Security related information in SOAP thruough BPEL

Hi all,
How to pass the security related information in SOAP(UsernameToken) in BPEL
thanks
kalyan

You can also add the username and password as properties to the invoke .
open the bpel.xml of your bpel process and the below properties where your partner link is defined
<property name="wsseHeaders">credentials</property>
<property name="wsseUsername">YOUR USER</property>
<property name="wssePassword">YOUR PASSWORD</property>
As an example check this :
<partnerLinkBinding name="PartnerLink_1">
<property name="wsdlLocation">DMSBODServiceRef.wsdl</property>
<property name="wsseHeaders">credentials</property>
<property name="wsseUsername">marattu</property>
<property name="wssePassword">wipro@143</property>
</partnerLinkBinding>

Similar Messages

Secured Web service performance problem in BPEL 11g

Hi,
When calling Secured web service from BPEL 11g, performance issue is coming.
Actually when we test a Secured web service using SOAP UI, Average response time is 2-3 secs.
Where when we are calling from BPEL, average response time is 18-22 secs.
Steps:
1) Go to composite
Right click on the external reference service and select “Configure WS policies”
Under the security tab, click add button and select “oracle/ wss_username_token_client_policy
2) Now Open the property Inspector window and click the add button under “Binding properties” tab.
3) Include the “oracle.webservices.auth.username-->UserName
4) Include the “oracle.webservices.auth.password”-->Password
Please let me know if i am doing anything wrong.
Do you have any idea for fix this issue?
Thank you.

there shouldn't much difference in the time for the response ..., also when you are calling the secured web service from another BPEL, make sure you don't consider the time of the calling process ( i mean that BPEL ). you just try calling the secured web service from the EM console if it is a SOA composite. do you see any messages in the log files ? the procedure you followed is correct only, confirm here., i have posted a similar solution long back..
Re: Creating a partnerlink from a secure webservice
Thanks,
N

Security Related

Hi,
We have developed one Portal based site using Weblogic Portal Server which comes
wth Weblogic Platform 7.0.
Now It is running absolutely fine.But we have used its default RDBMS Based realm.That
means all user,group etc related information is being stored into database.
But we have got a different requirement.
We have pre-existing LDAP server as user repository holding the user credentials.
Requirement is such that we want to authenticate the portal users against this
LDAP server but authorization through its (portal servers') own RDBMS repository.
This LDAP repository can not be used by portal server for entire user management.
So Can we configure the portal server such a way that it will do
1. Authentication using company database which is LDAP store and
2. Authorization/Access Control/Personalization using its RDBMS
If not so, then how to go about to achieve the required functionality.
As per our understanding of the protal servers' LDAP support it can use the LDAP
to provide the complete security i.e. authentication/authorization/personalization
but not for partial security support as we require.
Thanks in advance for any suggestions.
Pavitra

Hi
I believe this is possible though i havent done it.
The new security framework does have separate providers for authentication and
authorization
The samples show each provider reading from a different properties file(i.e. different
sources) so you can authenticate from ldap and authorize from rdbms
The problem i believe you will face is that the old rdbmsrealm can run only in
compatibility mode so you can either use rdbmsrealm or the new features
So you can either
1. Rewrite the rdbmsrealm into an mbean so that it works as 7.0 security provider(someone
has posted the steps in this newsgroup)
or
2. Modify methods like RDBMSUser.authenticate(from the sample)
so that it authenticates agains LDAP but authorizes against the database.
Of Course you will have to keep the users in synch(i.e. if there is a user created
in the ldap, there must be a user in the rdbms for the foreign key relationships)
you may need to modify the realm.creatUser.
HTH
deepak
"Pavitra" <[email protected]> wrote:
>
Hi,
We have developed one Portal based site using Weblogic Portal Server
which comes
wth Weblogic Platform 7.0.
Now It is running absolutely fine.But we have used its default RDBMS
Based realm.That
means all user,group etc related information is being stored into database.
But we have got a different requirement.
We have pre-existing LDAP server as user repository holding the user
credentials.
Requirement is such that we want to authenticate the portal users against
this
LDAP server but authorization through its (portal servers') own RDBMS
repository.
This LDAP repository can not be used by portal server for entire user
management.
So Can we configure the portal server such a way that it will do
1. Authentication using company database which is LDAP store and
2. Authorization/Access Control/Personalization using its RDBMS
If not so, then how to go about to achieve the required functionality.
As per our understanding of the protal servers' LDAP support it can use
the LDAP
to provide the complete security i.e. authentication/authorization/personalization
but not for partial security support as we require.
Thanks in advance for any suggestions.
Pavitra

Opportunity Product-Revenue related information section

Hi,
We are going to use the 'Product Revenue' related information section on the Opportunity for Products & Services. Hence, we want to rename this section to 'Products & Services' instead of 'Product Revenue'. I tried to change the name of the Object Type Revenue, but that is not possible using the 'Rename Object Type' function. Does anyone know whether it is possible to change the name and how to do it.
Thanks.
Kind regards,
Niels Rekers

Hi,
Thanks for the quick response.
Is it known when it will be possible? Is that with R16 and when will that Release be released?
Kind regards,
Niels Rekers

Table for Stock Requirement List related information

Dear Sir,
We have make-to-order scenario , on receiving the Order from Customer we first create a Sale-Order for the Ordered Item . Subsequently in MD04 , we find a requirement getting reflected for the Customer Order .
For example say the Sale-Order number is S-101 and the Line Item is 10 for the FERT material say FERT-101 having the Order quantity as 1 number . In MD04 , we find a requirement getting reflected with the following information :
MRP Element --> CustOrd
MRP element data --> S-101 / 00010 / 0001
Recd/Reqd Qty --> 1-
Available Qty --> 1-
We need to write a Z program for getting the list of the requirements against the Customer Order (as shown in MD04) .
Kindly guide us as which Tables we need to refer for getting the above information pl .
We assure to award full points for the suggested solution .
Rgds
B Mittal

Hi,
Pls use below function module, same as you will get Stock Requirement List related information
MD_STOCK_REQUIREMENTS_LIST_API
For test, goto SE37 and test it
Regards,
Sankaran

Can we set up a forum for Security related issues?

I know many of us think security is a Windows related issue, but from time to time there are security issues that may come up. I had a question so I looked and couldn't find a forum, so I posted in one of the OS X 10.6 sub forums.
Thanks!

I am a co-founder of Calendar of Updates http://www.calendarofupdates.com/updates/index.php?act=idx This is a site that is primarily a Windows based security forum (I switched about 4-5 years ago). Over the years, I've tried to grow the Mac side of our forum, but, as you may know, there is little or no interest in security within the Mac community. For many, the feel security is a Windows issue.
It's a free site, so don't think I have a vested interest in growing the membership, I'm not an owner, either.
I just created an *Apple OS X Security Issues* forum http://www.calendarofupdates.com/updates/index.php?showforum=209
Right now it's an empty forum since it was created 10 minutes ago. Please feel free to join the forum and share security related issues and questions.
I am not aware of any other forums that deal with OS X security issues
exclusively, so this forum could be a good place to bookmark and visit from time to time.

Error in Account related information sections Access denied.(SBL-DAT-00553)

Hi,
I have 2 users, 1 from Spain and the other from Italy.
The spanish user is the owner of an account and adds the user from italy to the account team section with full access to the account.
The italian user is able to view the account. However the italian user is not able to view any of the custom objects in the related information sections below the account information.
The error is as follows:
Access denied.(SBL-DAT-00553)
Both users have the same role. However, if he/she is not the owner of the account but only a 'Team' member, he's able to view the account but not the CO's below the account. I've checked the access profiles and roles and it all seems fine. Oracle support confirmed this as well as both users were able to search and view the CO records without any issues. It's just that it hits the error if it's in the related information section.
I was just wondering if I'm missing any settings for customer team.
Currently, I'm not even sure if Customer team functionality was built for use with custom objects in related information sections.
Any help would be greatly appreciated!

Hi, What i meant is, if you are using C04 - C015 objects, then ensure under related sections of Accounts in "Full" access profile, you set it as "View" or "Read-Only" instead of "No Access". "No Access" is what being set by OnDemand by default even though the access profile is named as "Full"
-- Venky CRMIT

Payment advice printing X's for Vendor related information

Dear experts,
We are implementing check printing from SAP. I have done the necessary configuration. The program RFFOUS_C does generate the check as well as payment advice. The check looks good.
However, on the payment advice I am getting 'X''s for vendor related information. For e.g. Vendor Name, address, the related line items of the vendor which are being paid.
I tried various ways to fix it but it is not making sense still. It always give me those X's. Has anyone experience this in the past? Any lead into a solution is welcome.
Thank you very much,
Vishal Thakur.

answer

Java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Unab

Hi
I deployed an ESB service.
I am trying to test it from Server Enterprise Manager, Webservices feature.
I wrapped up my original message with SOAP 1.1 and 1.2 specifications.
When I invoke the service, I am getting
java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Unable to get header stream in saveChanges error.
Any idea how to get rid of that ?
Thanks
Praveen

The current version of ESB does not support SOAP 1.2. You need to make sure your message contains the correct SOAP 1.1 namespace so ESB uses the correct SOAP version:
SOAP 1.1: http://schemas.xmlsoap.org/soap/envelope/
SOAP 1.2: http://www.w3.org/2003/05/soap-envelope
Kind Regards,
Andre Jochems

SEcurity settings for sender SOAP adapter

Hey guys
i m implemeting some security features in sender SOAP adapter by taking help frm www.help.sap.com,i have checked the message security box in sender Communication channel but in sender agreement i dont see any options for Decryt or Validate,i only see Keystore,Issuer and subject.
i m on SP9 and XI 3.0
where can i find these options of Decrypt etc?
thanx
ahmad

Hi,
Please see below links
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/f0650f56-7587-2910-7c99-e1b6ffbe4d50
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/BTS06CoreDocs/html/a3229d73-170d-42b7-bab9-12ae5f2d0fa7.asp
http://msdn.microsoft.com/library/default.asp?url=/library/en-us/BTS06CoreDocs/html/f869bd82-df93-45e1-b747-b538820253fb.asp
https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/121b053d-0401-0010-539f-f9295efb7bad
Document security option in webservices
And also check,
Launch Visual administrator and navigate to Server->Services->Security Provider. In 'Policy Configurations' tab page, select the component 'sap.com/com.sap.aii.af.soapadapter*XISOAPAdapter'. Then click on the tab page 'Security Roles' and select 'xi_adapter_soap_message'. You will find the groups (equivalent to roles in PFCG) to which this security role (xi_adapter_soap_message) is assigned to. Make sure you assign the PFCG role listed here to the user.
regards
Chilla..

HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: String index out of range: -7

All -
I'm new to consuming web services in JDeveloper. I'm using Oracle JDEV 10.1.3.3/OC4J. I'm using this version since it is compatible with Oracle EBS 12.1.3. My intent is to pull data from our third party recruitment app (Success Factors) and load that data into Oracle HRIS. I'm already doing this through a .NET application. I'm converting it to be a Java Concurrent Program in EBS. The code listed below is a stub call to verify I'm on the right track. I created a JDeveloper Web Services proxy project. I'm testing it locally on my windows desktop. When I'm able to consume the service successfully, then I'll think about moving it to the EBS server.
I'm getting the following error when I invoke the following service:
HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: String index out of range: -7
End point is: https://api4.successfactors.com/sfapi/v1/soap?wsdl
Any help/assistance would be much appreciated.
Below is my code and output of my test:
package emsc.oracle.apps.emscper.sfapi.proxy;
import HTTPClient.HTTPConnection;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.IsValidSession;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.IsValidSessionResponse;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.Login;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.LoginResponse;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.LoginResult;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.Logout;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.LogoutResponse;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.SFCredential;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.SFParameter;
import emsc.oracle.apps.emscper.sfapi.proxy.types.sfobject_sfapi_successfactors_com.Error;
import java.io.File;
import javax.xml.rpc.ServiceFactory;
import java.util.ArrayList;
import java.util.List;
import java.util.Date;
import javax.xml.ws.BindingProvider;
import javax.xml.soap.SOAPException;
import java.util.Map;
import oracle.security.ssl.OracleSSLCredential;
public class SFAPITest {
    // Declare members:
    private String companyId;
    private String userName;
    private String password;
    private String developerKey;
    private Date   effDt;
    private String greaterThanEffDt;
    private String lessThanEffDt;
    // Declare constants:
    final static private String breakLine = "+---------------------------------------------------------------------------+";
    final static private String format    = "yyyy-mm-dd";
    private enum ReqId {
        PrimaryReq(25),
        PrimaryReqCEO(26),
        EmCarePrimary(27),
        RTI(28),
        EmCareClinical(29);
        private int reqId;
        private ReqId() {
        private ReqId(int value) {
            reqId = value;
        public int getReqId() {
            return reqId;
    // Getters and Setters:
    protected String getCompanyId() {
       return this.companyId;
    protected void setCompanyId(String value) {
       this.companyId = value;
    protected String getUserName() {
       return this.userName;
    protected void setUserName(String value) {
       this.userName = value;
    protected String getPassword() {
       return this.password;
    protected void setPassword(String value) {
       this.password = value;
    protected String getDeveloperKey() {
       return this.developerKey;
    protected void setDeveloperKey(String value) {
       this.developerKey = value;
    protected Date getEffDt() {
        return this.effDt;
    protected void setEffDt(Date value) {
        this.effDt = value;
    protected String getGreaterThanEffDt() {
       return this.greaterThanEffDt;
    protected void setGreaterThanEffDt(String value) {
       this.greaterThanEffDt = value;
    protected String getLessThanEffDt() {
       return this.lessThanEffDt;
    protected void setLessThanEffDt(String value) {
       this.lessThanEffDt = value;
    public void runProgram()
        SFAPIService mySFAPIService;
        String CompletionText = "";
        String effDtStr2 = null;
    /* Code your program logic here.
    * Use getJDBCConnection method to get the connection object for any
    * JDBC operations.
    * Use CpContext provided commit,rollback methods to commit/rollback
    * data base transactions.
    * Don't forget to release the connection before returning from this
    * method.
    /* Call setCompletion method to set the request completion status and
    * completion text.
    * Status values are ReqCompletion.NORMAL,ReqCompletion.WARNING,
    * ReqCompletion.ERROR.
    * Use Completion text message of length 240 characters. If it is more
    * than 240 then full string will appear in log file and truncated 240
    * characters will be used as request completion text.
    try
        ServiceFactory factory = ServiceFactory.newInstance();
        mySFAPIService = (emsc.oracle.apps.emscper.sfapi.proxy.SFAPIService)factory.loadService(emsc.oracle.apps.emscper.sfapi.proxy.SFAPIService.class);
        SFAPI api = mySFAPIService.getSFAPI();
       /// SFAPI api = new SFAPI();
        //Map<String, Object> requestContext = ((BindingProvider) api).getRequestContext();
        //requestContext.put(BindingProvider.SESSION_MAINTAIN_PROPERTY, true);
        System.out.println("ServiceName => " + mySFAPIService.getServiceName().toString());
        System.out.println("End Point   => " + mySFAPIService.getServiceName().toString());
        System.out.println(breakLine);
        // Authentication: Login to SFAPI:
        SFCredential credential = new SFCredential();
        // Fake credentials being passed in for this post:
        credential.setCompanyId("XXX");
        credential.setUsername("XXX");
        credential.setPassword("XXX");
        credential.setDeveloperKey("XXX");
        HTTPConnection httpsConnection = null;
        OracleSSLCredential _credential = new OracleSSLCredential();
        _credential.setWallet("\\\\\\C:\\Program Files\\Java\\jdk1.6.0_33\\jre\\lib\\security", "ParkEstes3");
        /*System.setProperty("javax.net.ssl.trustStore","C:\\\\\OraHome_1\\jdev\\jdevbin\\jdk\\jre\\lib\\security\\keystore");
        System.setProperty("javax.net.ssl.trustStorePassword","changeit");
        System.out.println(System.getProperty("javax.net.ssl.trustStore"));*/
        // SFParameter: Define a generic SFParameter List. This is a necessary parameter
        // to invoking calls in SFAPI:
         /*System.setProperty("javax.net.ssl.keyStore",
         "file:\\\C:\\jdk1.4.1\\jre\\lib\\security\\client.keystore");
         System.setProperty("javax.net.ssl.keyStorePassword","welcome");         */
        /* System.setProperty("oracle.net.wallet_location",
                      "(SOURCE=(METHOD=file)(METHOD_DATA=(DIRECTORY=\\\C:\Users\dparrish\Oracle\WALLETS)))"); // (2)                     */
        File kstore = new File("C:\\OraHome_1\\jdev\\jdevbin\\jdk\\jre\\lib\\security\\jssecacerts");
        boolean exists = kstore.exists();
        if (!exists) {
            System.out.println("Keystore does not exist");
        else {
            System.out.println("Keystore does exist");
        System.setProperty("javax.net.ssl.trustStore", kstore.getAbsolutePath());
        System.setProperty("javax.net.ssl.trustStorePassword", "changeit");
        //System.setProperty("proxySet", "false");
        //System.setProperty("http.proxyHost", "127.0.0.1");
        //System.setProperty("http.proxyPort", "8080");
        System.out.println(kstore.getAbsolutePath());
        List<SFParameter> lst = new ArrayList<SFParameter>();
        SFParameter param = new SFParameter();
        param.setName("");
        param.setValue("");
        lst.add(param);
        SFParameter[] sfParam = lst.toArray(new SFParameter[lst.size()]);
        Login login = new Login();
        try {
            login.setCredential(credential);
            System.out.println("1");
            login.setParam(sfParam);
            System.out.println("2");
            LoginResponse loginResponse = new LoginResponse();
            LoginResult loginResult = new LoginResult();
            try {
                 loginResponse = api.login(login);
            catch (Exception e ) {
                System.out.println(e.getMessage());
            System.out.println("3");
            try {
                 loginResult = loginResponse.getResult();
            catch (Exception e ) {
                System.out.println(e.getMessage());
            System.out.println("4");
            IsValidSession vs = new IsValidSession();
            IsValidSessionResponse isValidSessionResponse = api.isValidSession(vs);
            System.out.println("5");
            if (isValidSessionResponse.isResult()) {
                 System.out.println("Session is valid");
                 System.out.println("Result => " + loginResult.getSessionId());
                 System.out.println(breakLine);
                Logout logout = new Logout();
                LogoutResponse logoutResponse = api.logout(logout);
                if (logoutResponse.isResult()) {
                     System.out.println("Logout of SFAPI Successful");
                else {
                    System.out.println("Logout of SFAPI Unsuccessful");
            else {
                 System.out.println("Session is invalid");
                List<Error> errors = new ArrayList<Error>();
                for (int i = 0; i < loginResult.getError().length; i++) {
                    errors.add(loginResult.getError()[i]);
                for (int i = 0; i < errors.size(); i++) {
                     System.out.println("Error Indice   => " + i);
                     System.out.println("Error Code:    => " + errors.get(i).getErrorCode());
                     System.out.println("Error Message: => " + errors.get(i).getErrorMessage());
                     System.out.println(breakLine);
                } // end for loop of SFObject errors
            } // end InvalidSession
        catch (Exception e)
             System.out.println("Session Credential Exception");
             System.out.println("Exception => " + e.getMessage());
             System.out.println(breakLine);
    catch (Exception e)
        System.out.println("Parameter List Exception");
        System.out.println("Exception => " + e.getMessage());
        System.out.println(breakLine);
    }   // end runProgram
    // Constructor:
    public SFAPITest() {
    } // end constructor
    public static void main (String args[]) {
        try
            SFAPITest test = new SFAPITest();
            test.runProgram();
        catch (Exception e) {
            System.out.println("main exception => " + e.getMessage());
} // SFAPITest
Here is the output with trace:
WARNING: Unable to connect to URL: https://api4.successfactors.com:443/sfapi/v1/soap due to java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: String index out of range: -7
Session Credential Exception
Exception => ; nested exception is:
    HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: String index out of range: -7
+---------------------------------------------------------------------------+
Process exited with exit code 0.

The other end is throwing back a programming error.
That might be because you are sending incorrect data and the other end fails to validate it.
You might be able to guess based on your C# code. But, since you are using soap one generic solution is available to you.
- Get an http proxy interceptor like wireshark.
- Run it while your C# app runs, collect the http requests from that.
- Run it while running your java code, collect the http requests from that.
Compare the two.

How to get information from SOAP header in weblogic without handlers

I need to retrieve information from SOAP header without handlers.
Any ideas how to do that?

Just wondering if Filter can be used here, though I never tried that.

Deleting an account and related information

When deleting an account does all the related information get deleted?
Does the account also get deleted from historical analysis?
Edited by: user643040 on Jan 20, 2011 9:16 AM

When an account is deleted the associated Opportunity is deleted (except for opportunities that are Closed/Won or Closed/Closed), the associated Asset is deleted (if it is not associated with another object), the associated Task or Appointment is deleted (if it is not associated with another object). Contacts and Service Requests are not deleted. Also, the account is deleted from historical analysis at the next ETL.

Cascating Related information

Can i create a cascating related information like cascating picklist?
for example: i have one "account" with many "contacts". i a custom object, i have to select first "account" and then "contact".
when i have a "account" selected and click in lookup for "contacts", the new window show me only the "contacts" related with the selected "account".
i want to use the selected "account" like a filter for "contact" search.
it's possible?
thanks!
Edited by: user13796387 on 11/03/2011 12:21

May be you can look at creating a WebApplet that contains a Report or Dahsboard to acheive your result.
Then use a narrative view to
a) construct a url that will create a record that you want. It is like using a weblink but using html in a narrative view
or
b) use a webservices code to create a record that you want.

Customizing Related Information Layout

Hi,
Need to add the "Last Activity" field in "Contact" Related Information Layout for "Accounts" record type.
The Problem is, can't find the "Last Activity" field in the Available Section of the Related Information layout for Contacts in Accounts record type.
How can I add a field in the Available section to get it to the selected section.
Thanks

The last activity field is not available in the contact related information layout for the account record type at this time. Fields will be added in a future release.

Security related information in SOAP thruough BPEL

Similar Messages

Maybe you are looking for