Web Service Security using OpenSSO

Similar Messages

• Web service security using Jdev 10.1.2.0.2

  Hi
  I am currently developing our first web service. It is based on a pl/sql procedure. We are using App server 10.1.2.0.2 and Jdev 10.1.2.0.2.
  I found this document
  http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
  However it is based on JDev 10.1.3. I managed to create the webservice and set security settings in Jdev 10.1.3 however I had problems when creating an app server connection. And the web service would not deploy to our 10.1.2.0.2 app server.
  Are there any security options available when creating web services in Jdev 10.1.2.0.2? Is it expected that Jdev 10.1.3 won't be able to deploy to our 10.1.2.0.2 app server?
  thanks
  paul schweiger
  Message was edited by:
  [email protected]
  Message was edited by:
  [email protected]

  Hi
  Thanks for your reply
  I downloaded OC4J 10.1.2.0.2 and ran it as as a standalone server.
  I read the blog you linked and made the changes to the web.xml for the webservice. All of which I was able to do using the property palette in jdev 10.1.2.1.0.
  I deployed my webservice to my oc4j standalone server and it appeared as a new application. I editied the orion-web.xml for the new application manually.
  When I point my browser at the webservice I get the test page which allows me to pass parameters to the webserive. I invoke the webservice (which does a HTTP GET according to the test page) and the webservice runs. No user and password is needed though.
  What is the expected behaviour? I was hoping that the webservice wouldn't run until I supplied the admin user name and password
  paul

• Web service Security using X.509 certificate

  Hi All,
  I have a web service deployed on the SAP Web AS J2EE.
  I want to include Authentication option in my web service
  I have configured the settings for using X.509 certificate(HTTPS) in my
  web service configuration and similarly I've configured my client proxy
  for the same.
  My question is..... from where do I get the X.509 certificate?
  actually I have the .crt and .der files, which I created from
  the visual administrator.
  And also do I need to install anything on my SAP server
  in order to use the authentication service? (Any prerequisite)
  Thanks,
  Talimeren

  Hi Talimeren,
  when you want to use certificates you have to setup SSL which you've started already. You have to get and import a server certificate which authenticates the server while the client creates a SSL connection. The cert has to assigned to the SSL port. For NW04 you can find the guide here http://help.sap.com/saphelp_nw04/helpdata/en/f1/2de3be0382df45a398d3f9fb86a36a/frameset.htm
  If you want client authentication by certificates as well you have to import at least one root certificate from a certficate authority (CA) which you trust and by which all user certificates are signed.
  SAP delivers the IAIK library for WebAS security, but this depends on your WebAS version and installation. I suggest you setup SSL and try to make a connection. If the connection can be made, the security library should be there.
  HTH
  Daniel
  Message was edited by: Correct Link
          Daniel Sass

• Web Services Security using JDeveloper 10.1.3.1

  Hi,
  I would need some tutorial to secure a web service using X.509 Digital Certificate. I could find a tutorial on Text Password but not X.509.
  In fact i tried X.509 with a sample web service but getting following error. So any tutorial on this would be great helpful..Thanks
  oracle.j2ee.ws.common.soap.fault.SOAP11FaultException: An invalid token was provided
       at oracle.security.wss.interceptors.AbstractSecurityInterceptor.throwSOAPFaultException(AbstractSecurityInterceptor.java:225)
       at oracle.security.wss.interceptors.AbstractSecurityInterceptor.handleOutbound(AbstractSecurityInterceptor.java:199)
       at oracle.security.wss.interceptors.ClientInterceptor.handleRequest(ClientInterceptor.java:48)
       at oracle.j2ee.ws.common.mgmt.runtime.InterceptorChainImpl.handleRequest(InterceptorChainImpl.java:124)
       at oracle.j2ee.ws.common.mgmt.runtime.AbstractInterceptorPipeline.handleRequest(AbstractInterceptorPipeline.java:87)
       at oracle.j2ee.ws.client.StubBase._preRequestSendingHook(StubBase.java:698)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:147)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
       at helloworldproxy1.proxy.runtime.HelloWorldWebServiceSoapHttp_Stub.sayHello(HelloWorldWebServiceSoapHttp_Stub.java:77)
       at com.HelloWorldWebServiceSoapHttpPortClient.sayHello(HelloWorldWebServiceSoapHttpPortClient.java:41)
       at com.HelloWorldWebServiceSoapHttpPortClient.main(HelloWorldWebServiceSoapHttpPortClient.java:29)
  Caused by: FAULT CODE: InvalidSecurity FAULT MESSAGE: An invalid token was provided
       at oracle.security.xmlsec.wss.WSSecurity.sign(Unknown Source)
       at oracle.security.wss.WSSecurity.sign(WSSecurity.java:2177)
       at oracle.security.wss.WSSecurity.build(WSSecurity.java:1903)
       at oracle.security.wss.interceptors.AbstractSecurityInterceptor.handleOutbound(AbstractSecurityInterceptor.java:189)
       ... 9 more
  Caused by: oracle.security.xmlsec.dsig.SigningException
       at oracle.security.xmlsec.dsig.XSSignature.computeSignature(Unknown Source)
       at oracle.security.xmlsec.dsig.XSSignature.sign(Unknown Source)
       ... 13 more
  Caused by: oracle.security.crypto.core.InvalidKeyException
       at oracle.security.crypto.core.RSAMDSignature.setPrivateKey(RSAMDSignature)
       ... 15 more

  I am also having the same problem. Calling a web service inside JDeveloper 10.1.3.3 works fine. When I deploy to a jar file and include all Jars that the dependency analyzer identifies, the following error occurs:
  standard type mapping initialization error: javax.xml.rpc.JAXRPCException: javax
  .xml.soap.SOAPException: Unable to create SOAP Factory: Provider com.sun.xml.messaging.saaj.soap.ver1_1.SOAPFactory1_1Impl not found
  Your work around defining Java system properties does work, but why do we need to do this using the Oracle SOAP stack?
  If there are alternatives to this problem please share. Thank you.

• Web Services Security using X509 certificate

  Hi,
  I have secured a web service using X509 certificate. i also secured the proxy of it but when i run the proxy client it says.
  javax.security.auth.login.LoginException: Cannot authenticate X509 certificate, User CN=Sam, OU=Technology, O=FS, L=Dallas, ST=Texas, C=US does not exist in our system
  Any idea on this. Do i need to configure the X509 certificate in the server. I am using Oracle SOA Suite and JDeveloper 10.1.3.1
  Thanks

  Hi,
  I have secured a web service using X509 certificate. i also secured the proxy of it but when i run the proxy client it says.
  javax.security.auth.login.LoginException: Cannot authenticate X509 certificate, User CN=Sam, OU=Technology, O=FS, L=Dallas, ST=Texas, C=US does not exist in our system
  Any idea on this. Do i need to configure the X509 certificate in the server. I am using Oracle SOA Suite and JDeveloper 10.1.3.1
  Thanks

• Problem creating web service client using WSM Policies

  Hello everyone,
  I'm trying to make a simple java client to a Web Service secured using a WSM 11gR1 policy (from Soa Suite 11.1.1.2.0). The policy on the server side is oracle/wss11_x509_token_with_message_protection_service_policy which I attached via the Weblogic Admin Console. To implement the client I'm trying to follow the instructions from this documentation: http://download.oracle.com/docs/cd/E15523_01/web.1111/e13713/owsm_appendix.htm#WSSOV386 section "Policy Configuration Overrides for the Web Service Client" and also I'm using OEPE 11.1.1.3.0 (Eclipse 3.5.0) to develop the client. The only weblogic jar I've added to the build path is the weblogic.jar . Unfortunately, the oracle.wsm.security.util.SecurityConstants.ClientConstants interface (used in the example A-6) is not included in this jar and I have no idea what other libraries should I include in order to follow the example. I tried manualy adding other jars but without success. In fact I found one jar which includes this interface, the wsm-secpol.jar but it does not have the properties described in the documentation, so I guess it's not the right jar, and also I don't think this is the right procedure since there might be another dependent jars. So I would like to know what libraries exactly I should add to the build path (or some other procedure if you noticed I'm doing anything wrong)
  Thank you !

  Hi
  I am having the same problem almost where i wrote a client to comsume a JWS server in https. Where the server is setup to require a certificate to connect to.
  My code:
  public static void main(String[] args) {
  try {
  DataBaseSyncServerImpl port = new DataBaseSyncServerImplService().getDataBaseSyncServerImplPort();
  int number1 = 20;
  int number2 = 10;
  System.out.printf("Invoking divide method(%d, %d)\n", number1, number2);
  double result = port.divide(number1, number2);
  System.out.printf("The result of dividing %d and %d is %f.\n\n", number1, number2, result);
  when run this code throw
  run:
  [java] Invoking divide method(20, 10)
  [java] Exception in thread "main" javax.xml.ws.WebServiceException: HTTP transport error: javax.net.ssl.SSLHandshak
  eException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCert
  PathBuilderException: unable to find valid certification path to requested target
  Does any one know how can I solve this problem or how can I make the client be able to use self signed certificates. Any help is greatly apprecited. Thanks

• Configuring OpenSSO Web Service Security on Tomcat

  Dear All,
  I want to configure a simple OpenSSO Web Service security for my application. My web service is on Tomcat and I have used JAX-WS.
  Please let me know if there is something we can develop just by configuring OpenSSO properties, instead of writing the WSC and WSP SOAP message handlers.
  Regards,
  Tarak

  Dear All,
  I want to configure a simple OpenSSO Web Service security for my application. My web service is on Tomcat and I have used JAX-WS.
  Please let me know if there is something we can develop just by configuring OpenSSO properties, instead of writing the WSC and WSP SOAP message handlers.
  Regards,
  Tarak

• How to make my Portal Web Service SECURED?

  Hi Experts,
  I created one portal Service and exposed it as Portal Web Service.
  Everything is working fine, as i deployed my Portal Web Service on to the SAP J2EE Engine ie SAP Server.
  I m able to access functions of Web Service from my StandAlone Java Application.
  but the problem is my Web Service is not SECURED.
  How can i make my Portal Web Service SECURED?
  Please help me out.
  Help will be appreciated and rewarded!!!!!

  user13046122 wrote:
  I have an old pl/sql "helper" package, originally written to make SOAP Web Service calls from the database - it uses UTL_HTTP to invoke the target services.
  I now need to make SOAP Web Service calls - from an 8.1.7.4 database
  But the version of UTL_HTTP inside 8.1.7.4 does not contain the functions needed in the helper package
  Can anybody suggest a means of making SOAP Web Service calls from an 8.1.7.4 database ?I think you'll be very lucky to find anyone here who still has access to a version of Oracle that is that old.... I mean... that's like what? 15 years old at least? I'm surprised you've still got hardware that can run that.
  It would probably help if you could post what code you've got and explain which function(s) it's complaining about, as I doubt people will want to guess.

• Web Service Security Question

  I have created a web service in the NetWeaver portal using a Portal Service.  I have marked the service as requiring basic http authentication.  However, when I call the web service from the Enterprise Portal Web Services Checker in NWDS it just let's me supply the params of the web service and no authentication.  Any ideas?
  I also noticed that my web service does not appear under the Web Services Container or Web Services Security section in Visual Administrator.  Anybody have any idea why this is?
  Thanks in advance.
  Curtis

  Hi Curtis,
  My guess is that since you are logged into the Portal while calling this web service, it will use the current session cookie to authenticate automatically. I'm not sure on the second question, tried a restart?
  Regards,
  Raj

• Web Service Security with SAML - Invalid XML signature

  Hello together,
  we want to build a scenario where we want to use Web Service Security  with SAML.
  The scenario will be
  WS Client (Java Application) -> WS Adapter -> Integration Engine ->  WS Adapter-> CRM (Web AS ABAP 7.01 SP 3)
  SAP PI release is 7.11 (SP Level 4)
  We want to use the SAML Authentification from WS Client to PI and from PI to Web AS ABAP.
  The SAML authentifications between the WS Client and PI works when there is no SAML auth between PI and CRM.
  But we get following error at calling the CRM system when we want to communicate with SAML:
    <E_TEXT>CX_WS_SECURITY_FAULT:Invalid XML signature</E_TEXT>
  Has somebody an idea of the possible reason for the error.
  Thanks in advance
  Stefan

  Error Messages in the Trace/Log Viewer:
  CX_WS_SECURITY_FAULT : Invalid XML signature | program: CL_ST_CRYPTO==================CP include: CL_ST_CRYPTO==================CM00G line: 48
  A SOAP Runtime Core Exception occurred in method CL_ST_CRYPTO==================CM00G of class CL_ST_CRYPTO==================CP at position id 48  with internal error id 1001  and error text CX_WS_SECURITY_FAULT:Invalid XML signature (fault location is 1  ).
  Invalid XML signature

• How to invoke a web service asynchronously using ws-addressing model?

  Hi Gurus,
  We are invoking an external web service asynchronously using Oracle Work Flow Business events using the following mechanism -
  1)Created a web service invoker event to invoke the web service.
  2)Created a subscription that invokes the web service (provided the wsdl address, operation info).
  3)Defined a subscription parameter WFBES_CALLBACK_EVENT with value pointing to a recieve event.
  4)Created a receive event(parameter value for WFBES_CALLBACK_EVENT) and a subscription that directs the response to a custom PL/SQL function to process response.
  so far so good. We were able to invoke the web service and get and process the response.
  Problem: The external web service can take upto 10 hrs to process the request. A time out of 2 hrs is set on the server hosting the external web service. So when the external web service takes more than 2 hrs to process the request and it times out and we get the following error on EBS side -
  'l_error_message:oracle.apps.fnd.wf.bes.InvokerException: HTTP transport error: javax.xml.soap.SOAPException: java.security.PrivilegedActionException: oracle.j2ee.ws.saaj.ContentTypeException: Not a valid SOAP Content-Type: text/html; charset=iso-8859-1'
  Now the external web service providers are suggesting that we are not calling their web service asynchronously and we should use ws-addressing model to do so.
  Is there a way to invoke this web service using ws-addressing model using business events or from PL/SQL or OA middle-tier?
  Regards,
  Sunil
  CMRO Development.
  I am providing here the WSDL of the external web service -
  <?xml version="1.0" encoding="UTF-8"?>
  <wsdl:definitions targetNamespace="http://service.sdk.webservices.enigma.com" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" xmlns:ns1="http://org.apache.axis2/xsd" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:ax21="http://service.sdk.webservices.enigma.com/xsd" xmlns:ns="http://service.sdk.webservices.enigma.com" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/">
  <wsdl:types>
  <xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://service.sdk.webservices.enigma.com/xsd" xmlns:ax22="http://service.sdk.webservices.enigma.com">
  <xs:import namespace="http://service.sdk.webservices.enigma.com"/>
  <xs:complexType name="JCGWebServicesException">
  <xs:complexContent>
  <xs:extension base="ax22:Exception">
  <xs:sequence>
  <xs:element minOccurs="0" name="id" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="message" nillable="true" type="xs:string"/>
  </xs:sequence>
  </xs:extension>
  </xs:complexContent>
  </xs:complexType>
  <xs:complexType name="JCGServiceReply">
  <xs:sequence>
  <xs:element maxOccurs="unbounded" minOccurs="0" name="pdfStatus" nillable="true" type="ax21:PdfStatus"/>
  </xs:sequence>
  </xs:complexType>
  <xs:complexType name="PdfStatus">
  <xs:sequence>
  <xs:element minOccurs="0" name="jobCardID" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="pdfPath" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="status" nillable="true" type="xs:string"/>
  </xs:sequence>
  </xs:complexType>
  </xs:schema>
  <xs:schema attributeFormDefault="qualified" elementFormDefault="qualified" targetNamespace="http://service.sdk.webservices.enigma.com" xmlns:ax23="http://service.sdk.webservices.enigma.com/xsd">
  <xs:import namespace="http://service.sdk.webservices.enigma.com/xsd"/>
  <xs:complexType name="Exception">
  <xs:sequence>
  <xs:element minOccurs="0" name="Exception" nillable="true" type="xs:anyType"/>
  </xs:sequence>
  </xs:complexType>
  <xs:element name="JCGWebServicesException">
  <xs:complexType>
  <xs:sequence>
  <xs:element minOccurs="0" name="JCGWebServicesException" nillable="true" type="ax21:JCGWebServicesException"/>
  </xs:sequence>
  </xs:complexType>
  </xs:element>
  <xs:element name="runJobCard">
  <xs:complexType>
  <xs:sequence>
  <xs:element minOccurs="0" name="a_WorkpackageFilePath" nillable="true" type="xs:string"/>
  <xs:element minOccurs="0" name="a_userName" nillable="true" type="xs:string"/>
  </xs:sequence>
  </xs:complexType>
  </xs:element>
  <xs:element name="runJobCardResponse">
  <xs:complexType>
  <xs:sequence>
  <xs:element minOccurs="0" name="return" nillable="true" type="ax21:JCGServiceReply"/>
  </xs:sequence>
  </xs:complexType>
  </xs:element>
  </xs:schema>
  </wsdl:types>
  <wsdl:message name="JCGWebServicesException">
  <wsdl:part name="parameters" element="ns:JCGWebServicesException">
  </wsdl:part>
  </wsdl:message>
  <wsdl:message name="runJobCardResponse">
  <wsdl:part name="parameters" element="ns:runJobCardResponse">
  </wsdl:part>
  </wsdl:message>
  <wsdl:message name="runJobCardRequest">
  <wsdl:part name="parameters" element="ns:runJobCard">
  </wsdl:part>
  </wsdl:message>
  <wsdl:portType name="JCGServicePortType">
  <wsdl:operation name="runJobCard">
  <wsdl:input message="ns:runJobCardRequest" wsaw:Action="urn:runJobCard">
  </wsdl:input>
  <wsdl:output message="ns:runJobCardResponse" wsaw:Action="urn:runJobCardResponse">
  </wsdl:output>
  <wsdl:fault name="JCGWebServicesException" message="ns:JCGWebServicesException" wsaw:Action="urn:runJobCardJCGWebServicesException">
  </wsdl:fault>
  </wsdl:operation>
  </wsdl:portType>
  <wsdl:binding name="JCGServiceSoap11Binding" type="ns:JCGServicePortType">
  <soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
  <wsdl:operation name="runJobCard">
  <soap:operation soapAction="urn:runJobCard" style="document"/>
  <wsdl:input>
  <soap:body use="literal"/>
  </wsdl:input>
  <wsdl:output>
  <soap:body use="literal"/>
  </wsdl:output>
  <wsdl:fault name="JCGWebServicesException">
  <soap:fault name="JCGWebServicesException" use="literal"/>
  </wsdl:fault>
  </wsdl:operation>
  </wsdl:binding>
  <wsdl:binding name="JCGServiceSoap12Binding" type="ns:JCGServicePortType">
  <soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
  <wsdl:operation name="runJobCard">
  <soap12:operation soapAction="urn:runJobCard" style="document"/>
  <wsdl:input>
  <soap12:body use="literal"/>
  </wsdl:input>
  <wsdl:output>
  <soap12:body use="literal"/>
  </wsdl:output>
  <wsdl:fault name="JCGWebServicesException">
  <soap12:fault name="JCGWebServicesException" use="literal"/>
  </wsdl:fault>
  </wsdl:operation>
  </wsdl:binding>
  <wsdl:service name="JCGService">
  <wsdl:port name="JCGServiceHttpSoap12Endpoint" binding="ns:JCGServiceSoap12Binding">
  <soap12:address location="http://localhost:8080/JCG/services/JCGService"/>
  </wsdl:port>
  <wsdl:port name="JCGServiceHttpSoap11Endpoint" binding="ns:JCGServiceSoap11Binding">
  <soap:address location="http://localhost:8080/JCG/services/JCGService"/>
  </wsdl:port>
  </wsdl:service>
  </wsdl:definitions>
  Edited by: sikumar on Jun 22, 2010 1:50 PM

  Bharat,
  You dont need a Business Event setup to invoke a BPEL process from PL/SQL unless you have a special case and you need to process the response from the BPEL process in a separate thread (or in background)..
  For a straight call to BPEL process from PL/SQL, here is a sample script -
  function "MYTEST0" return varchar2 AS
  soap_request varchar2(30000);
  soap_respond varchar2(30000);
  http_req utl_http.req;
  http_resp utl_http.resp;
  resp XMLType;
  i integer;
  helpStr varchar2(30000);
  BEGIN
  soap_request:= '<?xml version = ''1.0'' encoding = ''UTF-8''?>
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:ns0="
  http://xmlns.oracle.com/TestWS">
  <env:Body>
  <ns0:TestWSProcessRequest>
  <ns0:input>abc</ns0:input>
  </ns0:TestWSProcessRequest>
  </env:Body>
  </env:Envelope>
  /* the BPEL process name is TestWS */
  http_req:= utl_http.begin_request
  ( 'http://hostname:7777/orabpel/default/TestWS/1.0'
  , 'POST'
  , 'HTTP/1.1'
  utl_http.set_header(http_req, 'Content-Type', 'text/xml');
  utl_http.set_header(http_req, 'Content-Length', length(soap_request));
  utl_http.set_header(http_req, 'SOAPAction', 'process');
  utl_http.write_text(http_req, soap_request);
  http_resp:= utl_http.get_response(http_req);
  utl_http.read_text(http_resp, soap_respond);
  utl_http.end_response(http_resp);
  resp:= XMLType.createXML(soap_respond);
  resp:= resp.extract('/soap:Envelope/soap:Body/child::node()',
  'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"');
  helpStr := '';
  i:=0;
  loop
  helpStr := helpStr || substr(soap_respond,1+ i*255,250);
  i:= i+1;
  if i*250> length(soap_respond)
  then
  exit;
  end if;
  end loop;
  return helpStr;
  END;

• Oracle Database Web Service Client using UTL_DBWS :: ORA-29532 Error

  Hi,
  I have the Oracle Database 10.2.0.1.0 :-
  SQL> select * from v$version;
  BANNER
  Oracle Database 10g Enterprise Edition Release 10.2.0.1.0 - Prod
  PL/SQL Release 10.2.0.1.0 - Production
  CORE    10.2.0.1.0      Production
  TNS for 32-bit Windows: Version 10.2.0.1.0 - Production
  NLSRTL Version 10.2.0.1.0 - ProductionI have written a simple Web Services Client using the classes gfrom the UTL_DBWS package. I loaded the JAR file dbwsclient.jar in the SYS Schema and I am trying to use it in the USF Schema.
  However, I have hit this error & I ma unable to proceed :-
  SQL>  select get_stock_price from dual;
  select get_stock_price from dual
  ERROR at line 1:
  ORA-29532: Java call terminated by uncaught Java exception:
  java.lang.IllegalAccessException: javax.xml.rpc.ServiceException:
  java.security.AccessControlException: the Permission
  (java.lang.RuntimePermission getClassLoader) has not been granted to USF. The
  PL/SQL to grant this is dbms_java.grant_permission( 'USF',
  'SYS:java.lang.RuntimePermission', 'getClassLoader', '' )
  ORA-06512: at "USF.UTL_DBWS", line 193
  ORA-06512: at "USF.UTL_DBWS", line 190
  ORA-06512: at "USF.GET_STOCK_PRICE", line 17Can you please help me with this ?
  Regards,
  Sandeep

  Hi,
  The error message said
  the Permission(java.lang.RuntimePermission getClassLoader) has not been granted to USF.
  I'd follow the suggestion
  The PL/SQL to grant this is dbms_java.grant_permission( 'USF','SYS:java.lang.RuntimePermission', 'getClassLoader', '' )
  In case you have not done so, consult the Callout Users Guide @
  http://www.oracle.com/technology/sample_code/tech/java/jsp/callout_users_guide.htm
  Kuassi http://db360.blogspot.com

• Details for 'Is Web service security available?'

  Hi i am working on scenario rfc to webservice.Its as secued webserivce i need to do ssl configuration.
  In component monitoring..for the integration engine its in yellow...
  Details for 'Is Web service security available?'
  Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client)
  can any one please help me out..
  Thanks
  sriram

  I have already installed certificates on the j2ee engine & i have given the paramaters for keystore entry & keystore value.Still i have the same error
  In component monitoring
  For integration engine
  Details for 'Is Web service security available?'
  Communication error Proxy calls on the sender or receiver side are not permitted on the IS (client) 
  In message monitoring
  Audit Log for Message: f614df00-e9e0-11da-95ef-0004ac577b32
  Time Stamp Status Description
  2006-05-22 15:18:58 Success The message was successfully received by the messaging system. Profile: XI URL: http://saptst01:51000/MessagingSystem/receive/AFW/XI
  2006-05-22 15:18:58 Success Using connection AFW. Trying to put the message into the request queue.
  2006-05-22 15:18:58 Success Message successfully put into the queue.
  2006-05-22 15:18:58 Success The message was successfully retrieved from the request queue.
  2006-05-22 15:18:58 Success The message status set to DLNG.
  2006-05-22 15:18:58 Success Delivering to channel: ZCH_VERISIGNPPGR
  2006-05-22 15:18:58 Success SOAP: request message entering the adapter
  2006-05-22 15:18:58 Success SOAP: call failed
  2006-05-22 15:18:58 Error SOAP: error occured: iaik.security.ssl.SSLException: Peer sent alert: Alert Fatal: illegal parameter
  2006-05-22 15:18:58 Error Exception caught by adapter framework: Peer sent alert: Alert Fatal: illegal parameter
  Can any one please help me out.
  Thanks
  sriram

• Web Services Security Problem

  hi all,
  I am publishling the BC4J Component(Application module) as a webservice. The particular web service method will be as follows. The method is returning the element object.
  public Element getEmp(String searchString,String selectedItem, int pageNoInput)
  return (Element)hits.writeXML(1,Row.XML_OPT_LIMIT_RANGE);
  I am securing the web service by the instructions which are given in the following link
  http://www.oracle.com/technology/products/jdev/howtos/1013/wssecure/10gwssecurity_howto.html
  Then i am creating the proxy client. when i run the proxy client it gives me the following exception
  javax.xml.rpc.soap.SOAPFaultException: SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security
       at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:553)
       at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:390)
       at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:111)
       at aptuitclient.runtime.ReviewProtocolAppModuleServiceSoapHttp_Stub.getEmp(ReviewProtocolAppModuleServiceSoapHttp_Stub.java:91)
       at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.getEmp(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:58)
       at bc4jaswebservice.server.webservice.ReviewProtocolAppModuleServiceSoapHttpPortClient.main(ReviewProtocolAppModuleServiceSoapHttpPortClient.java:44)
  When i am removing the security for the web service it is giving the Element object.
  The Problem is when i am securing the web service it is giving the above said exception.
  Please help me regarding this... this is very urgent...
  rgds
  Parameswaran

  Hello,
  When you are using WS-Security you need to secure the client too. So in your case the client is the ADF Data Control.
  The way you should configure your data control is documented here:
  - Web Services Security and ADF Data Control
  Regards
  Tugdual Grall

• Web service security in PI

  Mine is PROXY to SOAP asynchronous.
  PI consumes the service, my requirement is when PI calls the service I need to pass web service security in SOAP header.
  so that at receiver statem they can validate the user using these.
  When i am calling webservice from soapui with the header parameters
  Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>xxxxx</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>
  <wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
  <wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
  </wsse:UsernameToken>
  </wsse:Security>
  What configuration needs to be done in PI.

  I got this in Runtime work bench
  <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
  - <SOAP:Header>
  - <sap:Main xmlns:sap="http://sap.com/xi/XI/Message/30" versionMajor="3" versionMinor="0" SOAP:mustUnderstand="1" xmlns:wsu="http://www.docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-main-92ABE13F5C59AB7FE10000000A1551F7">
    <sap:MessageClass>ApplicationMessage</sap:MessageClass>
    <sap:ProcessingMode>asynchronous</sap:ProcessingMode>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:TimeSent>2009-07-15T15:46:10Z</sap:TimeSent>
  - <sap:Sender>
    <sap:Party agency="" scheme="" />
    <sap:Service>test2310</sap:Service>
    </sap:Sender>
  - <sap:Receiver>
    <sap:Party agency="" scheme="" />
    <sap:Service>test_serivce</sap:Service>
    </sap:Receiver>
    <sap:Interface namespace="urn:Publish">msgIF_publish_I_Async</sap:Interface>
    </sap:Main>
  - <sap:ReliableMessaging xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
    <sap:QualityOfService>ExactlyOnce</sap:QualityOfService>
    </sap:ReliableMessaging>
  - <sap:Diagnostic xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
    <sap:TraceLevel>Fatal</sap:TraceLevel>
    <sap:Logging>On</sap:Logging>
    </sap:Diagnostic>
  - <sap:HopList xmlns:sap="http://sap.com/xi/XI/Message/30" SOAP:mustUnderstand="1">
  - <sap:Hop timeStamp="2009-07-15T15:46:10Z" wasRead="false">
    <sap:Engine type="BS">test_serivce</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:Info>3.0</sap:Info>
    </sap:Hop>
  - <sap:Hop timeStamp="2009-07-15T15:46:11Z" wasRead="false">
    <sap:Engine type="IS">is.68.devai020</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XI</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    <sap:Info>3.0</sap:Info>
    </sap:Hop>
  - <sap:Hop timeStamp="2009-07-15T15:46:12Z" wasRead="false">
    <sap:Engine type="AE">af.dxi.devai020</sap:Engine>
    <sap:Adapter namespace="http://sap.com/xi/XI/System">XIRA</sap:Adapter>
    <sap:MessageId>4a3a1651-b19b-0199-e100-8000aa064690</sap:MessageId>
    </sap:Hop>
    </sap:HopList>
    </SOAP:Header>
  Edited by: Vamsi on Jul 15, 2009 7:06 PM