Testing Security policy attached web service

Similar Messages

• Adding Security Policy to web services .

  Hi,
  I am trying to create Java Webservice from JDeveloper and add policies(OWSM or WLS) to it . I am able to succesfully create web service from java code in Jdeveloper ,create a WAR out of it and can deploy it in weblogic server .But if I create Webservice by adding WLS policies or OWSM policies to it . The WAR fails to deploy in Weblogic server . Is there any pre - requisites I need to do before I deploy ? If any one has a tutorial for this , it will be nice .

  The solution suggested in link i have already done ....... But that had not resolved my issue
  Below is my sample code -
  it has three operations -
  package project6;
  import javax.jws.WebService;
  import weblogic.jws.Policy;
  @WebService
  @Policy(uri = "policy:Wssp1.2-2007-Https-BasicAuth.xml", direction = Policy.Direction.inbound)
  public class basicHello {
  public basicHello() {
  super();
  public String SayHello(String a)
  {return("Hello "+a);
  public String SayBye(String a)
  {return ("Bye "+a);
  public String SayHowAreYou(String a)
  {return("How are you "+a+" ??");
  When I deploy I am able to get a war file too . But when I install in weblogic server it fails . DO I HAVE TO DO ANY SETTING CHANGE IN WEBLOGIC SERVER ?

• Nyone who had success using sign-encrypt policy(oracle web service manager)

  Hi All,
  I could not succeed in using sign Message and Encrypt and decrypt and verify signature policy using oracle web services manager.So I would be grateful if somebody who had success in using it would shed light on its use.
  Basically,I am using the following policy steps in securing a helloworld web service using gateway(oracle web services manager) :
  1)for Request (Decrypt and Verify signature).
  2)for Response(Sign Message and Encrypt).
  The configuration for Request is shown below:
  Pipeline "Request"
  Pipeline Steps:
  Start Pipeline
  Log
  Decrypt and Verify Signature
  Basic Properties Type Default Value
  Enabled (*) boolean true true
  XML Decryption Properties Type Default Value
  Decryptor''s keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-keystore.jks
  Decrypt Keystore Type (*) string jks jks
  Decryptor''s keystore password string *******
  Decryptor''s private-key alias (*) string s1as
  Decryptor''s private-key password string *******
  Enforce Encryption (*) boolean true true
  XML Signature Verification Properties Type Default Value
  Verifying Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-truststore.jks
  Verifying Keystore type (*) string jks jks
  Verifying Keystore password string *******
  Signer''s public-key alias (*) string xws-security-client
  Enforce Signing (*) boolean true true
  End Pipeline
  And the configuration for Response is shown below:
  Pipeline "Response"
  Pipeline Steps:
  Start Pipeline
  Log
  Sign Message and Encrypt
  Basic Properties Type Default Value
  Enabled (*) boolean true true
  Signing Properties Type Default Value
  Signing Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-keystore.jks
  Signing Keystore Type (*) string jks jks
  Signing Keystore password string *******
  Signer''s private-key alias (*) string s1as
  Signer''s private-key password string *******
  Signed Content (*) string BODY BODY
  Sign XPATH Expression string
  Sign XML Namespace string[]
  Encryption Properties Type Default Value
  Encryption Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-truststore.jks
  Encrypt Keystore Type (*) string jks jks
  Encryption Keystore password string *******
  Decryptor''s public-key alias (*) string xws-security-client
  Encrypted Content (*) string BODY BODY
  Encrypt XPATH Expression string
  Encrypt XML Namespace string[]
  End Pipeline
  But I am getting the following fault exception while accessing this secure web service :
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Body>
  <SOAP-ENV:Fault>
  <faultcode "http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode>
  <faultstring>Step execution failed with an exception
  </faultstring>
  <detail></detail>
  </SOAP-ENV:Fault>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  I would appreciate your help.Thanks.
  Kash

  Hi clemens,
  Actually I installed OracleWebServices_Manager_4_0_3 and I see my installation directory does not contain any of the directory structure you mention.
  It installed oracle web services manager in the following location:
  C:\coresv_install_home
  and it contains the following subdirectories:
  1)bin
  2)config
  3)db
  4)ears
  5)external
  6)extlicences
  7)lib
  8)samples
  9)scripts
  10)wars
  So I like to ask did you install the same version of the oracle web services manager, if not which version you install in which security is working for you.Thanks for any help.
  Kash

• Problems invoking a secure 8.1 web service from a 6.1 client

  I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
  Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
  In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
  If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
  Any help would be GREATLY appreciated.

  Hi Paul,
  This sound familiar, but I cannot at the moment locate a reference to
  the issue. I would encourage you to seek the help of our super support
  team [1].
  Regards,
  Bruce
  [1]
  http://support.bea.com
  [email protected]
  Paul Merrigan wrote:
  >
  I'm trying to invoke a secure 8.1 web service from a 6.1 client application and keep getting rejected with the following message:
  Security Violation: User: '<anonymous>' has insufficient permission to access EJB:
  In the 6.1 client, I've established a WebServiceProxy and set the userName and password to the proper values, but I can't seem to get past the security.
  If there something special I need to do on either the 8.1 securing side or on the 6.1 accessing side to make this work?
  Any help would be GREATLY appreciated.

• Adding security to a web service then generating a proxy [SOLVED]

  Hi
  I generated a web service based on a very simple java program. I have deployed it to a local oc4j install and successfully called it from a proxy generated from jdev. I am using 10.1.3.3.0.
  I added security to the web service and regenerated the proxy. I wanted to see the difference in the SOAP messages sent to the web service. However the proxy does not seem to have changed to take account of the new security settings on the web service.
  The security options I set were:
  On main security dialog: Ticked the port and "Text Password"
  On Authentication: Ticked "Expect Username ti Authenticate"
  "Password Required"
  Password Type = "Plain Text"
  "Nonce Required in Token"
  "Creation Time Required in Token"
  I have 2 questions:
  1. How do I get the proxy to send SOAP messages that contain the security headers required to run the web service. Here is the main method from my proxy. I thought adding setUsername and setPassword would be the solution
      public static void main(String[] args) {
          try {
              gpn3.Getphonenum3SoapHttpPortClient myPort = new gpn3.Getphonenum3SoapHttpPortClient();
              System.out.println("calling " + myPort.getEndpoint());
              // Add your own code here
              myPort.setUsername("oc4jadmin");
              myPort.setPassword("welcome");           
              myPort.getNum("Lisa");
          } catch (Exception ex) {
              ex.printStackTrace();
  2. When the web service receives a user name and password what does it check them against? I assume the oc4jadmin user will be allowed access but how do I set up other users?
  many thanks
  paul schweiger
  Message was edited by:
  [email protected]

  I have figured this out now
  1. I needed to set the same security settings in my proxy as I did for my web service. I had assumed that the proxy would generate the necessary security settings from the web service.
  2. For some reason my web service application is using the system level jazn-data xml file
  oc4j_extended_101330/j2ee/home/config/system-jazn-data.xml
  This does include the oc4jadmin user and I am now able to use that account to call the web service. I also managed to add another user and use that account to call the web service successfully.
  Thanks for the help
  paul

• LDAP security provider and web service authentication

  Background: we are currently developing web services to our existing weblogic application. Our users can configure user/password authentication in one of three ways: database, LDAP, or SSO. Setting SSO aside, we need to implement the same authentication for database and LDAP that we use in our existing logon servlet in our web services. In our servlet we detect which they are configured for and, if database, authenticate the encrypted password to a database table we have for user id/password. If LDAP we use weblogic.servlet.security.ServletAuthentication and the weak() method to authenticate.
  We've to use SOAP headers to communicate username/password from the client to the web service. We want to code a SOAP message handler to grab the username/password and do the authentication there. We've successfully put something together that handles the database authentication no problem and are now struggling with how to handle the LDAP authentication. We distribute a LDAP security provider we've coded for LDAP authentication. I guess what I am looking for is an equivalent functionality provided with weblogic.servlet.security.ServletAuthentication. Note that I realize the weblogic.servlet.security package has been deprecated starting with Weblogic 9.0 but cannot find what functionality replaces it. Any help there would be appreciated as well.
  Note that I am fairly new to web service development (about 10 months now) and definitely new to web service security and Weblogic security. I tried digging into the volumes of documentation out there regarding these two topics but am simply having a difficult time sorting it all out and figuring out how to do what I want to do.
  Thanks in advance!
  Julia

  Hi,
  Add Provider (LDAP Credentials) in Admin console Security Realm --> defaultrealm -->Providers. Configuring Ldap in Admin Console will enable Admin Server to connect to LDAP. All the LDAP preconfigured Users/Groups will be available in Users and Groups Tab of Security Realms >defaultrealm >Users and Groups. Add Roles using Security Realms >defaultrealm > Roles and Policies > Global Roles > Roles. Add Role Conditions to the role by specifying users/groups configured in LDAP. If your webservice runs with SSL Anotate the Webservice file something like this below.
  @RolesAllowed({
  @SecurityRole(role="test")
  @Policy(
  uri="policy:Wssp1.2-2007-Https-UsernameToken-Plain.xml",
  attachToWsdl=true)
  Here the role is Preconfigired role in AdminConsole. Add the following tag in the soapenv:header.
  <soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken>
  <wsse:Username>test</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>

• How to secure a J2SE Web Service

  Hi,
  I have created a J2SE Web Service using JAX-WS and I now wish to secure it but I can't seem to work out how to do it in an automated manner.
  I have used the simple Java-First method, writing an annotated java class and then running wsgen to generate the WSDL and required artifacts.
  WSIT seems to be the solution, placing a WSIT config file in a META-INF directory on the classpath. However, in the examples that I have there seems to be a huge amount of overlap between the WSDL and the WSIT config file. Moreover, the content of the WSIT config seems to be dependent on the contents of the WSDL. This means that should I update the implementation class I would have to manually update the WSIT config (unlike the WSDL which would be autogenerated from the Java class).
  Ideally I would like to create two files:
  - myserviceImpl.java
  - wsit-config.xml (using the correct naming convention)
  Then run WSGEN and, hey presto, a full WSDL is generated complete ith security policy information. However, it seems that this is not the way it works.
  I'd be grateful for any advice you can give on how to automate this process. My current idea is to generate the WSDL and then use an XSLT step in the build process to drag the WSIT config into the WSDL.
  I'd also be interested in hearing how other people have created secure J2SE web services.
  I am using Eclipse (not NetBeans) and Maven.
  Thanks

  I am using Eclipse (not NetBeans) and Maven.I hate doing this, but have you tried Netbeans? Metro has really tight integration with it and pretty much can do what you want. However, making a programmer change IDE is like suggesting someone to try another religion.

• WebServiceException When invoking secured ADF-BC web services on WebSphere

  We built web services using ADF 11.1.1.7 RC1, and deployed to WebSphere ND 7.0.0.23
  The web services are secured using OWSM policy:
  @SecurityPolicy( { "oracle/wss11_saml_or_username_token_with_message_protection_service_policy" })
  And we have a client java program which invokes the web services as follows:
  MTOMFeature mtom = new MTOMFeature();
  SecurityPolicyFeature sec_policy = new SecurityPolicyFeature("oracle/wss11_saml_token_with_message_protection_client_policy");
  if (lCMAMService == null) {
  generateFCMWebserviceUrl();
  URL url = new URL(fcmUrl);
  LCMAMService_Service lCMAMService_Service = null;
  try {
  lCMAMService_Service = new LCMAMService_Service(url);
  } catch (WebServiceException wse) {
  generateFCMWebserviceUrl(true);
  URL physicalURL = new URL(fcmUrl);
  lCMAMService_Service = new LCMAMService_Service(physicalURL);
  lCMAMService = lCMAMService_Service.getLCMAMServiceSoapHttpPort(mtom, sec_policy);
  Everything works fine in WebLogic. However, when running on WebSphere ND 7.0.0.23, the following exception were thrown:
  javax.xml.ws.WebServiceException: Invalid or unsupported WebServiceFeature feature http://www.w3.org/ns/ws-policy
       at org.apache.axis2.jaxws.ExceptionFactory.createWebServiceException(ExceptionFactory.java:173)
       at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:70)
       at org.apache.axis2.jaxws.ExceptionFactory.makeWebServiceException(ExceptionFactory.java:118)
       at org.apache.axis2.jaxws.feature.ClientFramework.addFeature(ClientFramework.java:56)
       at org.apache.axis2.jaxws.binding.BindingImpl.setFeatures(BindingImpl.java:138)
       at org.apache.axis2.jaxws.BindingProvider.initialize(BindingProvider.java:167)
       at org.apache.axis2.jaxws.BindingProvider.<init>(BindingProvider.java:73)
       at org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.<init>(JAXWSProxyHandler.java:123)
       at org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.<init>(JAXWSProxyHandler.java:114)
       at org.apache.axis2.jaxws.spi.ServiceDelegate.getPort(ServiceDelegate.java:615)
       at javax.xml.ws.Service.getPort(Service.java:133)
       at oracle.apps.epm.fcc.lcm.proxy.LCMAMService_Service.getLCMAMServiceSoapHttpPort(LCMAMService_Service.java:59)
       at oracle.apps.epm.fcc.lcm.common.FCMExportImportHandler.instantiateFCMService(FCMExportImportHandler.java:703)
  It seems that in WebSphere, the security policy are not supported. Any idea what needs to be changed for the client code to work in WebSphere?
  Thanks.

  Hi,
  as you are from Oracle, can you reach out to internal forums and mailing lists? JDeveloper 11.1.1.7 RC1 is not available outside of Oracle and therefore should not have questions posted on this public forum.
  Frank

• Security issue with Web Services on Oracle SOA suite? (Serious?)

  Hi,
  I have recently installed and set up the SOA 10.1.3 on my local machine.
  I created a simple test web service and deployed - worked ok.
  I then added simple plain text security to the service, and again opened it up for testing using the test service function.
  Initially, it returns with the expected message 'missing soap header security'.
  However if you refresh the page / or test the service again, it is then invoked - seemingly bypassing the security !!!
  Oddly the 3rd attempt then shows the security message again, and it seems to alternate between allowing access to the service and imposing the security?!?!
  Has anyone else experience this ?
  Is it a bug ? (if so, its a pretty nasty one that could quite possibly catch alot of people out !)

  I have now created an independant client in Java to call the WS.
  The security is still bypassed on ever other call?!?!
  I have this over HTTPS also, and was hoping this would provide an adequate means of securing my web services.
  How is everyone else securing web services that are exposed to general consumers? Maybe i should find a new approach !

• Security for a web service

  Hi everyone,
  Scenario :
  I want to securise a web service with SSL.
  I want to call this web service with Java standalone class (not servlet, JSP,...).
  Here is what I've done :
  1) I created a web service with "Secure SOAP" option.
  2) I created a <u>Standalone Proxy</u>.
  3) I created a Java Standalone client and tried to call the web service.
  Here is the code :
       public static void main(String[] args) {
            try {
            Hello1WebServiceImpl service = new Hello1WebServiceImpl();
            Hello1WebServiceViDocument port = (Hello1WebServiceViDocument)service.getLogicalPort();
            System.out.println(port.sayHello1());
            } catch (Exception e) {
                 e.printStackTrace();
  Here is the exception :
  java.rmi.RemoteException: Service call exception; nested exception is:
       java.net.ConnectException: Connection timed out: connect
       at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:80)
       at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:88)
       at SampleComponent.main(SampleComponent.java:23)
  Caused by: java.net.ConnectException: Connection timed out: connect
       at java.net.PlainSocketImpl.socketConnect(Native Method)
       at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:305)
       at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:171)
       at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:158)
       at java.net.Socket.connect(Socket.java:452)
       at java.net.Socket.connect(Socket.java:402)
       at java.net.Socket.<init>(Socket.java:309)
       at java.net.Socket.<init>(Socket.java:124)
       at iaik.security.ssl.SSLSocket.<init>(Unknown Source)
       at com.sap.engine.services.webservices.jaxm.soap.SSLUtilImpl.createSSLSocket(SSLUtilImpl.java:43)
       at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.initStreamsFromSocket(HTTPSocket.java:500)
       at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.initializeStreams(HTTPSocket.java:422)
       at com.sap.engine.services.webservices.jaxm.soap.HTTPSocket.getOutputStream(HTTPSocket.java:384)
       at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.HTTPTransport.getRequestStream(HTTPTransport.java:337)
       at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.outputMessage(MimeHttpBinding.java:433)
       at com.sap.engine.services.webservices.jaxrpc.wsdl2java.soapbinding.MimeHttpBinding.call(MimeHttpBinding.java:1117)
       at com.proxy.Config1BindingStub.sayHello1(Config1BindingStub.java:73)
       ... 2 more
  Can someone please tell me the steps I must follow ?
  Thanks in advance.
  Message was edited by: David Fryda

  Ive ran into similar proples using normal ssl over http and the issues were with my environmet configuration ... yours may be with somthing totally different... but i fixed my probs by adding the folling code before creating the connection. 
  java.security.Provider provider[] =
    java.security.Security.getProviders();
  for (int i = 0; i < provider.length; i++) {
    java.security.Security.removeProvider(
      provider<i>.getName());
  java.security.Security.insertProviderAt(
  new com.sun.net.ssl.internal.ssl.Provider(), 2);
  java.security.Security.insertProviderAt(
  new sun.security.provider.Sun(), 1);
  System.setProperty(
  "java.protocol.handler.pkgs",
  "com.sun.net.ssl.internal.www.protocol");
  you can also accomplish this by modifying the java.security file found in \jre\lib\security directory.
  Also because this is a stand alone app be sure to have all the necessary jar files in you classpath ... you can accomplish this by using the -classpath option when calling your program or by moving the files into you \bin\lib\ext directory;

• Testing failed when adding Web Service by OmniPortlet

  I am using Portal of 10gAS. In "Define your OmniPortlet", I selected "Web Service" as the data type. After I typed in the WSDL URL and selected a method, I clicked on Test button under the setion "Enter values for the method parameters". But I got error saying login failed. What's the account it tries to login? How can I fix it?
  The error varys, depending on which Method is selected from the list:
  ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  Web Service: Test Result
  Error
  Call to Web Service Failed. [SOAP-ENV:Server : java.sql.SQLException: ORA-01017: invalid username/password; logon denied at oracle.jdbc.dbaccess.DBError.throwSqlException(DBError.java:188)]
  ~~~~ or ~~~~~~~~~~~~~~~~~~~~~~~~~`
  <ns1:getEmpXMLResponse xmlns:ns1="oracle.otn.ws.scott.OTNDeptEmp" SOAP-ENV:encodingStyle="http://xml.apache.org/xml-soap/literalxml" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <return>
  <ERROR>
  oracle.xml.sql.OracleXMLSQLException: ORA-01017: invalid username/password; logon denied
  </ERROR>
  </return>
  </ns1:getEmpXMLResponse>

  Hi,
  I beleive you are using the WebService
  http://otn.oracle.com/ws/oracle.otn.ws.scott.OTNDeptEmp?WSDL
  The error message displayed is what the web server
  is returning. Web server may encounter exceptions while executing any method.
  As a web service client, OmniPortlet will display the error messages returned
  by the web server.
  You can try a differrent WebService , it seems to be the issue with WebService
  Thanks
  Vineet

• Question: Securing Communications in Web Services: A Tutorial

  Hi all,
  I have been following this tutorial:
  http://developers.sun.com/prodtech/identserver/reference/techart/secure-ws.html
  And it was a pissed-off experience. I have only spent 5 mins on it and I am already stuck.
  Anyway, when I try to deploy the StockServer project, I get the following error:
  am-init:
  am-deploy:
  /home/bwoo/Creator/Projects/webservicessecurity/samples/StockServer/nbproject/am-deploy.xml:46: Could not create task or type of type: amdeploy.
  Ant could not find the task or a class this task relies upon.
  This is common and has a number of causes; the usual
  solutions are to read the manual pages then download and
  install needed JAR files, or fix the build file:
  - You have misspelt 'amdeploy'.
  Fix: check your spelling.
  - The task needs an external JAR file to execute
  and this is not found at the right place in the classpath.
  Fix: check the documentation for dependencies.
  Fix: declare the task.
  - The task is an Ant optional task and the JAR file and/or libraries
  implementing the functionality were not found at the time you
  yourself built your installation of Ant from the Ant sources.
  Fix: Look in the ANT_HOME/lib for the 'ant-' JAR corresponding to the
  task and make sure it contains more than merely a META-INF/MANIFEST.MF.
  If all it contains is the manifest, then rebuild Ant with the needed
  libraries present in ${ant.home}/lib/optional/ , or alternatively,
  download a pre-built release version from apache.org
  - The build file was written for a later version of Ant
  Fix: upgrade to at least the latest release version of Ant
  - The task is not an Ant core or optional task
  and needs to be declared using <taskdef>.
  - You are attempting to use a task defined using
  <presetdef> or <macrodef> but have spelt wrong or not
  defined it at the point of use
  Remember that for JAR files to be visible to Ant tasks implemented
  in ANT_HOME/lib, the files must be in the same directory or on the
  classpath
  Please neither file bug reports on this problem, nor email the
  Ant mailing lists, until all of these causes have been explored,
  as this is not an Ant bug.
  BUILD FAILED (total time: 5 seconds)
  Have any of you had the same problem? I know there is a similar tutorial on NetBeans website but it's even more poorly written.

  No i have not really worked on it these last days...
  I wonder why so few answers to this post. Would we the only two people who want to do this (be able to access OCS fron a web app, reusing SSO session)
  My main problem, for these web services, is to pass a password. As we do actually, we should keep a password in clear text in the User session.. and i'm not fond of this.

• Securing SOA 11g Web Services with OWSM AD authentication

  I have SOA 11g with Weblogic 10.3.5 installed and running a Web Service and a Client I want to protect with Active Directory auth and perhaps some other access rules. As I read, I can use OWSM policies to do that. Most guides I found concern OWSM 10g.
  How can I make WL use AD authentication? Do I have to use Access Manager?

  I finally figured it out. The nullpointer exception is related to the SAML assertion. The SAML assertion in my requests is signed with embedded signature and this seems to be not supported with the used OWSM policy. Without the signature is the exception gone.
  Marian

• Axis securing seemingly public web services

  Hi,
  Their may be an obvious answer to this question, but I've done some searching and come up blank so far.
  I am wondering if you can restrict which domains are allowed to access the web services on your axis web application (I am running axis on tomcat).
  It is my understanding that anyone who know the address of a servlet that generates a WSDL file will be able to consume this service. I want to be able to prevent this and only allow my own domain access to web service.
  Any advice would be most appreciated.
  :|

  use HTTP basic authentication? In addition if you don't want the public internet to access it, hide it behind a firewall.

• Could Not Establish trust relationship for the SSL/TLS secure channel Sharepoint Web services

  I am trying to updateList items into a sharepoint list from the xml document stored in my shared drive in remote server. To make that work i wrote down a Powershell Script that utilizes Sharepoint Webservices Api Updatelistitems function to perform the acitivity.
  I ran the script over in Dev environment it works, Then i went into QA that Works too. At last i am now in PROD and agains ran the script i am now receicing following error:
  New-WebServiceProxy : The underlying connection was closed: Could not establish trust relationship for the SSL/TLS secure channel
  All of my servers dev, QA and PROD web apps are encrypted by Https 443 using Cerified root certificate. Powershell script i am running are mirror copy. System accoutn i am using has owner privileages to sharepoint site and its list.
  Am i missing something here, what is blocking this traffic i have no clue.
  Thank You

  are u using self singed certificate?
  also check this http://www.poshpete.com/powershell/new-webserviceproxy-and-ssl
  http://www.brainlitter.com/2012/03/13/sharepoint-2010-and-cert-trust-could-not-establish-trust-relationship-for-the-ssltls-secure-channel/
  Please remember to mark your question as answered &Vote helpful,if this solves/helps your problem. ****************************************************************************************** Thanks -WS MCITP(SharePoint 2010, 2013) Blog: http://wscheema.com/blog