Secured Web service performance problem in BPEL 11g

Similar Messages

• Error while invoking secure web service.

  Hi,
  I am trying to access a secure web service through a simple BPEL process in SOA Suite 11g. When I test it through enterprise manager I am getting the following error. Since it's a secured websecure i set the WS policy(oracle/wss_username_token_client_policy) in the external reference and also provided the credentials. If anyone has come across similar error or know the solution please let me know. Also I am not sure if its related to security or is it with the way I am trying to call the service.
  Error Message:
  Fault ID     reference:80014
  Fault Time     May 22, 2011 12:54:45 PM
  Non Recoverable System Fault :
  javax.xml.ws.soap.SOAPFaultException: 99999: Unknown Service
  Error Message: {http://schemas.oracle.com/bpel/extension}remoteFault
  Fault ID     default/Mocking!1.0*soa_be35cb3e-5f05-49df-a696-a653d5703681/BPELProcess1/30017-BpInv0-BpSeq0.3-3
  Fault Time     May 22, 2011 12:54:46 PM
  Non Recoverable System Fault :
  <bpelFault><faultType>0</faultType><remoteFault xmlns="http://schemas.oracle.com/bpel/extension"><part name="summary"><summary>99999: Unknown Service</summary></part><part name="detail"><detail>&lt;con:fault xmlns:con="http://www.bea.com/wli/sb/context"> &lt;con:errorCode>99999&lt;/con:errorCode> &lt;con:reason>Unknown Service&lt;/con:reason> &lt;con:location> &lt;con:node>PipelinePairNode1&lt;/con:node> &lt;con:pipeline>PipelinePairNode1_request&lt;/con:pipeline> &lt;con:stage>stage1&lt;/con:stage> &lt;/con:location> &lt;/con:fault> </detail></part><part name="code"><code>soap:Server</code></part></remoteFault></bpelFault>

  Thanks very much for your suggestion. I will take a look into the wsdl again and see if something is wrong in that.
  I have a peculiar problem with the wsdl. When I created the partner link using the remote wsdl it would throw a compilation error. But when I took a local copy of the remote wsdl and seperated all the schema's from the wsdl and imported them inside wsdl it gets compiled. But I am not sure if this is a appropriate thing to do and if that is creating this problem. Any thoughts on this would be really helpful.

• Best Practice for Securing Web Services in the BPEL Workflow

  What is the best practice for securing web services which are part of a larger service (a business process) and are defined through BPEL?
  They are all deployed on the same oracle application server.
  Defining agent for each?
  Gateway for all?
  BPEL security extension?
  The top level service that is defined as business process is secure itself through OWSM and username and passwords, but what is the best practice for security establishment for each low level services?
  Regards
  Farbod

  It doesnt matter whether the service is invoked as part of your larger process or not, if it is performing any business critical operation then it should be secured.
  The idea of SOA / designing services is to have the services available so that it can be orchestrated as part of any other business process.
  Today you may have secured your parent services and tomorrow you could come up with a new service which may use one of the existing lower level services.
  If all the services are in one Application server you can make the configuration/development environment lot easier by securing them using the Gateway.
  Typical probelm with any gateway architecture is that the service is available without any security enforcement when accessed directly.
  You can enforce rules at your network layer to allow access to the App server only from Gateway.
  When you have the liberty to use OWSM or any other WS-Security products, i would stay away from any extensions. Two things to consider
  The next BPEL developer in your project may not be aware of Security extensions
  Centralizing Security enforcement will make your development and security operations as loosely coupled and addresses scalability.
  Thanks
  Ram

• Error while invoking a WS-Security secured web service from Oracle BPEL..

  Hi ,
  We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0).
  For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl/blog/1607/how-to-call-a-ws-security-secured-web-service-from-oracle-bpel]
  but sttill,after deploying it and passing values in it,we are getting the following error on the console :-
  &ldquo;Header [http://schemas.xmlsoap.org/ws/2004/08/addressing:Action] for ultimate recipient is required but not present in the message&rdquo;
  Any pointers in this regard will be highly appreciated.
  Thanks,
  Saurabh

  Hi James,
  Thanks for the quick reply.
  We've tried to call that web service from an HTML designed in Visual Studios with the same username and password and its working fine.
  But on the BPEL console, we are getting the error as mentioned.
  Also if you can tell me how to set the user name and password in the header of the parter link.I could not find how to do it.
  Thanks,
  Saurabh

• Error when trying to access a secured web service from Forms 10g 10.1.2.3

  Hello,
  I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
  java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
  javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
  DECLARE
  jo ora_java.jobject;
  pdfObject ora_java.jobject;
  pdf     varchar2(900);
  rv varchar2(100);
  ex ora_java.jobject;
  BEGIN
  JO := SEARCHSOAPCLIENT.new;
  SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
  SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
  pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
  pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
  message(pdf);
  message(' ');
  EXCEPTION
  WHEN ORA_JAVA.JAVA_ERROR then
  message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
  WHEN ORA_JAVA.EXCEPTION_THROWN then
  ex := ORA_JAVA.LAST_EXCEPTION;
  :error := Exception_.toString(ex);
  END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
  import oracle.webservices.transport.ClientTransport;
  import oracle.webservices.OracleStub;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Stub;
  public class SearchSoapClient {
      private webservicesproxywebcontent.proxy.SearchSoap _port;
      public SearchSoapClient() throws Exception {
          ServiceFactory factory = ServiceFactory.newInstance();
          _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
          this.setUsername("weblogic");
          this.setPassword("welcome1");
          System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
       * @param args
      public static void main(String[] args) {
          try {
              webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
              System.out.println("calling " + myPort.getEndpoint());
          } catch (Exception ex) {
              ex.printStackTrace();
       * delegate all operations to the underlying implementation class.
      public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
          return _port.quickSearch(queryText, extraProps);
      }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
  Kind Regards
  Carlos

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Unable to consume secured Web service from a Dynpro application

  Hello,
  I have followed <a href="http://help.sap.com/saphelp_nw04/helpdata/en/c3/bac36a469e4c75aba646077e71516d/frameset.htm">this tutorial</a>
  in order to protect and consume a secured Web service from a Dynpro application using SAP logon ticket.
  The problem is that after implementing everything needed I  receive 401 Unauthorized when I am trying to consume it from the web dynpro side.
  If I manually transfer the request the credentials, before the execute i.e:
  modObj._setUser
  modObj._setPassword
  modObj.execute();
  I am able to call it, meaning the dynpro application doesn't transfer these credentials to the Webservice even though it's authentication property is set to true.
  Any idea how to solve it?
  Roy
  Message was edited by:
          Roy Cohen

  Try below steps
  • Add jars
  o security.class
  o tc/sec/destinations/interface
  • Setting WebDynpro project property
  o Project>Properties>Web Dynpro References-->Interface references
  &#61607; Name=tcsecdestinations~interface
  o Project>Properties>Web Dynpro References-->Service reference
  &#61607; Name=webservices
  &#61607; Name=tcsecdestinations~service
  • Dynamically Set httpdestination and Call web service
  final InitialContext ctx = new InitialContext();
  final DestinationService dstService = (DestinationService)ctx.lookup(DestinationService.JNDI_KEY);
  if (dstService== null)
  throw new NamingException ("Destination service not available");
  final Destination destination = dstService.getDestination("HTTP"," DestinationName");
  // getting user name
  Properties destprop = destination.getDestinationProperties();
  String username = destprop.getProperty("USERNAME");
  String password = destprop.getProperty("PASSWORD");
  final HTTPDestination httpDestination = (HTTPDestination) destination;
  HttpURLConnection httpConnection = httpDestination.getURLConnection();
  String httpURL = String.valueOf(httpConnection.getURL());
  Request_AdvLocationVer1ViDocument_getLocation obj=wdContext.currentRequest_AdvLocationVer1ViDocument_getLocationElement().modelObject();
  obj._setUser( user );
  obj._setPassword(pass);
  obj._setEndPoint(httpURL);
  obj.execute();
  Rahul

• How to call OWSM secured web-service from ADF application

  I have a OWSM secured web-service, which takes username/password.
  I want to invoke this webservice from ADF application. ADF application has its own security and it takes its own username/password. End user can't provide the username/password for web-service call. My ADF application should call the webservice and provide it appropriate username/password.
  What is the best practice to handle such scenario. I don't want to hardcode username/password in Java (ADF) code.
  Thanks
  Sanjeev.

  it is not clear to me if you are having problems with calling java code from OIM or if the problem is the web service API.
  Lets do some divide and conquer:
  Can you create a simple java class that just writes a couple of lines to the log? Please attach this code to the OIM task and make sure it runs.
  Once this works we can start looking at the web service call.
  Best regards
  /Martin

• Calling secured Web Service

  Hi,
  I am new in calling web service from PL/SQL block.
  From the code I'm successfully able to call non-secured webservice like this "http://www.ignyte.com/webservices/ignyte.whatsshowing.webservice/moviefunctions.asmx?wsdl"
  And also by setting the wallet I'm also able to call secured web service like this "https://www.docusign.net/api/3.0/Credential.asmx?WSDL" (ping method).
  For calling this secured service I stored certs with chain into the wallet and that works.
  But my problem is a different web service where that web service is authenticating me with my certificate. I have VeriSign certificate with private key and that web service has my public key. Whenever I will send SOAP request I need to send my certificate with the request. And communication will be over SSL.
  I have created a wallet with complete chain from the PFX file I received from VeriSign and Wallet is in Ready state, also I have included web service's certificate also.
  Whenever I am trying to make SOAP call I'm getting
  ORA-00600: internal error code, arguments: [kgazmo_1], [], [], [], [], [], [], []
  Please let me know where is the problem. May be I'm not able to send my certificate for authentication or may be I'm not able to establish SSL for communication from PL/SQL.
  I'm using 10.1.2 as database. I also have 10g AS installed, if that can help in achieving this.
  Code is as follows:
  FUNCTION CallWS
  RETURN xmltype
  AS
  l_request soap_api.t_request;
  l_response soap_api.t_response;
  l_url VARCHAR2(32767);
  l_namespace VARCHAR2(32767);
  l_method VARCHAR2(32767);
  l_soap_action VARCHAR2(32767);
  l_doc xmltype;
  BEGIN
  l_url := 'https://secured.webservice.com/WS/WebService.asmx';
  l_namespace := 'xmlns="https://secured.webservice.com/WS"';
  l_method := 'GetMe';
  l_soap_action := 'https://secured.webservice.com/WS/GetMe';
  utl_http.set_wallet('file:c:/wallets','pass123');
  l_request := soap_api.new_request(p_method => l_method,
  p_namespace => l_namespace);
  soap_api.add_parameter(p_request => l_request,
  p_name => 'param1',
  p_type => 'xsd:string',
  p_value => 'val1');
  soap_api.add_parameter(p_request => l_request,
  p_name => 'param2',
  p_type => 'xsd:string',
  p_value => 'val2');
  l_response := soap_api.invoke(p_request => l_request,
  p_url => l_url,
  p_action => l_soap_action );
  l_doc := l_response.doc;
  RETURN l_doc;
  END CallWS;
  You can find SOAP_API package here [SOAP_API|http://www.oracle-base.com/dba/miscellaneous/soap_api.sql] .
  Thanks in advance.
  -Smith

  Thanks again Billy,
  I have configured a wallet with all the necessary certificates. Actually I have purchased a VeriSign trusted certificate and convert that into Oracle Wallet (p12) using openssl with appropriate password. And I'm calling UTL_HTTP.set_wallet('<path_to_wallet>','<pass_to_open_it>');
  I have send my public key to them (web service company) and they need me to send my certificate with every request so that they can authenticate.
  You are saying we don't have to write any code for TLS/SSL UTL_HTTP will take care of that, thats really good.
  One more thing I want to mention here...
  In Internet Explorer - When I am importing my certificate without my private key and trying to access web service I'm getting 404 page not found error.
  But when I'm importing my certificate with the private key, I can see WSDL and all other methods offered by that web service.
  I'm guessing Oracle Wallet that I'm creating with my certificate will store private key also. B'coz it is showing me User Certificate in Ready state.
  ORA-00600 is not giving me proper location where I can find any error in my code.
  Thanks
  -Smith

• Secured web service for secured AM method

  Hello,
  I need to invoke method of secured Application Module (jbo.security.enforce = Must) from secured web service.
  I have a simple java class with Configuration.createRootApplicationModule ... and a web service built for this java class.
  I found I have to authentificate users twice. First time when invoking web service (this is ok) and second time when creating application module instance.
  The problem is I can get name of user logged in web service but I cannot get his password. So I cannot login to application module with the same user.
  How can I force adf business components to use user authentificated in web service to use him/her as adf bc user?
  Rado

  Hi Mayank,
  Chapter 7, Custom Serialization of Java Value Types, of the Web services developer guide may be a good place to get started.
  All the best,
  -Eric

• ESB and Secured Web Service strange response

  Hi guys,
  We are facing strange response from ESB when we try to talk to a Secured Siebel service. Credentials are passed useing SOAP header, and in test case of not including any header at all.
  1-First try will return error, bad user name password
  2-Second or third try may even return actually results from Siebel service (and header is not included at all). I tested using SOAPUI tool.
  3-But If I test Siebel Service directly things go fine.
  Question: Is there some thing like a caching of SOAP header in ESB, if not an idea on how can after giving first fault second try right after that returns query results (from siebel service).
  any helps apperciated.
  thanks

  there shouldn't much difference in the time for the response ..., also when you are calling the secured web service from another BPEL, make sure you don't consider the time of the calling process ( i mean that BPEL ). you just try calling the secured web service from the EM console if it is a SOA composite. do you see any messages in the log files ? the procedure you followed is correct only, confirm here., i have posted a similar solution long back..
  Re: Creating a partnerlink  from a secure webservice
  Thanks,
  N

• Java proxy generation exc. for web service correspond. to a BPEL process

  Hello,
  I wrote a BPEL process (having two client methods) that is exposed as an RPC web service. One of the web services invoked by this BPEL process uses a complex data type that is defined in a separate schema XSD file (imported in the corresponding WSDLs). This complex data type is also returned by one of the methods exposed by the BPEL process. From the BPEL point of view everything is fine now: the process was successfully built, deployed and initiated from the BPEL console.
  When I tried to generate the web service Java proxy classes from the BPEL process corresponding WSDL, I obtained an error signaling that complex type defined in the imported XSD file cannot be found. The exception is:
  [java] oracle.wsdl.internal.WSDLException: Schema type not found: QName(htt
  p://oracle/bpeltest/array/ArrayTrial.xsd, ArrayOforacle_bpeltest_array_Customer)
  [java] at oracle.wsdl.DefinitionsImpl.findSchemaType(DefinitionsImpl.ja
  va:511)
  [java] at oracle.wsdl.toolkit.XSDJavaTypeMapper.getArrayComponentType(X
  SDJavaTypeMapper.java:169)
  [java] at oracle.wsdl.toolkit.XSDJavaTypeMapper.getJavaType(XSDJavaType
  Mapper.java:141)
  [java] at oracle.wsdl.toolkit.XSDJavaTypeMapper.generateBeans(XSDJavaTy
  peMapper.java:251)
  [java] at oracle.wsdl.toolkit.XSDJavaTypeMapper.getJavaType(XSDJavaType
  Mapper.java:156)
  [java] at oracle.wsdl.toolkit.XSDJavaTypeMapper.getJavaType(XSDJavaType
  Mapper.java:106)
  [java] at oracle.wsdl.toolkit.MethodGenerator.declareMethod(MethodGener
  ator.java:152)
  [java] at oracle.wsdl.toolkit.MethodGenerator.generateMethod(MethodGene
  rator.java:35)
  [java] at oracle.wsdl.toolkit.ProxyGenerator.generateJavaProxy(ProxyGen
  erator.java:333)
  [java] at oracle.wsdl.toolkit.ProxyGenerator.generateJavaProxy(ProxyGen
  erator.java:96)
  [java] at oracle.wsdl.toolkit.ProxyGenerator.generateJavaProxy(ProxyGen
  erator.java:68)
  [java] at oracle.j2ee.ws.tools.WsAssmProxyGenerator.generateJavaProxy(W
  sAssmProxyGenerator.java:165)
  [java] at oracle.j2ee.ws.tools.WsAssmProxyGenerator.processProxy(WsAssm
  ProxyGenerator.java:134)
  [java] at oracle.j2ee.ws.tools.WsAssmProxyGenerator.clientGenerate(WsAs
  smProxyGenerator.java:112)
  [java] at oracle.j2ee.ws.tools.WsAssembler.assemble(WsAssembler.java:96
  [java] at oracle.j2ee.ws.tools.WsAssembler.main(WsAssembler.java:66)
  [java] Exception in thread "main"
  When I tried to generate the stub from JDeveloper, the complex type was replaced with a certain dummy "UnknownType".
  Do you have any hint?
  Thanks in advance!
  Regards,
  Marinel

  You should post this question to the JDev Web Service forum. I know that they had some limitation in 9.0.4 with some complex types. It is my understanding that those problems have been addressed in 10.1.3. They would be the right people to confirm this. -Edwin

• Trouble connecting to https secure web service using Adobe Livecycle Designer

  I am attempting to use Adobe Livecycle Designer ES2 to create a data connection in a Form to a secure (https) web service and I'm having some difficulty.
  I'm new to Livecycle and have tried searching online for an answer, but the help isn't very clear and the only tutorials online that I can find are ones that connect to non-https services.
  The WSDL I'm trying to connect to is: https://uk.ws.ondemand.qas.com/ProOnDemand/V3/ProOnDemandService.asmx?WSDL
  My questions are:
  Q1. Does Adobe Livecycle support https web service connections? The following link suggests that this isn't possible: http://books.google.co.uk/books?id=yOOcM3Bn4BAC&pg=PA179&lpg=PA179&dq=secure+web+service+w ith+adobe+livecycle&source=bl&ots=jm1GIZflOJ&sig=uLfv5Xda4eXXJl5o_7vBViwU-w0&hl=en&sa=X&ei =WLvIT5P4OujW0QWmv7nDAQ&ved=0CI4BEOgBMAk#v=onepage&q=secure%20web%20service%20with%20adobe %20livecycle&f=false
  Q2. I've managed to consume the WSDL but can only see the body of the XML request for a particular SOAP action. Where can I add the username/password credentials? I've selected "Requires Message-Level Authentication" during the new connection wizard, but it doesn't prompt me at all for these details.

  Hi,
  I tried using SOAP.Connect too..
  But I am facing the same problem.
  Any solution found yet?
  Rgerads, Amith

• Calling secured web service from Pl SQL

  Hi
  I am trying to call a secured web service from pl/sql using utl_http.
  Is there a sample pl/sql program that i can refer to call a secured web service.
  sample soap header that am trying to acheive.
  <soap:Header>
  <wsa:Action>http://myactaction</wsa:Action>
  <wsa:MessageID>uuid:asdfadrewrwqr</wsa:MessageID>
  <wsa:ReplyTo>
  <wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
  </wsa:ReplyTo>
  <wsa:To>http://myact</wsa:To>
  <wsse:Security soap:mustUnderstand="1">
  <wsse:UsernameToken wsu:Id="SecurityToken-321321">
  <wsse:Username>mordfsafsdae</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">werwqrewrwe</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  Thanks a ton in advance

  Hi,
  On way we can call a web service is to pass the Web Service URL to UTL_HTTP package:
  Sample Web Service URL
  ===================
  lv_url :=
  'http://67.97.189.151:8888/plsqlsample/dbfunc?invoke=placeOrder'
  || '&'
  || 'param0=1'
  || '&'
  || 'param1=1'
  || '&'
  || 'param2=1';
  Sample Call using UTL_HTTP
  =====================
  SELECT UTL_HTTP.request (lv_url)
  INTO lv_result
  FROM DUAL;
  Thank you.
  Regards,
  Balu

• How to consume a secure web service?

  Could someone post me an sample to invoke the certificate based secure web service?
  All I have is wsdl, certificate (.pfx file) and password and client jar file. Searching for the sample program to access the secure web service.
  I work on weblogic workshop.

  Unfortunately, I have just been provided with the endpoint and the SOAP action. Don't have any other details :(

• How to call a secure web service via XAI Sender in CC&B

  Hi All,
              I want to a call a secure web service from CC&B through out bound message. I have configured the calling  WSDL in XAI Sender. The wevservice is secured one.I tried to call it by configuring user name and password in XAI sender context.But still i am not able to call the service.
  Can anybody help me how to over come this issue ??
  I have cretaed the same post under utilities,but i am not able reply it.
  I am using HTTPSNDR  as XAI class.
  Thanx in advance.
  Regards
  sunil

  Are you getting any errors? What type of XAI Class are you using?
  One thing I've noticed is that if you are making changes to the XAI Sender you will have to restart the environment before the changes can take effect.
  Also, if you are using RTHTTPSNDR as XAI Class you may have to include the HTTP Method - Post in the context.
  Hope this helps.
  Regards,
  Philip