08-May-2012 09:54

  Found the answer. Basically I had one proxy web service working and one not both linking to a middle tier written in web methods. THe issue actually ended up being with the web methods code in that the one web service (that was not working) was put together using a backwards compatability mode. Once this was switched back then started working again in JDev.

• Secured Sybase Web Service with outside certificate authority

  Hello,
  I would like to use Secured Sybase Web Service with outside certificate authority, like Symantec. Could you let me know how I can create CSR for sending to Symantec? What other steps do I need to do?
  Thanks,
  Sudarat.

  Hello Jason,
  Thanks for your reply. The certificate authority require the CSR file before issue a signed certificate. If this is a signed certificate for IIS web server, I can create CSR from IIS. But I cannot use a signed certificate created from CSR of IIS with Sybase Web Service. The below steps are what I have tried.
  1. I use CreateCert.exe with /r parameter to create CSR and private key.
  2. I sent CSR to a certificate authority and they send back a signed certificate.
  3. I have to combine a signed certificate from #2 with private key created from #1. Then use that file to specify with -xs{https …when starting the service.
  Are the above steps what I have to do?  If so, do I need to redistribute createcert.exe to my customers who want to use my application and how? Why I cannot use the signed certificate created from CSR of IIS?
  Thanks,
  Sudarat.

• Implementing Security in web services developed using JAX WS approach

  Hi ,
  Our Organization has developed a Web service using JAX WS approach exposing EJB as EndPoint .This wsdl file URL is only used by third party companies that register with us (Means i want to say that this wsdl url is not world wide accessable).
  Now we need to implement security for this service , please tell me what is the appropiate for doing so ??
  Thank you in advance .
  Waiting for your valuable suggestions .
  Please help .

  You can implement message level security in many ways. Some of the ways are
  SAML
  Digital certificates etc
  You may have to work with your vendor specific API to achieve this. Take a look at one case study.
  http://www.ibm.com/developerworks/webservices/library/ws-security.html
  You will find lot of articles on google to implement message level security however my recommendation would be to get in touch with security expert.

• Authenticating to weblogic web service using a client cert with webserver

  I am trying to think of how to authenticate a client to a weblogic web service
  using a client certificate. The wrinkle is that a Web Server (iis or whatever)
  will be handling the ssl part and forwarding non-secure to weblogic. The cert
  will still be accessable in the request using: HttpServletRequest req.getAttribute("javax.net.ssl.peer_certificates).
  At this point it is not clear to me what I can do. When does CertAuthenticator
  get called? Can I even use it? Will I have to write my own version of the weblogic.soap.server.servlet.StatelessBeanAdapter
  class?
  Any help will be appreciated, even explaining why it can't be done.
  Thanks,
  Scott

  I am trying to think of how to authenticate a client to a weblogic web service
  using a client certificate. The wrinkle is that a Web Server (iis or whatever)
  will be handling the ssl part and forwarding non-secure to weblogic. The cert
  will still be accessable in the request using: HttpServletRequest req.getAttribute("javax.net.ssl.peer_certificates).
  At this point it is not clear to me what I can do. When does CertAuthenticator
  get called? Can I even use it? Will I have to write my own version of the weblogic.soap.server.servlet.StatelessBeanAdapter
  class?
  Any help will be appreciated, even explaining why it can't be done.
  Thanks,
  Scott

• Flex/ActionScript3 support for web services using WS-Security

  Does Flex/ActionScript3 have support for connecting to a web
  service using WS-Security (Policy Creation). I've tried using the
  Flex Data Service "Import WSDL" method and it does not allow me to
  connect. Is there Flex/AS3 package that can handle creating the
  Policy information for a web service that utilizies WS-Security?
  Thanks,
  Tom

  quote:
  Does Flex/ActionScript3 have support for connecting to a web
  service using WS-Security (Policy Creation).
  Yes and no. The "Import WSDL" doesn't create AS3 classes that
  allow header injection of the appropriate WS-Security elements.
  I've managed to work around this using straight mx:webservice tags
  and AS3. There is an open bug at
  https://bugs.adobe.com/jira/browse/SDK-15398
  that I voted on, the more the merrier.
  http://www.jroller.com/wookets/entry/ws_security_in_flex
  Has a useful class for creating the soap header elements for a
  username token,
  In general though, it's been a challenge to get the simplest
  of WS-Security pieces working.
  -Brett

• Trouble connecting to https secure web service using Adobe Livecycle Designer

  I am attempting to use Adobe Livecycle Designer ES2 to create a data connection in a Form to a secure (https) web service and I'm having some difficulty.
  I'm new to Livecycle and have tried searching online for an answer, but the help isn't very clear and the only tutorials online that I can find are ones that connect to non-https services.
  The WSDL I'm trying to connect to is: https://uk.ws.ondemand.qas.com/ProOnDemand/V3/ProOnDemandService.asmx?WSDL
  My questions are:
  Q1. Does Adobe Livecycle support https web service connections? The following link suggests that this isn't possible: http://books.google.co.uk/books?id=yOOcM3Bn4BAC&pg=PA179&lpg=PA179&dq=secure+web+service+w ith+adobe+livecycle&source=bl&ots=jm1GIZflOJ&sig=uLfv5Xda4eXXJl5o_7vBViwU-w0&hl=en&sa=X&ei =WLvIT5P4OujW0QWmv7nDAQ&ved=0CI4BEOgBMAk#v=onepage&q=secure%20web%20service%20with%20adobe %20livecycle&f=false
  Q2. I've managed to consume the WSDL but can only see the body of the XML request for a particular SOAP action. Where can I add the username/password credentials? I've selected "Requires Message-Level Authentication" during the new connection wizard, but it doesn't prompt me at all for these details.

  Hi,
  I tried using SOAP.Connect too..
  But I am facing the same problem.
  Any solution found yet?
  Rgerads, Amith