Sample with Securing Identity Web Services using jee sdk update 3 fails!!
Hi,
following the sample from identy enabled webServices as described in :
../blueprints/ws-security/identityWebServices-jaxws/index.html
results in an error message:
[#|2007-11-14T10:06:57.252+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:57:252 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
ERROR: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
I tried both building/deployiny using ant and netbeans (after importing to NB).
Using Java EE 5 SDK Update 3 with Tools on windows.
Has someone successfully used deployed/run this sample?
cheers
Additional error messages:
[#|2007-11-14T10:06:56.481+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:481 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
could not create SSOToken from HttpRequest
com.iplanet.dpro.session.SessionException: Invalid session ID.
at com.iplanet.dpro.session.Session.getSession(Session.java:785)
at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:100)
at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:242)
at com.sun.identity.wss.security.handler.HTTPRequestHandler.setTokenInSubject(HTTPRequestHandler.java:169)
at com.sun.identity.wss.security.handler.HTTPRequestHandler.shouldAuthenticate(HTTPRequestHandler.java:116)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.identity.agents.jsr196.as9soap.AMHttpAuthModule.validateRequest(AMHttpAuthModule.java:195)
at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1179)
at com.sun.web.security.RealmAdapter.validate(RealmAdapter.java:1261)
at com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1143)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:627)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doChainInvoke(StandardPipeline.java:583)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:92)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
[#|2007-11-14T10:06:56.481+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:481 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
HTTPRequestHandler.setTokenInSubject: Invalid SSOToken
|#]
[#|2007-11-14T10:06:56.491+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=22;_ThreadName=Thread-85;|11/14/2007 10:06:56:481 AM CET: Thread[Thread-85,10,Grizzly]
Session Cache Cleaner started
|#]
[#|2007-11-14T10:06:56.541+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:541 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
DataLayer: number of retry = 3
|#]
[#|2007-11-14T10:06:56.541+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:541 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
DataLayer: retry interval = 1000
|#]
[#|2007-11-14T10:06:56.541+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:541 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
DataLayer: retry error codes = []
|#]
[#|2007-11-14T10:06:56.551+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:551 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
WARNING: DSConfigMgr.getDSConfigMgr: serverconfig.xml probably missing. May be running in client mode
java.io.FileNotFoundException: null\serverconfig.xml (Das System kann den angegebenen Pfad nicht finden)
at java.io.FileInputStream.open(Native Method)
at java.io.FileInputStream.<init>(FileInputStream.java:106)
at java.io.FileInputStream.<init>(FileInputStream.java:66)
at com.iplanet.services.ldap.DSConfigMgr.getDSConfigMgr(DSConfigMgr.java:173)
at com.iplanet.am.util.AdminUtils.<clinit>(AdminUtils.java:76)
at com.sun.identity.security.AdminTokenAction.getSSOToken(AdminTokenAction.java:263)
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:174)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.wss.provider.ProviderConfig.getAdminToken(ProviderConfig.java:617)
at com.sun.identity.wss.provider.ProviderConfig.getProvider(ProviderConfig.java:505)
at com.sun.identity.wss.security.handler.HTTPRequestHandler.shouldAuthenticate(HTTPRequestHandler.java:132)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.identity.agents.jsr196.as9soap.AMHttpAuthModule.validateRequest(AMHttpAuthModule.java:195)
at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1179)
at com.sun.web.security.RealmAdapter.validate(RealmAdapter.java:1261)
at com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1143)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:627)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doChainInvoke(StandardPipeline.java:583)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:92)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
[#|2007-11-14T10:06:56.551+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:551 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
AdminUtils: Could not initialize admin info message: Got LDAPServiceException code=19
|#]
[#|2007-11-14T10:06:56.551+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:56:551 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
Crypt.static{}: Encryptor class= com.iplanet.services.util.JSSEncryption
|#]
[#|2007-11-14T10:06:57.252+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:57:252 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
AdminTokenAction::getSSOToken Not found AdminDN and AdminPassword.
java.lang.NoClassDefFoundError: org/mozilla/jss/crypto/KeyGenAlgorithm
at java.lang.Class.forName0(Native Method)
at java.lang.Class.forName(Class.java:169)
at com.iplanet.services.util.Crypt.createInstance(Crypt.java:133)
at com.iplanet.services.util.Crypt.<clinit>(Crypt.java:103)
at com.iplanet.am.util.AdminUtils.getAdminPassword(AdminUtils.java:132)
at com.sun.identity.security.AdminTokenAction.getSSOToken(AdminTokenAction.java:263)
at com.sun.identity.security.AdminTokenAction.run(AdminTokenAction.java:174)
at java.security.AccessController.doPrivileged(Native Method)
at com.sun.identity.wss.provider.ProviderConfig.getAdminToken(ProviderConfig.java:617)
at com.sun.identity.wss.provider.ProviderConfig.getProvider(ProviderConfig.java:505)
at com.sun.identity.wss.security.handler.HTTPRequestHandler.shouldAuthenticate(HTTPRequestHandler.java:132)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.sun.identity.agents.jsr196.as9soap.AMHttpAuthModule.validateRequest(AMHttpAuthModule.java:195)
at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1179)
at com.sun.web.security.RealmAdapter.validate(RealmAdapter.java:1261)
at com.sun.web.security.RealmAdapter.invokeAuthenticateDelegate(RealmAdapter.java:1143)
at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:627)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:609)
at org.apache.catalina.core.StandardPipeline.doChainInvoke(StandardPipeline.java:583)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:92)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:270)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:339)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:261)
at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:212)
at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask(PortUnificationPipeline.java:361)
at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
|#]
[#|2007-11-14T10:06:57.252+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:57:252 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
AdminTokenAction::run Unable to get SSOToken from serverconfig.xml
|#]
[#|2007-11-14T10:06:57.252+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:57:252 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
AdminTokenAction: App user name or password is empty
|#]
[#|2007-11-14T10:06:57.252+0100|INFO|sun-appserver9.1|javax.enterprise.system.stream.out|_ThreadID=14;_ThreadName=httpSSLWorkerThread-8080-0;|11/14/2007 10:06:57:252 AM CET: Thread[httpSSLWorkerThread-8080-0,10,Grizzly]
ERROR: AdminTokenAction: FATAL ERROR: Cannot obtain Application SSO token.
Check AMConfig.properties for the following properties
com.sun.identity.agents.app.username
com.iplanet.am.service.password
|#]
The problem is that the AMclient does not find its AMConfig.properties. In my install this file is at
/Applications/SUNWappserver/domains/domain1/config. Simply add this path to the server classpath and it will work.
S.
Similar Messages
-
Unable to call WSS (WS-Security) enabled Web Service using UTL_DBWS
We are attempting to call a WSS (WS-Security) enabled Web Service from PL/SQL using the UTL_DBWS package (see [http://download.oracle.com/docs/cd/B19306_01/appdev.102/b14258/u_dbws.htm#CHDIDGJH] ). We are doing this in similar fashion to [http://www.oracle-base.com/articles/10g/utl_dbws10g.php] with calls to utl_dbws.create_service, utl_dbws.create_call and utl_dbws.invoke.
Using this method we can successfully call an unsecured Web Service, but calls to WSS-enabled Web Services fail. We are currently using Oracle Database 10.2.0.3.
The failure we are getting is:
ORA-29532: Java call terminated by uncaught Java exception: javax.xml.rpc.soap.SOAPFaultException:
com.sun.xml.wss.XWSSecurityException: Message does not conform to configured
policy ( AuthenticationTokenPolicy(S) ): No Security Header found;nested
exception is com.sun.xml.wss.XWSSecurityException:
com.sun.xml.wss.XWSSecurityException: Message does not conform to configured
policy ( AuthenticationTokenPlicy(S) ): No Security Header found
Apparently UTL_DBWS does not support calling WSS enabled services, although this doesn't appear to be an officially recognised position. Does anyone know if Oracle are planning to support this soon (if ever)? Looking at Re: Calling WS from PL/SQL using WS-security suggests that support has been considered before, but not yet realised.
Thanks,
TomHaving raised a Service Request with Oracle support on this, I got the following response from Oracle Development (On unpublished bug [8542959|https://metalink2.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=BUG&p_id=8542959]):
Development has confirmed that WS-Security is not supported through UTL_DBWS. They have also acknowledged that this is not documented and they will change the official Oracle documentation will reflect this fact. From what is being stated, it would appear that there is no plan to support the use of WS-Security through UTL_DBWS in any release in the near future.
So, in short, without developing your own home-grown SOAP request, there is no way to call a WSS enabled web service from within PL/SQL.
-Tom -
How to call a secure external Web Service using Oracle BPEL and OWSM
Hi,
i have to invoke an external secure Web Service using SOA Suite 10.1.3.1, but i don´t know how to do this. Do i use OWSM gateway or Agent? how to configure the gateway or agent to pass the required security to the external secure web service.
thanks in advance
DongAre you getting any errors? What type of XAI Class are you using?
One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
Hope this helps.
Regards,
Philip -
Issue with Calling Rest Web Service using Designer workflow
Hello all
I am calling a Rest web service- HTTP Post (yammer API)-
http://www.yammer.com/api/v1/messages.json?data-app-id=myappid&group_id=groupid&body=MyPost in yammer using sharepoint 2013 designer workflow.(My Requirement is to create a yammer post when I approve an item in sharepoint).
but my header parameters are creating issue while executing workflow.
Currently I have these many parameters configured in request header
Accept -application/json; odata=verbose
Content Type -application/json; odata=verbose
content length header -255
Is there anything wrong or I need to additionally pass some values in call web service action?
Any help would be highly appreciatedHi Mahesh,
One you are missing is authentication token or credentials.
Please refer to the following articles.
http://www.cleverworkarounds.com/2014/02/05/tips-for-using-spd-workflows-to-talk-to-3rd-party-web-services/
A Series of articles related to Web Service in SPD Workflow
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 1
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 2
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 3
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 4
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 5
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 6
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 7
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 8
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 9
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 10
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 11
Trials or tribulation?
Inside SharePoint 2013 workflows–Part 12
Please don't forget to mark it answered, if your problem resolved or helpful -
Exception while accessing web service secure through web services Manager
Hi All,
I deployed sime Hello World web service on JWSDP1.6 and secure it through web service manager(gateway) using Certificate based security.But when I try to access this web service using JWSDP client,I got the following Error while monitoring the soap messages through TCP-Monitor:
/////////////////////////////////Request///////////////////////////////////////////////////////////////
POST /gateway/services/SID0003009 HTTP/1.1
Content-Type: text/xml; charset=utf-8
Accept: text/xml, text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
Content-Length: 5631
SOAPAction: ""
User-Agent: Java/1.5.0_05
Host: ivy.cs.ucl.ac.uk:8082
Connection: keep-alive
<?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://hello.org/wsdl" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1"><xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">eN9famBBWzHNUIwWRhMPktcM+VQ=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>MHjtgA4wOtvI1B+SuRVEmD07yE+jl6axd4XbJ0nvQ3EzSuVVoST9vHzURh+B47yj41187s8T+yjt
Bmpk9OB278Jghonkacv6r+q+LVlxRrQDudNGir7plzFeM6bUadMxf+FLgn5O0a44vU/tvy6V9+zi
yqFdhTvS21No/aW62No=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#XWSSGID-1155126003241-1198323932"/></xenc:ReferenceList></xenc:EncryptedKey><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-11551260018331598979688">MIIC3TCCAkagAwIBAgIBATANBgkqhkiG9w0BAQQFADBJMQswCQYDVQQGEwJVUzEMMAoGA1UECBMD
U0NBMQwwCgYDVQQKEwNTVU4xHjAcBgNVBAMTFWNlcnRpZmljYXRlLWF1dGhvcml0eTAeFw0wNjAz
MTkxMzQ5MDJaFw0xNjAzMTYxMzQ5MDJaMEcxCzAJBgNVBAYTAlVTMQwwCgYDVQQIEwNTQ0ExDDAK
BgNVBAoTA1NVTjEcMBoGA1UEAxMTeHdzLXNlY3VyaXR5LWNsaWVudDCBnzANBgkqhkiG9w0BAQEF
AAOBjQAwgYkCgYEAzNDPKUz1MhUH1LsrLqXKxciOKSWeTrdoe/SVwe/4uy5eobAWSsSTposaOYFy
uxf3cGCCIs7u0jMAXLQ9jzobDbt9XQ4tXPoBzKKzS+yU6hDk2TcOCkioeT9A9db5LF8yevhwXKB4
AJ1Eh//Dp/djoonXCCxsxupQZp3ueRJrR98CAwEAAaOB1jCB0zAJBgNVHRMEAjAAMCwGCWCGSAGG
+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQUECH05VC3/WGW
H4AGD6tnH0h+kFUweQYDVR0jBHIwcIAUdry1wGRZ2fyJSKisVSxpMEmIiaahTaRLMEkxCzAJBgNV
BAYTAlVTMQwwCgYDVQQIEwNTQ0ExDDAKBgNVBAoTA1NVTjEeMBwGA1UEAxMVY2VydGlmaWNhdGUt
YXV0aG9yaXR5ggkA4HaEvd6hq8YwDQYJKoZIhvcNAQEEBQADgYEA0RhOk67pCrO6MgZZGqrmAMW6
76fZowBxTKlFq88nrf8v1MUxV8H9wgbTDrwR0HtxY3TGpDFw2tNAww2pyDX/pQ2Wt46ichluGxjf
aEV53loKTOM7syAmlicWqViGzBfgzriIl918TzFaX9BD/Y55bKZQk057maBCSkUuFfF453s=</wsse:BinarySecurityToken><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><InclusiveNamespaces xmlns="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse enc env ns0 xsd xsi"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#XWSSGID-1155126002593447652186"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>UJ1kuwI+WuF/RkrQpZrj1GvraLI=</ds:DigestValue></ds:Reference><ds:Reference URI="#XWSSGID-1155126002602761294100"><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>sKG/z5OIGgqJ2nw7JtpXyJzr8pY=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>SBc65VTG1xpEkRUTz70H0fVGIgoBJ0QnNad0k07RMSfw4vG1WHJdt19R05pO2AvU5aoYuBSaguJe
ZGEjmWzw8mnSWKBi+zeDMeJiwgqwW6HHHX9P7JDslxuTIqoJIVUbSjUTSVz6ww8siIK65quXdkMT
ZzLfp7Cd0gBuA3EEZpg=</ds:SignatureValue><ds:KeyInfo><wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-11551260025411896275738">
<wsse:Reference URI="#XWSSGID-11551260018331598979688" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1155126002602761294100"><wsu:Created>2006-08-09T12:20:02Z</wsu:Created><wsu:Expires>2006-08-09T12:20:07Z</wsu:Expires></wsu:Timestamp></wsse:Security></env:Header><env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1155126002593447652186"><xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1155126003241-1198323932" Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><xenc:CipherData><xenc:CipherValue>XNqEzHNp47ILtOagAUNCXYkxOCWv4CjHqmZ7j6VKN/NO96ce4BsNSL6lKzqa9dPxHB1sTVGZQ8KA
COQ6DGwyWCP8ip+CU2hor3uUAml7nzHTx1LUw3Db+0p31VAT3EqKJA3aFy38GQrBTr9ojMOUA6tm
Cj71yucN3UCKRUl3RpE8qU68y7AwNxPsyAZeSa2AVm2cmWvSDZlxgMsx+JCEZaf3+D0o1zMp0Fxb
MSISPt/JrEolt1H5UM1AoFGU4QkckWrQNLPyEF9oxEgZ8oCE5U8v/YJwZIAHFrx67XfaLwQLjzXw
VPigsH9gLkfbP2BU8Vp31GsPwBZtUeNz9S35+CZPD7EiqoAB1QuAxZkJV7n00VChYH+scT64tNja
c81bcD8tf4sAr7toCMNDAU6+74+Qy0EyPqgwLtotDxErn4kF8e72cONMMQBQ91tQs+iI+D6C1I6+
f9UiSfgtm/MTuKQK1CRqarEtI9N6lpqVH8k7ulUwH/jFstihxmhMJ3aZY+qQgSwSs3pwSSim+e18
eR7dOEq4vG8ivKuGvTDO4sSV2RP/nL/3eXr0y7eM0kMFKwTUA4JqL4Y/l8Bo/rie/ZXkkbF6hwEu
dX1QmB0gf5k=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></env:Body></env:Envelope>
////////////////////////////////Response///////////////////////////////////////////////////////////////
HTTP/1.1 100 Continue
Server: Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)
Date: Wed, 09 Aug 2006 12:28:47 GMT
HTTP/1.1 500 Internal Server Error
Date: Wed, 09 Aug 2006 12:28:47 GMT
Server: Oracle Application Server Containers for J2EE 10g (10.1.2.0.0)
Connection: Keep-Alive
Keep-Alive: timeout=15, max=100
Content-Type: text/xml
Transfer-Encoding: chunked
157
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode><faultstring>Step execution failed with an exception</faultstring><detail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
0
So basically, what I am doing here as follows:
HelloClient(using JWSPD1.6)->gateway(web service manager for securing the web service using message level security through certificate )->helloservice(deployed using JWSDP1.6)
I would appreciate if someone could tell me the cause of this errror.Thanks.
Kashiftime to look into the gateway logs as stated by the fault ..
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode xmlns:p="http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode><faultstring>Step execution failed with an exception</faultstring><detail></detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
looks like the cipher step might have failed -
Access Java SOAP based web service using WS Security
Hi,
I need to call a Java based SOAP webservice which has message level security enabled with Binary Token.
I have connected to the service using SOAPUI and below is the sample header for the same. I need to achieve the same in my Windows form application from where I am calling the SOAP service over https.
I am not an expert in WS Security. Need some tips or sample code to achieve this.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://www.bombardier.com/aerospace/notification/V1.0"
xmlns:v11="http://www.bombardier.com/aerospace/effectivity/V1.0">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-76146B887E7568491C142289201149318">MIIKZTCCCE2gAwIBAgIKXdo6EQACAAXqazANBgkqhkiG9w0BAQUFADB3MRMwEQYKCZImiZPyLGQBGRYDbmV0MRowGAYKCZImiZPyLGQBGRYKYm9tYmFyZGllcjEUMBIGCgmSJomT8ixkARkWBGFlcm8xFDASBgoJkiaJk/IsZAEZFgRhZXJvMRgwFgYDVQQDEw9BZXJvLUlzc3VpbmctQ0EwHhcNMTUwMTIzMTkzMzIyWhcNMTcwMTIyMTkzMzIyWjCBvzELMAkGA1UEBhMCQ0ExDzANBgNVBAgTBlF1ZWJlYzERMA8GA1UEBxMITW9udHJlYWwxGDAWBgNVBAoTD0JvbWJhcmRpZXIgSW5jLjESMBAGA1UECxMJQWVyb3NwYWNlMScwJQYDVQQDEx5jb2xsYWItZGV2LmFlcm8uYm9tYmFyZGllci5uZXQxNTAzBgkqhkiG9w0BCQEWJm10bF9pdF9vcHNfd2luZG93c0BhZXJvLmJvbWJhcmRpZXIuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzlzvsKg9LVifnEtxq947BXIcMV14ivIOvBgcoTdH6cw44ZUErp8MCSVBZnzJCmaRl4Qb1zUBrIjJk0h5omQPbFTUcpE84oHfvlJzNLknCVirks94RAvqtQFl0RgCl6EKiT3yNNncSI1OjPlL1wmebtghTyyRH3mqixWn2L43AF114nH/uIm5zozxCCIqW4biwx7PaHbuT6Kj3UzmarTXoGCDE8mbwUfCaQowaNWSCphU9BIqXUE2sW0FzNQnyjg0Z64FvSI07fJXCxb9URw61uQ3M5HCj8OqR5yQsiDuAnmw1AIccaoEBZu5yIhcY0xMVoNOKo3901xVEExBjbFJSwIDAQABo4IFqDCCBaQwCwYDVR0PBAQDAgWgMIICCwYDVR0RBIICAjCCAf6CHmNvbGxhYi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIkY3Jhd2wtY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0giJhZG0tY29sbGFiLWRldi5hZXJvLmJvbWJhcmRpZXIubmV0gh5teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCImFkbS1teXNpdGUtZGV2LmFlcm8uYm9tYmFyZGllci5uZXSCJGNyYXdsLW15c2l0ZS1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiYWRtLWVudHNydi1kZXYuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDEuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDIuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIiTVRMV1dNU1M2MDMuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIlc2VhcmNoZmFzdC1kZXYuY2EuYWVyby5ib21iYXJkaWVyLm5ldIIpc2VhcmNoZmFzdC1hZG0tZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXSCI210bHdhc21zcDYwMS5jYS5hZXJvLmJvbWJhcmRpZXIubmV0giFjbWlzc3AtZGV2LmNhLmFlcm8uYm9tYmFyZGllci5uZXQwHQYDVR0OBBYEFDa9eetNyQfJSvGWMqLM6PUY5Pe/MB8GA1UdIwQYMBaAFPcL/75Iad8EnXpbXm/8o/81NQHJMIIBYgYDVR0fBIIBWTCCAVUwggFRoIIBTaCCAUmGgc1sZGFwOi8vL0NOPUFlcm8tSXNzdWluZy1DQSxDTj1NVExXSVBLSTAwMixDTj1DRFAsQ049UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJhdGlvbixEQz1hZXJvLERDPWFlcm8sREM9Ym9tYmFyZGllcixEQz1uZXQ/Y2VydGlmaWNhdGVSZXZvY2F0aW9uTGlzdD9iYXNlP29iamVjdENsYXNzPWNSTERpc3RyaWJ1dGlvblBvaW50hkNodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EuY3JshjJodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBLmNybDCCAW0GCCsGAQUFBwEBBIIBXzCCAVswgcEGCCsGAQUFBzAChoG0bGRhcDovLy9DTj1BZXJvLUlzc3VpbmctQ0EsQ049QUlBLENOPVB1YmxpYyUyMEtleSUyMFNlcnZpY2VzLENOPVNlcnZpY2VzLENOPUNvbmZpZ3VyYXRpb24sREM9YWVybyxEQz1hZXJvLERDPWJvbWJhcmRpZXIsREM9bmV0P2NBQ2VydGlmaWNhdGU/YmFzZT9vYmplY3RDbGFzcz1jZXJ0aWZpY2F0aW9uQXV0aG9yaXR5MFIGCCsGAQUFBzAChkZodHRwOi8vbXRsd2lwa2kwMDMuYWVyby5hZXJvLmJvbWJhcmRpZXIubmV0L3BraS9BZXJvLUlzc3VpbmctQ0EoMikuY3J0MEEGCCsGAQUFBzAChjVodHRwOi8vY2RwLmFlcm8uYm9tYmFyZGllci5jb20vQWVyby1Jc3N1aW5nLUNBKDIpLmNydDA9BgkrBgEEAYI3FQcEMDAuBiYrBgEEAYI3FQiFoPNlhYL3Xob1lTKCsPMIguTeGxOD/oINhsufMAIBZAIBDTATBgNVHSUEDDAKBggrBgEFBQcDATAbBgkrBgEEAYI3FQoEDjAMMAoGCCsGAQUFBwMBMA0GCSqGSIb3DQEBBQUAA4ICAQCtFw4FKpzNr8gpnpHHJvgjUfe7FbXvzuf8qENJQA+5KJjD6rqeSGpDJcvSwiFblZobFswFb7OABrxfpvDnmDbBfvozHPhAWBnmISz0t2ydb7R/SY1cl8NihamCPrtVN/azVDVqvj1kHkrVRM18BGSFowqGixMFQr4rDgB75214FN69a85AnxV5O5ip+U9g/JdW2qRSGcfUd1np2QActllDimc+33rp/nXIaoXjRlXhkm+WxCt3Ca5OgwnVm3a4Ceiljj+1i5+8XV2zngv6eq4HlrBg0sFPaHWdjrIGcNyaWW0h0dPQUuv4Gm3zKDkQ3AQSC3cV5qCqmh6fCaCsI3us2kSJjHMZa+OSDLI7K01pDP85TieHeoONBo8mRKsOQ0e1FGXH2BkbXSN1DgfJ1IzddaBbSsnjR5gNrRMmZJnCXnluT8Gmwyv9EKjMit6yt0sWwrADd5ZIjYUnxnrkgfXpPY2kqK2gOl12IHjFK6d5vUsGTlIv9H3OmtCWVBHpR125C0CZvU987z3u9Gv4Jiuv/LpDuv1bNuqNHsQfSqSYsjEreGIP+DapzhMOefiv+kN4nLj3Owk4VdQm9+dxekwaS7HFwAQGOVik877mXxmjRhwxtZPW0ZrWs3fZ2z90Ppki4cGN/rtaLGz+WwicrPt1B34296kQkkIolWtiGjkpnQ==</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-76146B887E7568491C142289201149421" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soapenv v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-76146B887E7568491C14228915193694">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="v1 v11" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>3OlmMDNX7kDCNz4cRIZD+O/2xdA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>mfeQ+wTS5eMpaU7tmrAZeG9GBLegQFe35fuHRsDXBJfq1Kcd1jRwgpIR+iSIymXGzF3ToJZzCOnE
MdW+UWdi8WAQOqw6YopJg82Tb2RJpQJADAzxbbLD2hOn1GLdXuLxtV040UsiumGi9kaKk4BaD2gSdW9Q
EHwbrbQReo1bN8kNEJhFSWalhquPqD3WVK5+6A==</ds:SignatureValue>
<ds:KeyInfo Id="KI-76146B887E7568491C142289201149319">
<wsse:SecurityTokenReference wsu:Id="STR-76146B887E7568491C142289201149320">
<wsse:Reference URI="#X509-76146B887E7568491C142289201149318" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>Hi,
The following articles would be helpful:
.net call WS-Security enabled web service (created in java)
http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
WS-Security Protocol with .NET – A Overview
http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
An introduction to Web Service Security using WSE - Part I
http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
Best Regards
Dennis Guo
TechNet Community Support -
Use of security in web service
Hi,
I have tried to use security from the example jaas-sample of jwsdp 1.5 .
I just want to secure my web service with a username/password.
When I called my service from the client...I see the xml flow :
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>Ron</wsse:Username>
<wsse:Password>****</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">3k18Sv+DMhcO3aoq6YWLB4xa</wsse:Nonce>
<wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-03-01T15:26:05Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>
<ns0:getInformations/>
</env:Body>
</env:Envelope>
it seems to be correct but I have an exception :
Thread : main at 01 mars 2005 16:10:06,593 ERROR Error occured during retrieving informations
java.rmi.ServerException: JAXRPCSERVLET28 : Informations sur le port manquant
at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:497)
at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
It works when I not use the security option (in wscompile) ...
Have you any idea for a solution?Hi,
I tried the xws-security samples and everything worked fine.
After editing the "java.security" according to the manual with:
security.provider.2=org.bouncycastle.jce.provider.BouncyCastleProvider
After that change and a restart of the application server I get the same error message.
I copied the jar file "bcprov-jdk14-127.jar" from bouncycastle to the jre/lib/ext folder.
I will check further.
br
Dieter -
Consuming Web Service using WS-Security: USERNAME Token
Hi ABAP Experts,
we like to consume a self defined web service between to SAP systems (ECC6 701/006). Without any security settings the connection is successfully. But we like to setup a message security like USERNAME Token.
The wss profiles are already created by using TX: WSSPROFILE. Therefore we used the templates "SET_USERNAME" and "CHECK_USERNAME". The service user "DELAY_L<sid>" has been generated as well. The problem is in SOAMANAGER we can't find the related configuration (For Provider and Consumer) to set the parameters "PROFILE In" and "Profile Out" like it was in the obsolete TX "LPCONFIG".
Can anybody help me to find out how to configure USERNAME Token using SOAMANAGER.
Thank you very much in advance.
Kind regards
AxelHi,
The following articles would be helpful:
.net call WS-Security enabled web service (created in java)
http://stackoverflow.com/questions/2138129/net-call-ws-security-enabled-web-service-created-in-java
WS-Security Protocol with .NET – A Overview
http://www.c-sharpcorner.com/UploadFile/mahesha/WSSecurityProtocol11232005052243AM/WSSecurityProtocol.aspx
An introduction to Web Service Security using WSE - Part I
http://www.codeproject.com/Articles/7062/An-introduction-to-Web-Service-Security-using-WSE
As this question is not relate to SharePoint, I suggest you post it to a suitable Forum, you will get more help and confirmed answers from there.
Best Regards
Dennis Guo
TechNet Community Support -
How to Create web service using JMS with PUB/SUB pattern.
Hi All,
I need to expose web service using JMS with PUB/SUB pattern.
if you have any source for this.
I tried to use @WLJmsTransport annotation but unable to get it done.
I have configured all JMS server, topic, and connection factory.
Thanks.Hi, I am having web sample web service program which is simple one.
But I need to Modify this to JMS enable.
Can any one help me?
Thanks. -
Issue with calling an external web service using web service proxy
Hi,
I've created several web services using JDeveloper succesfully in the past, however I'm getting an issue with one that was working ok previously. Have spoken to the developers of the external web service and they say they haven't changed anything. Also if I test the external web service through soapUI for example it seems fine so it would seem that the issue is with the autogenerated code created by JDeveloper.
Basically I get the following exception as it sends the request to the external service:
java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: Bad Authentication header format: 'Basic realm="Integration Server" encoding="UTF-8"'
Expected "," at position 33
The user name/password appear correct.
JDev version 10.1.3.42.70
Any ideas?
Many Thanks
Gary
Edited by: user10916721 on 08-May-2012 09:54Found the answer. Basically I had one proxy web service working and one not both linking to a middle tier written in web methods. THe issue actually ended up being with the web methods code in that the one web service (that was not working) was put together using a backwards compatability mode. Once this was switched back then started working again in JDev.
-
Secured Sybase Web Service with outside certificate authority
Hello,
I would like to use Secured Sybase Web Service with outside certificate authority, like Symantec. Could you let me know how I can create CSR for sending to Symantec? What other steps do I need to do?
Thanks,
Sudarat.Hello Jason,
Thanks for your reply. The certificate authority require the CSR file before issue a signed certificate. If this is a signed certificate for IIS web server, I can create CSR from IIS. But I cannot use a signed certificate created from CSR of IIS with Sybase Web Service. The below steps are what I have tried.
1. I use CreateCert.exe with /r parameter to create CSR and private key.
2. I sent CSR to a certificate authority and they send back a signed certificate.
3. I have to combine a signed certificate from #2 with private key created from #1. Then use that file to specify with -xs{https …when starting the service.
Are the above steps what I have to do? If so, do I need to redistribute createcert.exe to my customers who want to use my application and how? Why I cannot use the signed certificate created from CSR of IIS?
Thanks,
Sudarat. -
Implementing Security in web services developed using JAX WS approach
Hi ,
Our Organization has developed a Web service using JAX WS approach exposing EJB as EndPoint .This wsdl file URL is only used by third party companies that register with us (Means i want to say that this wsdl url is not world wide accessable).
Now we need to implement security for this service , please tell me what is the appropiate for doing so ??
Thank you in advance .
Waiting for your valuable suggestions .
Please help .You can implement message level security in many ways. Some of the ways are
SAML
Digital certificates etc
You may have to work with your vendor specific API to achieve this. Take a look at one case study.
http://www.ibm.com/developerworks/webservices/library/ws-security.html
You will find lot of articles on google to implement message level security however my recommendation would be to get in touch with security expert. -
Authenticating to weblogic web service using a client cert with webserver
I am trying to think of how to authenticate a client to a weblogic web service
using a client certificate. The wrinkle is that a Web Server (iis or whatever)
will be handling the ssl part and forwarding non-secure to weblogic. The cert
will still be accessable in the request using: HttpServletRequest req.getAttribute("javax.net.ssl.peer_certificates).
At this point it is not clear to me what I can do. When does CertAuthenticator
get called? Can I even use it? Will I have to write my own version of the weblogic.soap.server.servlet.StatelessBeanAdapter
class?
Any help will be appreciated, even explaining why it can't be done.
Thanks,
ScottI am trying to think of how to authenticate a client to a weblogic web service
using a client certificate. The wrinkle is that a Web Server (iis or whatever)
will be handling the ssl part and forwarding non-secure to weblogic. The cert
will still be accessable in the request using: HttpServletRequest req.getAttribute("javax.net.ssl.peer_certificates).
At this point it is not clear to me what I can do. When does CertAuthenticator
get called? Can I even use it? Will I have to write my own version of the weblogic.soap.server.servlet.StatelessBeanAdapter
class?
Any help will be appreciated, even explaining why it can't be done.
Thanks,
Scott -
Flex/ActionScript3 support for web services using WS-Security
Does Flex/ActionScript3 have support for connecting to a web
service using WS-Security (Policy Creation). I've tried using the
Flex Data Service "Import WSDL" method and it does not allow me to
connect. Is there Flex/AS3 package that can handle creating the
Policy information for a web service that utilizies WS-Security?
Thanks,
Tomquote:
Does Flex/ActionScript3 have support for connecting to a web
service using WS-Security (Policy Creation).
Yes and no. The "Import WSDL" doesn't create AS3 classes that
allow header injection of the appropriate WS-Security elements.
I've managed to work around this using straight mx:webservice tags
and AS3. There is an open bug at
https://bugs.adobe.com/jira/browse/SDK-15398
that I voted on, the more the merrier.
http://www.jroller.com/wookets/entry/ws_security_in_flex
Has a useful class for creating the soap header elements for a
username token,
In general though, it's been a challenge to get the simplest
of WS-Security pieces working.
-Brett -
Trouble connecting to https secure web service using Adobe Livecycle Designer
I am attempting to use Adobe Livecycle Designer ES2 to create a data connection in a Form to a secure (https) web service and I'm having some difficulty.
I'm new to Livecycle and have tried searching online for an answer, but the help isn't very clear and the only tutorials online that I can find are ones that connect to non-https services.
The WSDL I'm trying to connect to is: https://uk.ws.ondemand.qas.com/ProOnDemand/V3/ProOnDemandService.asmx?WSDL
My questions are:
Q1. Does Adobe Livecycle support https web service connections? The following link suggests that this isn't possible: http://books.google.co.uk/books?id=yOOcM3Bn4BAC&pg=PA179&lpg=PA179&dq=secure+web+service+w ith+adobe+livecycle&source=bl&ots=jm1GIZflOJ&sig=uLfv5Xda4eXXJl5o_7vBViwU-w0&hl=en&sa=X&ei =WLvIT5P4OujW0QWmv7nDAQ&ved=0CI4BEOgBMAk#v=onepage&q=secure%20web%20service%20with%20adobe %20livecycle&f=false
Q2. I've managed to consume the WSDL but can only see the body of the XML request for a particular SOAP action. Where can I add the username/password credentials? I've selected "Requires Message-Level Authentication" during the new connection wizard, but it doesn't prompt me at all for these details.Hi,
I tried using SOAP.Connect too..
But I am facing the same problem.
Any solution found yet?
Rgerads, Amith
Maybe you are looking for
-
I purchased new computers twice within the same year because they were damaged in a storm. However, I can't deauthorize/reauthorize the new computers because it has been less than a year. How do I deal with this situation?
-
Standard price is showing in the table wrongly.
Dear experts, When I check in the material master current standard price is "961200" for 1000 units When I check in the "MBEW" table the amoun is displaying as like this "9612.00" Although in the table the value is 9612.00 , the right amount is 96120
-
How can I migrate my complete data from E71 to N)
I have an E71 and bought a N9. I'd like to migrate all my data (contacts, SMS, pictures, notes) from E71 to N9 before I actually start to use it. Are there any tips how to do that? Solved! Go to Solution.
-
Hi, We have to show 2 timecards to users. For Org A they want to show Projects Timecard and for Org B they want to show a timecard without any Project / Task / Expenditure (Only monday to friday days). So I created 2 preferences with 2 different layo
-
Hi, I'm facing a strange issue. I'm finding it even difficult to explain it to others..!! I'm using Weblogic 8. I'm getting a transaction Timeout Exception after the configured timeout period , that is, 3600 Seconds. I'm using a stateless Session bea