Service Security and governance.

Hi Gurus,
I have two questions with respect to enterprise services for which i can't find any answers till now -
1. Is Single sign-own the only option for enabling security in enterprise services. If yes or no, how do we enable them.
2. Can we enable subscription and notification features for the SAP UDDI registry? I have seen those features in the configuration side, but how do we enable it?
Can some one guide me in these.
Thanks and Regards,
Aji.

Hi,
1. Is there any configuration document specifc for services llike doing settings in WSCONFIG/ SOAMANAGER. (i have seen ES security guide)
2. What kind of automation tools are used for runtime and change time governance, other than ESR for design time governance.
As CE UDDI reegistry is version 3.x based,  it is supposed to support notification and subscription APIs. I would like to know how it is done.
Thanks and Regards,
Aji.

Similar Messages

  • RWB - Integration Engine self test - web service security and proxy

    Hi,
    I am working with a new installation of PI 7.0. In the runtime workbench, under self test for integration engine, there is this error/warning:
    ""Details for 'Is Web service security available?'
    Communication error: Proxy calls are not permitted on sender or receiver side on the IS (client)""
    What exactly is the problem? Is there any additional configuration needed within PI to use proxies? We do not have the cryptographic toolkit installed. Is that nesseccary to work with proxies? We have done several other scenarios with RFC, MAIL, HTTP, etc and they work fine. If anyone else had this problem and managed to fix it, please let me know..
    Thanks,
    Lasya

    You can ignore this error. It is  simply a warning that says message level security has not been configured. Without message security too, you can do proxy communication.
    But, if you want to configure messag level security, go through XI Config guide section 12.4.
    Message was edited by: Jay

  • Shared services security and essbase security

    recently upgraded to sys 9 and now use shared services 931
    we used to have security at essbase level previously and now its all Shared services..
    now i have so many concerns
    Can we automate the security just like I used to automate in essbase earlier...
    or can we automate secuirty in essbase and them sync it to Shared services??
    I know that we change security settings in SS and then sync it to essbase but is the other way around possible???
    IF yes HOW?
    IF NOT - can we automate SS security which reflects to essbase...
    I have to go through the prod doc and I'll do that very soon but any suggestion on this would really help me out..
    Thanks in advance

    Hi,
    can you please write more about which products and version are you using and on which operating system name and version.
    Why do you use Shared Services? Are you using only Essbase server or any other server? If you use only Essbase server there is probably no need of using Shared Services.
    If you need only Essbase you can see my info about installing Essbase without Shared Services: hyperion essbase installation
    Please provide more info, so that we on forum can help you.
    Regards,
    Grofaty

  • Question about web service security and certificate registry?

    I'm trying to add security to my web service. I've created a keystore and added a certificate that was signed by a CA that I created (for testing only). The documentation says I need to create a Certificate registry and add my CA as a trusted CA. I can't quite figure this step out. Does anyone know how to do this or am I heading in the wrong direction?
    thanks

    Hi,
    I'm almost there. I dont think that you can do exception handling in FormCalc. How do I trap the error. So far I have
    if (HasValue(Get("http://despaiqo001.development.local:4001/crossdomain.xml")) == 0) then
         $xfa.host.messageBox("not available")
    else
        $xfa.host.messageBox("got it")
    endif
    but when I change the URL so it cant access it, I get a form calc exception. Any samples of how I can script it?

  • External Web Service - User and password in HTTP header

    Hi!
    How is it possible to add user and password in the HTTP header in a external web service call? 
    I have created a "Portal Service from WSDL file - Client side" with the wizard in SAP Developer Studio.  I following the Java Development Guide - Web Service Security, and use the <i>secured service connection</i>.  I have also created a new <i>System Landscape</i>, but should the new system be based on HTTP, my own PAR or what?
    How can I check that the user and password is added to the HTTP header or the SOAP envelope? Do I have to scan http traffic with a proxy as Paros or can I find the request sent from SAP EP in the logs?
    Cheers
    Asle

    Hello All,
    I have been struggling a bit while putting a reasonable security framework on a jax-rpc style web service. I'm using JWSDP1.2 to set up the webservice. I've tried to outline my problem below. Please correct me where I'm wrong.
    I've been through the Sun's WS tutorials, but they are not really clear on security. However, from them I surmised that there are two decent authentication techniques. HTTP Basic and mutual authentication (MA) . Both have their drawbacks though. HTTP Basic suffers from poor encryption while MA is a bit difficult to set up on both client and server sides. Another problem with MA is that there is no central repository for users/passwords.
    OK, what I would really like to do is use my own user database to verify users/passwords i.e. use a HTTP Basic like authentication (but at application level) but run it over SSL for encryption. It seems simple, but is it possible?
    Also, I have noted that when I use HTTP Basic on the service side, and use a java client, then setting username/password has no effect. In other words, I can always access the web-service, even with wrong username/password.
    Sorry for the long post. Hope someone can help. Thanks.

  • Web Services Security Problem

    hi all,
    I am publishling the BC4J Component(Application module) as a webservice. The particular web service method will be as follows. The method is returning the element object.
    public Element getEmp(String searchString,String selectedItem, int pageNoInput)
    return (Element)hits.writeXML(1,Row.XML_OPT_LIMIT_RANGE);
    I am securing the web service by the instructions which are given in the following link
    http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
    Then i am creating the proxy client. when i run the proxy client it gives me the following exception
    javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
         at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:553)
         at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:390)
         at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:111)
         at aptuitclient.runtime.ReviewProtocolAppModuleServiceSoapHttp_Stub.getEmp(ReviewProtocolAppModuleServiceSoapHttp_Stub.java:91)
         at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.getEmp(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:58)
         at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.main(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:44)
    When i am removing the security for the web service it is giving the Element object.
    The Problem is when i am securing the web service it is giving the above said exception.
    Please help me regarding this... this is very urgent...
    rgds
    Parameswaran

    Hello,
    When you are using WS-Security you need to secure the client too. So in your case the client is the ADF Data Control.
    The way you should configure your data control is documented here:
    - Web Services Security and ADF Data Control
    Regards
    Tugdual Grall

  • Opening for Lead Web Programmer in IT Security and allied services at Mumbai

    Currently we are looking for Lead Web Programmer with US based leading organization engaged in IT Security and allied services at Mumbai.. Here are the job profile as well the company profile.
    Job Profile ::
    We are looking for an experienced high-level programmer to join our growing team. This position will be to manage a portfolio of client web-sites and the server platform it resides on. The candidate will be the primary point of for the clients and will collaborate with other team members while reporting directly to the Operations Manager. We are looking for a true “team player” to join our growing organization. THIS POSITION IS LOCATED IN OUR MUMBAI/BANDRA, INDIA OFFICE.
    Job Location : Mumbai – Bandra(West)
    Company Profile ::
    It is a Data Security and Compliance Consulting company, headquartered in California for over 16 years.
    It consults, recommends, deploys and maintains an array of IT solutions. It works with a wide range of commercial, financial, health-care, banking, education and state government entities. It is committed to developing leading-edge technological solutions for our clients’ business problems, and it has been recognized for our innovative approach to listening to our clients and providing true consultation to resolve real business problems with tried and true technical solutions.
    This is an opportunity for a Lead Web Developer/Programmer to enhance and further develop their current advanced skills, in a challenging work environment with responsibility for sophisticated and complex special projects on an on-going basis.
    Summary ::
    We are looking for an experienced high-level programmer to join our growing team. This position will be to manage a portfolio of client web-sites and the server platform it resides on. The candidate will be the primary point of for the clients and will collaborate with other team members while reporting directly to the Operations Manager. We are looking for a true “team player” to join our growing organization. THIS POSITION IS LOCATED IN OUR CLIENT’S MUMBAI/BANDRA, INDIA OFFICE.
    Requirements:
    BS in Computer Science/Engineering or equivalent
    10+ years Experience required in programming PHP + MYSQL + MSSQL + .NET, HTML + JAVA HTM L, Java script
    10+ years Experience required in IIS & Apache Environment
    5+years experience working with various CMS (ex:Word Press)
    5+years experience of CSS
    Experience working with Web Hosting Management Tools (ex: c Panel, Parallels),preferred but not required
    Experience managing large portfolio of web-sites, preferred but not required.
    Excellent English communication skills.
    Ability to work effectively in a team-based environment and a demonstrated
    willingness to support team on all levels to get the job done.
    Working Hours : NIGHT HOURS for PERMANANT BASIS.
    If you are interested for this profile, kindly send your updated resume on [email protected] with Current CTC & Expected CTC.
    Click here for more details
    Regards,
    TheindiaJobs.com
    Like us on Facebook
    Follow us on Twitter

    Please note the name of this board "LabVIEW Job Openings", not general IT or programming openings. While there are people who's skill sets might overlap your requirements and those of a LabVIEW programmer, the vast majority coming to this board are looking for LabVIEW specific jobs, which is what the board is set up for.
    Putnam
    Certified LabVIEW Developer
    Senior Test Engineer
    Currently using LV 6.1-LabVIEW 2012, RT8.5
    LabVIEW Champion

  • WS-Security and proxy service: Unable to add security token for identity

    What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
    I did simple "hello word" proxy service and tried to apply custom policy binding.
    WS-Policy is next:
    <wsp:Policy wsu:Id="WS-Policy-Siebel"
         xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
         xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
         xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
         <wssp:Identity
              xmlns:wssp="http://www.bea.com/wls90/security/policy">
              <wssp:SupportedTokens>
                   <wssp:SecurityToken
                        TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
                        <wssp:UsePassword
                             Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
                   </wssp:SecurityToken>
              </wssp:SupportedTokens>
         </wssp:Identity>
    </wsp:Policy>
    Process WS-Security is setted to "yes".
    While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
    But at the end I get the fault:
    Soap fault:
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
    <env:Header/>
    <env:Body>
    <env:Fault>
    <faultcode>env:Server</faultcode>
    <faultstring>Unable to add security token for identity</faultstring>
    </env:Fault>
    </env:Body>
    </env:Envelope>
    In console:
    <09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
    ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
    --- Error message:
    <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
    able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
    weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
    at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
    at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
    at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
    at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
    at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
    Truncated. see log file for complete stacktrace
    Incoming soap message is:
    <soapenv:Envelope      xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
    <wsse:Security      soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken      wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>testuser</wsse:Username>
    <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>
    </soap:Header>
    <soapenv:Body>
    <wss:NewOperation      xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
    <in>string</in>
    </wss:NewOperation>
    </soapenv:Body>
    </soapenv:Envelope>
    Edited by: Andrey L. on Jun 9, 2010 5:55 PM

    I thought you were getting that exception when accessing the proxy.
    No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
    Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
    Are you getting this exception when routing to a business service which is configured for WS-Security ??
    I don't use business service in this test project - only simple proxy service with all logic inside.
    PS transformation in replace action is very simple too:
    (:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
    (:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
    declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
    declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
    declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
    as element(ns0:NewOperationResponse) {
    <ns0:NewOperationResponse>
    <out>Hello, { data($newOperation1/in) }!</out>
    </ns0:NewOperationResponse>
    declare variable $newOperation1 as element(ns0:NewOperation) external;
    xf:Hello($newOperation1)
    Edited by: Andrey L. on Jun 10, 2010 12:21 PM

  • SJSAS 8.2 secure and unsecure methods in one web service with ws-security

    Hi
    I'm trying to deploy a web-service (using SJSAS 8.2) using JAXRPC using message security (at the application level).
    I have one simple question:
    I have an EJB that exposes 2 methods as web-services, I specified in the sun-ejb-jar.xml that one of those methods is secure (and said nothing about the other) however when i run my test client I get a "WSS0202: No wsse:Security element in the message" error for both calls (instead of only for the secure call).
    Is this normal? Isn't it possible to have a normal (with no security headers) call to one method and another (with security headers and secure envelope) to another in the same webservice (from the same EJB)?.

    I wasn't clear?
    This is a big dev problem for a major Sun client.
    No one knows or wants to answer?

  • Security of Web Services, Agents and Sequantial Calling of Web Services

    I want to ask about the secure invocation of web services and the role of agents.
    Suppose that I have greet() web service:
    public String greet() {
    String S1=sayHello(); // A web service, actually its proxy
    String S2=sayGoodMorning(); // A web service, actually its proxy
    return S1+" "+S2;
    It calls two other webservices and they return "HELLO" and "Good Morning". Also assume that I need to secure all my web services but I need these calls to work!
    I put an agent in front of those two web services and require them to check a SAML token. I also attach an agent to greet() to authenticate the inbound and sign and add SAML token for outbound.
    But I think these two calls fail because the SAML is not created on each call. (Is it?)
    How can I make those two calls, secure each web service and at the same time keep the security code out of business code, in other words keep my web service security agnostic?
    Thank you in advance.
    Best Regards
    Farbod

    Any Comments on this?

  • Editing proxy and business service security with WLST

    My customer wants to manage the OSB with WLST as much as possible. I'm wondering if it is possible to handle the security and policies on proxy and business service with WLST.
    Any ideas or links to documenation are welcome.
    Thanks!

    I think you can do this. Please refer - http://docs.oracle.com/cd/E14571_01/core.1111/e10043/wlstcmds.htm#CHDGHDFJ
    But not sure of how much flexibility you will get with WLST. I will recommend using OWSM that is specifically used for similar activities for the soa suite.
    Please refer - http://docs.oracle.com/cd/E21764_01/web.1111/e13713/owsm_appendix.htm & http://docs.oracle.com/cd/E21764_01/doc.1111/e15866/owsm.htm for more details.
    Thanks,
    Patrick

  • Location Service in security and privacy preference pane not saved

    Hi,
    When I want to activate the location service inside the security and privacy preference pane, it is not save. I can check the box but if I leave the pref pane, and come back, it is still uncheck.
    I notice that when I wanted to activate the icloud feature: localized my mac. Thus, it's not working due to my pref in privacy pane not saved.
    I notice as well that in safari, there is a location option as well, and I can't activate it, like iCloud feature due to my pref in privacy always unchecked.
    I tried to repair the authorization of my disk a couple of times
    Is someone experiencing the same issue ?

    The terms of service of the Apple Support Communities prevent us (Apple users) from speculating about why Apple does or does not take certain actions.
    I can't tell you why it is the way it is.  But I can say you could go a long way to alleviating your concern by going to System Preferences > Energy Saver and changing the sleep time such that your computer goes to sleep nearly immediately after you stop using it.  Then even if you forget to log off, your computer will very quickly go to sleep and require a password.

  • Web Services, WS-Security and WebServices Assembler

    Two questions about WebServices and jDev 10.1.2
    1 - What underlying technologies is WebServcies Assembler using to generate WS code? Axis? Suns' WS developer kit? Other?
    2 - We need to utilize WS security and 509 certs to secure some web services, can WSA handle this? If so, what's the general recommeneded approach? If not, any other recommendations?
    _mike                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                                       

    1 - What underlying technologies is WebServcies Assembler using to generate
    WS code? Axis? Suns' WS developer kit? Other?A. JDev uses its own stack to generate this code
    2 - We need to utilize WS security and 509 certs to secure some web services,
    can WSA handle this? If so, what's the general recommeneded approach? If
    not, any other recommendations?A. Web Service Security is supported in 10.1.3

  • [ANN] Online seminar - Web services management and security seminar

    Join us now (Thu 09:00am) for a live seminar about Web services management and security here:
    http://www.oracle.com/technology/tech/java/newsletter/seminars.html

    I have got the following error when i run the WebServicesAssembler.jar
    D:\Oracle\Oc4j\j2ee\home>java -jar d:/oracle/oc4j/webservices/lib/WebServicesAss
    embler.jar -config etc/config.xml
    Exception in thread "main" java.util.zip.ZipException: The system cannot find th
    e path specified
    at java.util.zip.ZipFile.open(Native Method)
    at java.util.zip.ZipFile.<init>(ZipFile.java:105)
    at java.util.jar.JarFile.<init>(JarFile.java:110)
    at java.util.jar.JarFile.<init>(JarFile.java:52)
    D:\Oracle\Oc4j\j2ee\home>java -jar WebServicesAssembler.jar -config etc/config.x
    ml
    Exception in thread "main" java.lang.InstantiationException: Unknown deployment
    tag in JMS Web Service Example: <option>
    at com.evermind.xml.XMLConfig.parseDeploymentMainNode(XMLConfig.java:293
    at oracle.j2ee.ws.tools.WsAssemblerConfig.parseDeploymentMainNode(WsAsse
    mblerConfig.java:68)
    at com.evermind.xml.XMLConfig.parseRootNode(XMLConfig.java:268)
    at com.evermind.xml.XMLConfig.init(XMLConfig.java:147)
    at com.evermind.xml.XMLConfig.init(XMLConfig.java:88)
    at oracle.j2ee.ws.tools.WsAssemblerConfig.init(WsAssemblerConfig.java:30
    at oracle.j2ee.ws.tools.WsAssembler.main(WsAssembler.java:17)

  • How to make my Portal Web Service SECURED?

    Hi Experts,
    I created one portal Service and exposed it as Portal Web Service.
    Everything is working fine, as i deployed my Portal Web Service on to the SAP J2EE Engine ie SAP Server.
    I m able to access functions of Web Service from my StandAlone Java Application.
    but the problem is my Web Service is not SECURED.
    How can i make my Portal Web Service SECURED?
    Please help me out.
    Help will be appreciated and rewarded!!!!!

    user13046122 wrote:
    I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
    I now need to make SOAP Web Service calls - from an 8.1.7.4 database
    But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
    Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
    It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess.

Maybe you are looking for