Web Service Using SSL issue
I have a web service that has been working fine using http. Just switched over to SSL using the <WLHttpsTransport> tag on the jwsc ant command. Now I get the following error at runtime: Any ideas/suggestions? Thanks in advance - Craig
16:22:27,953 INFO [STDOUT] Caused by: java.lang.NoClassDefFoundError: org/apache/tools/ant/BuildException
16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.internal.TylarJ2SBindingsBuilderImpl.<init>(TylarJ2SBindingsBuilderImpl.java:87)
16:22:27,953 INFO [STDOUT] at weblogic.wsee.bind.buildtime.J2SBindingsBuilder$Factory.newInstance(J2SBindingsBuilder.java:30)
16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.ExceptionUtil.<clinit>(ExceptionUtil.java:48)
16:22:27,953 INFO [STDOUT] at weblogic.wsee.util.FaultUtil.exception2Fault(FaultUtil.java:230)
16:22:27,953 INFO [STDOUT] at weblogic.wsee.message.soap.SoapMessageContext.setFault(SoapMessageContext.java:102)
I thought I would post an update since I found a solution. The problem was a ClassCast exception in a part of the SSL stack, that wanted to use the ant BuildException class. This has the effect of hiding the real issue which was that the SSL connection was not successfully occuring. The real problem was that the SSL connection started with a WSDL retrieved via SSL, but the connection for the port was through a username/password. When a username/password is used to create a port, the WL stack falls back to http and causes a ClassCast exception on weblogic.wsee.connection.transport.http.HttpTransportInfo. The solution is to create an https transport object when the service impl is created:
HttpsTransportInfo transport = new HttpsTransportInfo ();
transport.setUsername (user.getBytes ());
transport.setPassword (pass.getBytes ());
gServiceImpl = new PersistenceManagerService_Impl (url, transport);
and to create the port without parameters:
port = getServiceImpl ().getPersistenceManagerServicePort ();
This allows one-way SSL with username/password for the connection.
Similar Messages
-
Web Service using SSL certificates
Hi All,
I built an Adaptive Web service model using a WSDL file. The web service is from a third party provider and it requests exchange certificates.
When I tried to consume any of the methods of the web service I get an error: sometime is an invalid response code (500) and sometimes is Peer certificate rejected by ChainVerifier.
We created a logical destination and in this is where I'm sepecifying what certificate to use also I tried creating a service group but in this case the error says Configuration not found for application, but I created in NWA maybe something is missing.
Any idea what the issue is? also it is posible to indicate in java what certificate to use?
Regards,
Eduardo CamposHI Eduardo,
Please refer SAP Note 838111 for Consuming SSL webervices.
Please refer the below link for the process flow of consuming SSL webservices..
https://cw.sdn.sap.com/cw/docs/DOC-32734?decorator=print
Hope this helps you..
Regards,
Saleem Mohammad. -
Coldfusion 11 Web Services and SSL Issue
Our company has two web services that we host that a vendor uses to grab information from on a periodic basis. These services ran fine on a CF8 SSL site, but once we switched to 11, the services can no longer be created. However, I can create them on our unsecured test site (which also is running CF 11) and access them externally without issue. When I try to create the webservice in the url, I just get a blank page back instead of the XML I should be getting. Is there something special I am missing that has to be done to create web services in a secure environment? The raw error message I get when trying to invoke the secure web service is below:
coldfusion.xml.rpc.XmlRpcServiceImpl$BadWsdlXMLException: Unable to parse WSDL as an XML document. at coldfusion.xml.rpc.XmlRpcServiceImpl.retrieveWSDL(XmlRpcServiceImpl.java:976) at coldfusion.xml.rpc.XmlRpcServiceImpl.access$000(XmlRpcServiceImpl.java:96) at coldfusion.xml.rpc.XmlRpcServiceImpl$1.run(XmlRpcServiceImpl.java:309) at java.security.AccessController.doPrivileged(Native Method) at coldfusion.xml.rpc.XmlRpcServiceImpl.registerWebService(XmlRpcServiceImpl.java:302) at coldfusion.xml.rpc.XmlRpcServiceImpl.getWebServiceProxy(XmlRpcServiceImpl.java:692) at coldfusion.tagext.lang.InvokeTag.doEndTag(InvokeTag.java:469) at coldfusion.runtime.CfJspPage._emptyTcfTag(CfJspPage.java:2987) at cfcallmattersearch2ecfm1244659485.runPage(D:\Web\sims\st\callmattersearch.cfm:9) at coldfusion.runtime.CfJspPage.invoke(CfJspPage.java:246) at coldfusion.tagext.lang.IncludeTag.handlePageInvoke(IncludeTag.java:734) at coldfusion.tagext.lang.IncludeTag.doStartTag(IncludeTag.java:570) at coldfusion.filter.CfincludeFilter.invoke(CfincludeFilter.java:65) at coldfusion.filter.IpFilter.invoke(IpFilter.java:45) at coldfusion.filter.ApplicationFilter.invoke(ApplicationFilter.java:487) at coldfusion.filter.RequestMonitorFilter.invoke(RequestMonitorFilter.java:42) at coldfusion.filter.MonitoringFilter.invoke(MonitoringFilter.java:40) at coldfusion.filter.PathFilter.invoke(PathFilter.java:141) at coldfusion.filter.ExceptionFilter.invoke(ExceptionFilter.java:94) at coldfusion.filter.BrowserDebugFilter.invoke(BrowserDebugFilter.java:78) at coldfusion.filter.ClientScopePersistenceFilter.invoke(ClientScopePersistenceFilter.java:2 8) at coldfusion.filter.BrowserFilter.invoke(BrowserFilter.java:38) at coldfusion.filter.NoCacheFilter.invoke(NoCacheFilter.java:58) at coldfusion.filter.GlobalsFilter.invoke(GlobalsFilter.java:38) at coldfusion.filter.DatasourceFilter.invoke(DatasourceFilter.java:22) at coldfusion.filter.CachingFilter.invoke(CachingFilter.java:62) at coldfusion.CfmServlet.service(CfmServlet.java:219) at coldfusion.bootstrap.BootstrapServlet.service(BootstrapServlet.java:89) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:303) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at coldfusion.monitor.event.MonitoringServletFilter.doFilter(MonitoringServletFilter.java:42 ) at coldfusion.bootstrap.BootstrapFilter.doFilter(BootstrapFilter.java:46) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j ava:241) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:501) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:422) at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:198) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.jav a:607) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:313) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source)I've got this working on our dev and test servers. Now I'm trying to deploy it to production. We have an external prod server in a DMZ that calls the web service on our internal prod server. We only have port 443 open in the firewall between these two servers (not port 80). I am able to do a <cfhttp> call to the WSDL over 443 and get back the xml. However, if I make the web service call using <cfinvoke> I get the following error:
Cannot perform web service invocation getNthDayOfMonth.
The fault returned when invoking the web service operation is:
org.apache.axis2.AxisFault: Connection refused
at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
at org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(Common sHTTPTransportSender.java:402)
at org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSen der.java:231)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java :229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at standard.StandardDate_functionCfcStub.getNthDayOfMonth(StandardDate_functionCfcStub.java: 192)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorI... ''
I am able to successfully call the same web service (on the internal prod server) using the same code from my internal dev server. However, when I look at my httpd logs on the internal prod server, I don't see the request in the ssl logs. It shows up in the access_log file as:
150.231.26.130 - - [03/Feb/2015:13:48:57 -0500] "POST /standard/date_function.cfc HTTP/1.1" 200 397 "-" "Axis2"
Any thoughts why this appears to still be coming through port 80? -
Using Coldfusion 8, I am trying to connect to a .NET web
service that is secure with SSL v3.
I have added their cert to my CF keystore but still getting
the same error.
I am able to connect to the webservice, but not execute any
methods.
I can access the webservice and run the method when not using
SSL.
But with SSL I am getting this error:
The fault returned when invoking the web service operation
is:
AxisFault
faultCode: {
http://schemas.xmlsoap.org/soap/envelope/}Server.userException
faultSubcode:
faultString: java.net.ConnectException: Connection timed
out: connect
Any help greatly appreciated!!I made some progress, perhaps! When the browse the webservice
from our server using IE, I see this error come up...
Revocation Information for the security certificate is not
available. Do you want to proceed.
This appears on the server and not my PC because the security
settings of the browser on the server are less forgiving. But it
leads me to suspect that my timeout error being caused by my
webservice not being able to respond to this question with a Yes or
No answer.
Do you know a way to tell Coldfusion to ignore certificate
errors?
Thanks!! -
Error invoking SSL web service using pl sql UTL_HTTP
Web Services Gurus,
I am invoking a secure web service based on the following WSDL file from a pl/sql program using UTL_HTTP package.
The web service is secure and prompts for authentication.
The web services certificate is imported in Oracle Wallet on Database Server.
I am listing the WSDL file, the pl/sql code and error message as follows -
1. The WSDL file -
<definitions
name="Webservice"
targetNamespace="http://webservice.airclic.com/"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:tns="http://webservice.airclic.com/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>
<types>
<xs:schema targetNamespace="http://webservice.airclic.com/" version="1.0" xmlns:tns="http://webservice.airclic.com/"
xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:element name="Exception" type="tns:Exception"/>
<xs:element name="sendAuthenticationResponse" type="tns:sendAuthenticationResponse"/>
<xs:element name="sendAuthenticationResponseResponse" type="tns:sendAuthenticationResponseResponse"/>
<xs:complexType name="AuthenticationResponse">
<xs:complexContent>
<xs:extension base="tns:Response">
<xs:sequence>
<xs:element name="success" type="xs:boolean"/>
<xs:element name="username" type="xs:string"/>
<xs:element minOccurs="0" name="password" type="xs:string"/>
<xs:element minOccurs="0" name="firstName" type="xs:string"/>
<xs:element minOccurs="0" name="lastName" type="xs:string"/>
<xs:element minOccurs="0" name="email" type="xs:string"/>
<xs:element minOccurs="0" name="active" type="xs:boolean"/>
<xs:element minOccurs="0" name="timeZone" type="xs:string"/>
<xs:element minOccurs="0" name="group" type="xs:string"/>
<xs:element minOccurs="0" name="role" type="xs:string"/>
<xs:element minOccurs="0" name="errorCode" type="xs:string"/>
<xs:element minOccurs="0" name="errorMessage" type="xs:string"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
<xs:complexType name="DispatchEvent"></xs:complexType>
<xs:complexType name="sendAuthenticationResponse">
<xs:sequence>
<xs:element minOccurs="0" name="authenticationResponse" type="tns:AuthenticationResponse"/>
</xs:sequence>
</xs:complexType>
<xs:complexType name="sendAuthenticationResponseResponse">
<xs:sequence/>
</xs:complexType>
<xs:simpleType name="status"></xs:simpleType>
<xs:simpleType name="source"></xs:simpleType>
<xs:simpleType name="eventType"></xs:simpleType>
</xs:schema>
</types>
<message name="Webservice_sendAuthenticationResponse">
<part name="sendAuthenticationResponse" element="tns:sendAuthenticationResponse"/>
</message>
<message name="Webservice_sendAuthenticationResponseResponse">
<part name="sendAuthenticationResponseResponse" element="tns:sendAuthenticationResponseResponse"/>
</message>
<portType name="Webservice">
<operation name="sendAuthenticationResponse" parameterOrder="sendAuthenticationResponse">
<input message="tns:Webservice_sendAuthenticationResponse"/>
<output message="tns:Webservice_sendAuthenticationResponseResponse"/>
<fault name="Exception" message="tns:Exception"/>
</operation>
</portType>
<binding name="WebserviceBinding" type="tns:Webservice">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="sendAuthenticationResponse">
<soap:operation soapAction=""/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
<fault name="Exception">
<soap:fault name="Exception" use="literal"/>
</fault>
</operation>
</binding>
<service name="Webservice">
<port name="WebservicePort" binding="tns:WebserviceBinding">
<soap:address location="https://host.airclic.com:443/webservice/product/fieldservice/v1/Webservice"/>
</port>
</service>
</definitions>
2. The pl/sql code that calls the web service operation sendAuthenticationResponse
procedure send_auth_response
as
soap_request varchar2(30000);
soap_respond varchar2(30000);
http_req utl_http.req;
http_resp utl_http.resp;
resp XMLType;
i integer;
begin
-- initiate wallet for AirClic certificate
dbms_output.put_line ('1');
utl_http.set_wallet('file:/etc/oracle/wallet','<wallet password>');
-- create soap request
dbms_output.put_line ('2');
soap_request:= '<?xml version = "1.0" encoding = "UTF-8"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Body>
<ns1:sendAuthenticationResponse xmlns="https://host.airclic.com:443/webservice/product/fieldservice/v1/Webservice" SOAP-ENV:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<success xsi:type="xsd:boolean">true</success>
<username xsi:type="xsd:string">changlanih</username>
<password xsi:type="xsd:string">abcd1234</password>
<firstName xsi:type="xsd:string">hero</firstName>
<lastName xsi:type="xsd:string">changlani</lastName>
<email xsi:type="xsd:string">[email protected]</email>
<active xsi:type="xsd:boolean">true</active>
<timeZone xsi:type="xsd:string">eastern</timeZone>
<group xsi:type="xsd:string">Northeast</group>
<role xsi:type="xsd:string">Service Manager</role>
<errorCode xsi:type="xsd:string"></errorCode>
<errorMessage xsi:type="xsd:string"></errorMessage>
</ns1:sendAuthenticationResponse>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>';
-- request that exceptions are raised for error Status Codes
dbms_output.put_line ('3');
utl_http.set_response_error_check (true);
-- allow testing for exceptions like UTL_HTTP.http_server_error
dbms_output.put_line ('4');
utl_http.set_detailed_excp_support (true);
--utl_http.set_transfer_timeout (ln_time_out);
dbms_output.put_line ('5');
utl_http.set_body_charset ('UTF-8');
-- begin request
dbms_output.put_line ('5.5');
http_req:= utl_http.begin_request
('https://host.airclic.com:443/webservice/product/fieldservice/v1/Webservice/sendAuthenticationResponse', ------ is the url correct here ?
'POST',
'HTTP/1.1'
dbms_output.put_line ('6');
utl_http.set_authentication(http_req, '<username for webservice>', '<password for webservice user>');
dbms_output.put_line ('7');
utl_http.set_persistent_conn_support (http_req, false);
dbms_output.put_line ('8');
utl_http.set_header(http_req, 'Content-Type', 'text/xml'); -- since we are dealing with plain text in XML documents
dbms_output.put_line ('9');
utl_http.set_header(http_req, 'Content-Length', length(soap_request));
dbms_output.put_line ('10');
utl_http.set_header(http_req, 'SOAPAction', ''); -- required to specify this is a SOAP communication
dbms_output.put_line ('11');
utl_http.write_text(http_req, soap_request);
dbms_output.put_line ('12');
http_resp := utl_http.get_response(http_req);
-- debug messages
DBMS_OUTPUT.PUT_LINE('-------utl_http.get_response---------------------');
DBMS_OUTPUT.PUT_LINE('http_resp.status_code is :'||http_resp.status_code );
DBMS_OUTPUT.PUT_LINE('http_resp.reason_phrase is :'||http_resp.reason_phrase);
DBMS_OUTPUT.PUT_LINE('http_resp.http_version is :'||http_resp.http_version);
DBMS_OUTPUT.PUT_LINE('http_resp.private_hndl is :'||http_resp.private_hndl);
DBMS_OUTPUT.PUT_LINE('-------utl_http.get_response----------------------');
utl_http.read_text(http_resp, soap_respond);
dbms_output.put_line ('13');
utl_http.end_response(http_resp);
dbms_output.put_line ('14');
resp := XMLType.createXML(soap_respond);
dbms_output.put_line ('15');
resp := resp.extract('/soap:Envelop/soap:Body/child::node()',
'xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"');
i:=0;
dbms_output.put_line ('16');
loop
dbms_output.put_line(substr(soap_respond, 1 + i * 255, 250));
i := i + 1;
if (i * 250) > length(soap_respond) then
exit;
end if;
end loop;
exception
when utl_http.request_failed then
dbms_output.put_line('request failed: ' || utl_http.get_detailed_sqlerrm);
when utl_http.http_server_error then
dbms_output.put_line('server error: ' || utl_http.get_detailed_sqlerrm);
when utl_http.http_client_error then
dbms_output.put_line('client error: ' || utl_http.get_detailed_sqlerrm);
when others then
dbms_output.put_line(sqlerrm);
end send_auth_response;
3. Output when I run the send_auth_response procedure
Connecting to the database cpdev.
1
2
3
4
5
5.5
ORA-12560: TNS:protocol adapter error
Process exited.
Disconnecting from the database cpdev.
Comments -
The web service operation only has input message. The input message consists of a complex type as seen in WSDL.
Questions -
1. This is my first attempt in invoking a web service from pl/sql program. Is the code in SOAP body correct as mapped to the complex type in WSDL ?
2. As seen from the dbms_out - the last message before ORA-12560 is 5.5, that means the call is erroring at following code line -
http_req:= utl_http.begin_request ------ what am I doing wrong here ?
3. The web service is SSL as seen from WSDLand needs a username/password for access - which is being performed by following code line -
utl_http.set_authentication(http_req, '<username for webservice>', '<password for webservice user>'); ------- is that correct ?
4. I am not using any proxy server - should I be using it ? When is it necessary to use proxy ?
Appreciate any help.
Thanx.Oracle is hosted by HOST A - this is where the pl/sql program resides.
The Web Service being accessed by pl/sql program is hosted by HOST B and there are 4 firewalls in between.
Oracle was not even able to establish connection to web services host.
Escalated the issue with networking folks and they resolved the connectivity problem.
Hope that helps. -
How to retrieve user identity in a web service using SSO/SSL?
I am using OracleAS10g Rel2 to develop a web service implemented as a java class. The web service client uses basic HTTP authentication and is to access the web service over SSL. I would like to know in general how I might access the user identity from within the java class. I am aware that it is possible to pass environment variables from the HTTP server to the OC4J container with Oc4jEnvVar, but can't sufficient documentation on this and am not sure this is the right approach.
Any help is greatly appreciated..There are a couple of possible techniques--
A) Use the AccesControlContext API
You can use methods from the java.security.AccessControlContext,
java.security.AccessController, and javax.security.auth.Subject
classes to get the authenticated subject.
1. Create an AccessControlContext object by calling the
AccessController.getContext method. The getContext method takes a
"snapshot" of the current calling context and returns it in an
AccessControlContext object.
2. Get the subject of the context by using the Subject.getSubject method.
For more information on the classes and methods described in this section, see the API
for the java.security and javax.security.auth packages at the following Web
address.
http://java.sun.com/j2se/1.4.2/docs/api/index.html
For example:
java.security.AccessControlContext context =
java.security.AccessController.getContext();
javax.security.auth.Subject sub = javax.security.Subject.getSubject(context);
B) use the ServiceLifecycle API:
You can use the javax.xml.rpc.server.ServiceLifecycle and
ServletEndpointContext interfaces to obtain user information from security
tokens, such as SAML, Username, or X.509. For example, the
ServletEndpointContext.getUserPrincipal method returns the name of the
authenticated user; the ServletEndpointContext.isUserInRole method
returns whether user belongs to a specific role.
Follow these general steps:
1. Implement the ServiceLifecycle interface for the Web service.
2. In the implementation of the ServiceLifecycle.init method, cast the
context parameter to ServletEndpointContext.
3. Call methods, such as getUserPrincipal and isUserInRole, on the
ServletEndpointContext context parameter to obtain user information.
For example:
package test;
public class SecureService implements securePort,
javax.xml.rpc.server.ServiceLifecycle {
private javax.xml.rpc.server.ServletEndpointContext context;
public void init(Object obj) throws javax.xml.rpc.ServiceException {
context = (javax.xml.rpc.server.ServletEndpointContext)obj;
public String helloUser(String message) throws java.rmi.RemoteException {
java.security.Principal principal = context.getUserPrincipal();
if(principal == null) {
throw new RuntimeException("Principal not found");
String userName = principal.getName();
return "Hi "+userName+"! "+message;
public void destroy() {
context = null;
} -
ORA-29532 error when invoking SSL web services using UTL_DBWS
Web Service gurus,
The WSDL for web services is as follows -
<definitions name="Webservice" targetNamespace="http://webservice.airclic.com/">
−
<types>
−
<xs:schema targetNamespace="http://webservice.airclic.com/" version="1.0">
<xs:element name="Exception" type="tns:Exception"/>
<xs:element name="listenForEvents" type="tns:listenForEvents"/>
<xs:element name="listenForEventsResponse" type="tns:listenForEventsResponse"/>
<xs:element name="sendAuthenticationResponse" type="tns:sendAuthenticationResponse"/>
<xs:element name="sendAuthenticationResponseResponse" type="tns:sendAuthenticationResponseResponse"/>
<xs:element name="upsertTask" type="tns:upsertTask"/>
<xs:element name="upsertTaskResponse" type="tns:upsertTaskResponse"/>
−
<xs:complexType name="upsertTask">
−
<xs:sequence>
<xs:element minOccurs="0" name="task" type="tns:Task"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Task">
−
<xs:complexContent>
−
<xs:extension base="tns:PlatformObject">
−
<xs:sequence>
<xs:element minOccurs="0" name="status" type="tns:status"/>
<xs:element minOccurs="0" name="assignee" type="xs:string"/>
<xs:element minOccurs="0" name="assigneeUserId" type="xs:string"/>
<xs:element minOccurs="0" name="name" type="xs:string"/>
<xs:element minOccurs="0" name="type" type="xs:string"/>
<xs:element minOccurs="0" name="creationTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="updateTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="startTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="endTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="source" type="tns:source"/>
<xs:element minOccurs="0" name="notes" type="xs:string"/>
<xs:element minOccurs="0" name="priority" type="xs:int"/>
<xs:element minOccurs="0" name="penalized" type="xs:boolean"/>
<xs:element minOccurs="0" name="hasSLA" type="xs:boolean"/>
<xs:element minOccurs="0" name="location" type="tns:Location"/>
<xs:element minOccurs="0" name="windowStartTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="windowEndTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="signee" type="xs:string"/>
<xs:element minOccurs="0" name="signature" type="xs:base64Binary"/>
<xs:element minOccurs="0" name="customerId" type="xs:string"/>
<xs:element minOccurs="0" name="travelTime" type="xs:int"/>
<xs:element minOccurs="0" name="expirationTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="parentId" type="xs:long"/>
<xs:element minOccurs="0" name="externalTimezone" type="xs:string"/>
<xs:element minOccurs="0" name="localTimeOffset" type="xs:long"/>
<xs:element minOccurs="0" name="consignee" type="xs:string"/>
<xs:element minOccurs="0" name="assignmentWindowStartTimestamp" type="xs:long"/>
<xs:element minOccurs="0" name="assignmentWindowEndTimestamp" type="xs:long"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
−
<xs:complexType name="PlatformObject">
−
<xs:sequence>
<xs:element name="id" type="xs:string"/>
<xs:element name="externalId" type="xs:string"/>
<xs:element name="revision" type="xs:long"/>
<xs:element name="platformDateCreated" type="xs:dateTime"/>
<xs:element name="platformDateUpdated" type="xs:dateTime"/>
<xs:element name="objectName" type="xs:string"/>
<xs:element maxOccurs="unbounded" name="extendedAttributes" type="tns:ExtendedAttribute"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Location">
−
<xs:sequence>
<xs:element minOccurs="0" name="name" type="xs:string"/>
<xs:element minOccurs="0" name="description" type="xs:string"/>
<xs:element minOccurs="0" name="type" type="xs:string"/>
<xs:element minOccurs="0" name="address" type="tns:Address"/>
<xs:element minOccurs="0" name="position" type="tns:Position"/>
<xs:element minOccurs="0" name="geofenceId" type="xs:long"/>
<xs:element minOccurs="0" name="capcity" type="xs:int"/>
<xs:element minOccurs="0" name="contact" type="xs:string"/>
<xs:element minOccurs="0" name="email" type="xs:string"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Address">
−
<xs:sequence>
<xs:element minOccurs="0" name="addressLine" type="xs:string"/>
<xs:element minOccurs="0" name="addressLine2" type="xs:string"/>
<xs:element minOccurs="0" name="city" type="xs:string"/>
<xs:element minOccurs="0" name="secondaryCity" type="xs:string"/>
<xs:element minOccurs="0" name="subdivision" type="xs:string"/>
<xs:element minOccurs="0" name="postalCode" type="xs:string"/>
<xs:element minOccurs="0" name="country" type="xs:string"/>
<xs:element minOccurs="0" name="phone" type="xs:string"/>
<xs:element minOccurs="0" name="freeform" type="xs:string"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Position">
−
<xs:sequence>
<xs:element name="latitude" type="xs:double"/>
<xs:element name="longitude" type="xs:double"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="ExtendedAttribute">
−
<xs:sequence>
<xs:element name="name" type="xs:string"/>
<xs:element name="value" type="xs:anyType"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="upsertTaskResponse">
−
<xs:sequence>
<xs:element minOccurs="0" name="task" type="tns:Task"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Exception">
−
<xs:sequence>
<xs:element minOccurs="0" name="message" type="xs:string"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="listenForEvents">
−
<xs:sequence>
<xs:element minOccurs="0" name="listenParams" type="tns:ListenParams"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="ListenParams">
−
<xs:sequence>
<xs:element name="queueName" type="xs:string"/>
<xs:element name="resendLast" type="xs:boolean"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="listenForEventsResponse">
−
<xs:sequence>
<xs:element maxOccurs="unbounded" minOccurs="0" name="events" type="tns:Event"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="Event">
−
<xs:sequence>
<xs:element name="id" type="xs:string"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="AuthenticationRequestEvent">
−
<xs:complexContent>
−
<xs:extension base="tns:RequestEvent">
−
<xs:sequence>
<xs:element name="username" type="xs:string"/>
<xs:element minOccurs="0" name="password" type="xs:string"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
−
<xs:complexType name="RequestEvent">
−
<xs:complexContent>
−
<xs:extension base="tns:Event">
−
<xs:sequence>
<xs:element name="correlationId" type="xs:string"/>
<xs:element name="response" type="tns:Response"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
−
<xs:complexType name="Response">
−
<xs:sequence>
<xs:element name="correlationId" type="xs:string"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="AuthenticationResponse">
−
<xs:complexContent>
−
<xs:extension base="tns:Response">
−
<xs:sequence>
<xs:element name="success" type="xs:boolean"/>
<xs:element name="username" type="xs:string"/>
<xs:element minOccurs="0" name="password" type="xs:string"/>
<xs:element minOccurs="0" name="firstName" type="xs:string"/>
<xs:element minOccurs="0" name="lastName" type="xs:string"/>
<xs:element minOccurs="0" name="email" type="xs:string"/>
<xs:element minOccurs="0" name="active" type="xs:boolean"/>
<xs:element minOccurs="0" name="timeZone" type="xs:string"/>
<xs:element minOccurs="0" name="group" type="xs:string"/>
<xs:element minOccurs="0" name="role" type="xs:string"/>
<xs:element minOccurs="0" name="errorCode" type="xs:string"/>
<xs:element minOccurs="0" name="errorMessage" type="xs:string"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
−
<xs:complexType name="DispatchEvent">
−
<xs:complexContent>
−
<xs:extension base="tns:Event">
−
<xs:sequence>
<xs:element name="type" type="tns:eventType"/>
<xs:element minOccurs="0" name="previousTask" type="tns:Task"/>
<xs:element name="changeTask" type="tns:Task"/>
<xs:element minOccurs="0" name="newTask" type="tns:Task"/>
</xs:sequence>
</xs:extension>
</xs:complexContent>
</xs:complexType>
−
<xs:complexType name="sendAuthenticationResponse">
−
<xs:sequence>
<xs:element minOccurs="0" name="authenticationResponse" type="tns:AuthenticationResponse"/>
</xs:sequence>
</xs:complexType>
−
<xs:complexType name="sendAuthenticationResponseResponse">
<xs:sequence/>
</xs:complexType>
−
<xs:simpleType name="status">
−
<xs:restriction base="xs:string">
<xs:enumeration value="NULL"/>
<xs:enumeration value="UNASSIGNED"/>
<xs:enumeration value="ASSIGNED"/>
<xs:enumeration value="RECEIVED"/>
<xs:enumeration value="ACCEPTED"/>
<xs:enumeration value="REJECTED"/>
<xs:enumeration value="IN_PROGRESS"/>
<xs:enumeration value="POSTPONED"/>
<xs:enumeration value="COMPLETED"/>
<xs:enumeration value="CANCELED"/>
<xs:enumeration value="CLEARED"/>
<xs:enumeration value="EXPIRED"/>
</xs:restriction>
</xs:simpleType>
−
<xs:simpleType name="source">
−
<xs:restriction base="xs:string">
<xs:enumeration value="NULL"/>
<xs:enumeration value="DISPATCH"/>
<xs:enumeration value="SYSTEM"/>
<xs:enumeration value="ENDUSER"/>
</xs:restriction>
</xs:simpleType>
−
<xs:simpleType name="eventType">
−
<xs:restriction base="xs:string">
<xs:enumeration value="TaskCreated"/>
<xs:enumeration value="TaskUpdated"/>
<xs:enumeration value="TaskAssigned"/>
<xs:enumeration value="TaskDeleted"/>
<xs:enumeration value="TaskStatusChanged"/>
<xs:enumeration value="TaskConflicted"/>
</xs:restriction>
</xs:simpleType>
</xs:schema>
</types>
−
<message name="Webservice_listenForEvents">
<part element="tns:listenForEvents" name="listenForEvents"/>
</message>
−
<message name="Webservice_sendAuthenticationResponseResponse">
<part element="tns:sendAuthenticationResponseResponse" name="sendAuthenticationResponseResponse"/>
</message>
−
<message name="Webservice_sendAuthenticationResponse">
<part element="tns:sendAuthenticationResponse" name="sendAuthenticationResponse"/>
</message>
−
<message name="Webservice_upsertTaskResponse">
<part element="tns:upsertTaskResponse" name="upsertTaskResponse"/>
</message>
−
<message name="Exception">
<part element="tns:Exception" name="Exception"/>
</message>
−
<message name="Webservice_upsertTask">
<part element="tns:upsertTask" name="upsertTask"/>
</message>
−
<message name="Webservice_listenForEventsResponse">
<part element="tns:listenForEventsResponse" name="listenForEventsResponse"/>
</message>
−
<portType name="Webservice">
−
<operation name="listenForEvents" parameterOrder="listenForEvents">
<input message="tns:Webservice_listenForEvents"/>
<output message="tns:Webservice_listenForEventsResponse"/>
<fault message="tns:Exception" name="Exception"/>
</operation>
−
<operation name="sendAuthenticationResponse" parameterOrder="sendAuthenticationResponse">
<input message="tns:Webservice_sendAuthenticationResponse"/>
<output message="tns:Webservice_sendAuthenticationResponseResponse"/>
<fault message="tns:Exception" name="Exception"/>
</operation>
−
<operation name="upsertTask" parameterOrder="upsertTask">
<input message="tns:Webservice_upsertTask"/>
<output message="tns:Webservice_upsertTaskResponse"/>
<fault message="tns:Exception" name="Exception"/>
</operation>
</portType>
−
<binding name="WebserviceBinding" type="tns:Webservice">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
−
<operation name="listenForEvents">
<soap:operation soapAction=""/>
−
<input>
<soap:body use="literal"/>
</input>
−
<output>
<soap:body use="literal"/>
</output>
−
<fault name="Exception">
<soap:fault name="Exception" use="literal"/>
</fault>
</operation>
−
<operation name="sendAuthenticationResponse">
<soap:operation soapAction=""/>
−
<input>
<soap:body use="literal"/>
</input>
−
<output>
<soap:body use="literal"/>
</output>
−
<fault name="Exception">
<soap:fault name="Exception" use="literal"/>
</fault>
</operation>
−
<operation name="upsertTask">
<soap:operation soapAction=""/>
−
<input>
<soap:body use="literal"/>
</input>
−
<output>
<soap:body use="literal"/>
</output>
−
<fault name="Exception">
<soap:fault name="Exception" use="literal"/>
</fault>
</operation>
</binding>
−
<service name="Webservice">
−
<port binding="tns:WebserviceBinding" name="WebservicePort">
<soap:address location="https://webservice.mp.b.airclic.com:443/webservice/product/fieldservice/v1/Webservice"/>
</port>
</service>
</definitions>
Following is the pl/sql code using UTL_DBWS
DECLARE
l_service UTL_DBWS.service;
l_call UTL_DBWS.call;
l_wsdl_url VARCHAR2(32767);
l_namespace VARCHAR2(32767);
l_service_qname UTL_DBWS.qname;
l_port_qname UTL_DBWS.qname;
l_operation_qname UTL_DBWS.qname;
l_input_params UTL_DBWS.anydata_list;
soap_request xmltype;
l_result xmltype;
result_output VARCHAR2(32767);
BEGIN
l_wsdl_url := 'https://webservice.mp.b.airclic.com/webservice/product/fieldservice/v1/Webservice?WSDL';
l_namespace := 'http://webservice.airclic.com/';
dbms_output.put_line ('1');
l_service_qname := UTL_DBWS.to_qname(l_namespace, 'Webservice');
dbms_output.put_line ('2');
l_port_qname := UTL_DBWS.to_qname(l_namespace, 'WebservicePort');
dbms_output.put_line ('3');
l_operation_qname := UTL_DBWS.to_qname(l_namespace, 'sendAuthenticationResponse');
dbms_output.put_line ('4');
l_service := UTL_DBWS.create_service (
wsdl_document_location => URIFACTORY.getURI(l_wsdl_url),
service_name => l_service_qname);
dbms_output.put_line ('5');
l_call := UTL_DBWS.create_call (
service_handle => l_service,
port_name => l_port_qname,
operation_name => l_operation_qname);
dbms_output.put_line ('6');
UTL_DBWS.SET_PROPERTY(l_call,'USERNAME',<username to access wsdl>);
dbms_output.put_line ('7');
UTL_DBWS.SET_PROPERTY(l_call,'PASSWORD',<password>);
dbms_output.put_line ('8');
utl_dbws.set_property(l_call,'OPERATION_STYLE', 'document');
dbms_output.put_line ('9');
soap_request := xmltype.createxml('<?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:sendAuthenticationResponse xmlns:ns2="http://webservice.airclic.com/">
<authenticationResponse>
<correlationId>4646735802698040711:[email protected]</correlationId>
<success>true</success>
<username>changlanih</username>
<password>abcd1234</password>
<firstName>hero</firstName>
<lastName>changlani</lastName>
<email>[email protected]</email>
<active>true</active>
<timeZone>eastern</timeZone>
<group>Northeast</group>
<role>Service Manager</role>
</authenticationResponse>
</ns2:sendAuthenticationResponse>
</S:Body>
</S:Envelope>');
l_result := UTL_DBWS.invoke ( l_call,soap_request);
UTL_DBWS.release_call (call_handle => l_call);
UTL_DBWS.release_service (service_handle => l_service);
result_output := l_result.getstringval;
dbms_output.put_line('web svc output ===> ' || result_output);
END;
Following is the error from pl/sql code
1
2
3
4
DECLARE
ERROR at line 1:
ORA-29532: Java call terminated by uncaught Java exception: java.lang.IllegalAccessException: error.build.wsdl.model: oracle.j2ee.ws.common.tools.api.WsdlValidationException:
Failed to read WSDL from https://webservice.mp.b.airclic.com/webservice/product/fieldservice/v1/Webservice?WSDL:
HTTP connection error code is 401
ORA-06512: at "SYS.UTL_DBWS", line 193
ORA-06512: at "SYS.UTL_DBWS", line 190
ORA-06512: at line 20
Notes
The program fails at following line of code -
l_service := UTL_DBWS.create_service (
wsdl_document_location => URIFACTORY.getURI(l_wsdl_url),
service_name => l_service_qname);
Web services are SSL.
The WSDL is at https location and needs username/password for access. The username/password to access WSDL are set using UTL_DBWS.SET_PROPERTY
To access the SSL site, I have imported the CA in Oracle Wallet, JVM home and JDK home.
Can anyone tell me what am I doing wrong here. I am not able to even establish connection to web service host.
This is very frustrating - Oracle has no examples on how to access a SSL Web Service (that needs authentication) from Database.
This is effecting our project deadlines ......... any help would be greatly appreciated.
Thanks.Hi,
I presume your Web Service needs HTTP (BASIC?) Authentication.
All this needs is setting the following 2 properties, which as can be seen, you are setting....
UTL_DBWS.set_property(l_call, 'USERNAME', '<username>');
UTL_DBWS.set_property(l_call, 'PASSWORD', '<pwd>');
This should work as long as your DBWS Callout Utility was downloaded from OTN after June 2008, and it's version is atleast 10.1.3.1.
Following is a sample code snippet that was tested successfully for this :
Declare
l_service UTL_DBWS.service;
l_call UTL_DBWS.call;
l_result sys.XMLTYPE;
l_request sys.XMLTYPE;
BEGIN
l_service := UTL_DBWS.create_service(null);
l_call := UTL_DBWS.create_call(l_service);
UTL_DBWS.set_target_endpoint_address(l_call, 'http://xxx.oracle.com:8888/basic/MyWebService1SoapHttpPort');
UTL_DBWS.set_property(l_call, 'USERNAME', 'username');
UTL_DBWS.set_property(l_call, 'PASSWORD', 'pwd');
UTL_DBWS.set_property(l_call, 'OPERATION_STYLE', 'document');
UTL_DBWS.set_property(l_call, 'SOAPACTION_USE', 'true');
UTL_DBWS.set_property(l_call, 'SOAPACTION_URI', 'http://xxx.oracle.com:8888/basic/MyWebService1SoapHttpPort');
l_request := XMLTYPE('<Z_CENTRICITY_GET_DOCLIST
xmlns:urn="urn:sap-com:document:sap:rfc:functions">' ||
'<I_INCLUDE_OLD_VERSIONS></I_INCLUDE_OLD_VERSIONS>' ||
'<I_INSTITUTION>0001</I_INSTITUTION>' ||
'<I_PATIENT_NR>0000000181</I_PATIENT_NR>' ||
'</Z_CENTRICITY_GET_DOCLIST>');
l_result := UTL_DBWS.invoke(l_call, l_request);
UTL_DBWS.release_call (call_handle => l_call);
UTL_DBWS.release_service (service_handle => l_service);
EXCEPTION
WHEN OTHERS THEN
dbms_output.put_line(sqlcode || ' ' || sqlerrm);
END;
Hope this helps,
Yogesh -
Issue with calling an external web service using web service proxy
Hi,
I've created several web services using JDeveloper succesfully in the past, however I'm getting an issue with one that was working ok previously. Have spoken to the developers of the external web service and they say they haven't changed anything. Also if I test the external web service through soapUI for example it seems fine so it would seem that the issue is with the autogenerated code created by JDeveloper.
Basically I get the following exception as it sends the request to the external service:
java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Message send failed: Bad Authentication header format: 'Basic realm="Integration Server" encoding="UTF-8"'
Expected "," at position 33
The user name/password appear correct.
JDev version 10.1.3.42.70
Any ideas?
Many Thanks
Gary
Edited by: user10916721 on 08-May-2012 09:54Found the answer. Basically I had one proxy web service working and one not both linking to a middle tier written in web methods. THe issue actually ended up being with the web methods code in that the one web service (that was not working) was put together using a backwards compatability mode. Once this was switched back then started working again in JDev.
-
Web Service over SSL failing in BEA Workshop
I have deployed a web service on weblogic 9.2
I have enabled one-way ssl on it. got a trial ssl certificate from verisign. installed them on the keystore/truststore on the server as well as the jre (cacerts and jssecacerts truststores) being used by the client. the client is on different machine than the server.
i have developed the service through 'bea weblogic workshop 9.2' now when i try to test the service through the 'web services explorer' within bea weblogic workshop i receive the following error:
IWAB0135E An unexpected error has occurred.
IOException
sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
on server:
<Jul 13, 2009 6:45:44 PM EDT> <Warning> <Security> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from yunus.l1id.local - 10.10.2.72. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.>
if i try to access the web service (over ssl) through the browser (ie/firefox), it works fine. i have generated a proxy class to access this web service through the same bea workshop and that works fine too. certificates are identified and all. i also created a small .net (c#) application that calls this secure web service over ssl from another machine and it works fine too!
of course non-secure url for the web service is working fine in every case.
what can be the reason for this failing only in 'web services explorer' in bea workshop?
cross posted at: http://www.coderanch.com/t/453879/Web-Services/java/Web-Service-over-SSL-failing
thanks.Hello,
I used this example, when I made my experiments with SSL and Glassfish (GF):
http://java.sun.com/developer/EJTechTips/2006/tt0527.html#1
If you have problems with GF I suggest to post a message here:
http://forums.java.net/jive/forum.jspa?forumID=56
e.g. here is one thread:
http://forums.java.net/jive/thread.jspa?threadID=59993&tstart=0
Miro. -
Hi
In my scenario,we are sending plain request to web service using receiver sender adapter and PI will receive response as excel attachment. What are standard module required to achieve this and sequence? or checking Keep attachment box will help us to achieve this?
is it possible to receive excel sheet as attachment from receiver soap adapter ?
Thanks in AdvanceHi,
This issue might be due to the invalid .pem certificate file.
Make sure to include the beginning and end tags on each certificate.
The result should look like this:
-----BEGIN CERTIFICATE-----
(Your Primary SSL certificate: your_domain_name.crt)
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
(Your Intermediate certificate: DigiCertCA.crt)
-----END CERTIFICATE-----
For more detailed information, you could refer to:
https://www.digicert.com/ssl-support/pem-ssl-creation.htm
Regards -
Calling a web service through SSL via a stand alone java class
HI,
I am trying to call a web service through SSL via a simple stand alone java client.
I have imported the SSL certificate in my keystore by using the keytool -import command.
Basically I want to add a user to a group on the server. Say I add a user user 1 to group group 1 using an admin userid and password. All these values are set in an xml file which I send to the server while calling the server. I pass the web service URL, the soap action name and the xml to post as the command line arguments to the java client.
My xml file(Add.xml) that is posted looks like :
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:xsi = "http://www.w3.org/1999/XMLSchema-instance"
xmlns:SOAP-ENC = "http://schemas.xmlsoap.org/soap/encoding/"
xmlns:SOAP-ENV = "http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd = "http://www.w3.org/1999/XMLSchema"
SOAP-ENV:encodingStyle = "http://schemas.xmlsoap.org/soap/encoding/">
<SOAP-ENV:Body>
<namesp1:modifyGroupOperation xmlns:namesp1 = "/services/modifyGroup/modifyGroupOp">
<auth>
<user>adminUser</user>
<password>adminPassword</password>
</auth>
<operationType>ADD</operationType>
<groupName>group1</groupName>
<users>
<userName>user1</userName>
</users>
</namesp1:modifyGroupOperation>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I call the client as:
java PostXML https://com.webservice.com/services/modifyGroup "/services/modifyGroup/modifyGroupOp" Add.xml
I my client, I have set the following:
System.setProperty("javax.net.ssl.keyStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.keyStorePassword", "password");
System.setProperty("javax.net.ssl.trustStore", "C:\\Program Files\\Java\\jre1.5.0_12\\lib\\security\\cacerts");
System.setProperty("javax.net.ssl.trustStorePassword", "password");
But when I try to execute the java client, I get the following error:
setting up default SSLSocketFactory
use default SunJSSE impl class: com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl is loaded
keyStore is : C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
keyStore type is : jks
keyStore provider is :
init keystore
init keymanager of type SunX509
trustStore is: C:\Program Files\Java\jre1.5.0_12\lib\security\cacerts
trustStore type is : jks
trustStore provider is :
init truststore
adding as trusted cert:
init context
trigger seeding of SecureRandom
done seeding SecureRandom
instantiated an instance of class com.sun.net.ssl.internal.ssl.SSLSocketFactoryImpl
main, setSoTimeout(0) called
main, setSoTimeout(0) called
%% No cached client session
*** ClientHello, TLSv1
RandomCookie: GMT: .....
Compression Methods: { 0 }
[write] MD5 and SHA1 hashes: len = 73
main, WRITE: TLSv1 Handshake, length = 73
[write] MD5 and SHA1 hashes: len = 98
main, WRITE: SSLv2 client hello message, length = 98
[Raw write]: length = 100
[Raw read]: length = 5
[Raw read]: length = 58
main, READ: TLSv1 Handshake, length = 58
*** ServerHello, TLSv1
%% Created: [Session-1, SSL_RSA_WITH_RC4_128_MD5]
** SSL_RSA_WITH_RC4_128_MD5
[read] MD5 and SHA1 hashes: len = 58
[Raw read]: length = 5
[Raw read]: length = 5530
main, READ: TLSv1 Handshake, length = 5530
*** Certificate chain
chain [0] = ...
chain [1] = ...
chain [2] = ...
chain [3] = ...
main, SEND TLSv1 ALERT: fatal, description = certificate_unknown
main, WRITE: TLSv1 Alert, length = 2
[Raw write]: length = 7
0000: 15 03 01 00 02 02 2E .......
main, called closeSocket()
main, handling exception: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
main, called close()
main, called closeInternal(true)
Exception in thread "main" javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.c
ertpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Unknown Source)
at com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Unknown Source)
at com.sun.net.ssl.internal.ssl.Handshaker.process_record(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(Unknown Source)
at com.sun.net.ssl.internal.ssl.SSLSocketImpl.writeRecord(Unknown Source)
at com.sun.net.ssl.internal.ssl.AppOutputStream.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(Unknown Source)
at java.io.BufferedOutputStream.flush(Unknown Source)
at org.apache.commons.httpclient.methods.EntityEnclosingMethod.writeRequestBody(EntityEnclosingMethod.java:506)
at org.apache.commons.httpclient.HttpMethodBase.writeRequest(HttpMethodBase.java:2110)
at org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1088)
at org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
at org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
at org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:323)
at PostXML.main(PostXML.java:111)
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find v
alid certification path to requested target
at sun.security.validator.PKIXValidator.doBuild(Unknown Source)
at sun.security.validator.PKIXValidator.engineValidate(Unknown Source)
at sun.security.validator.Validator.validate(Unknown Source)
at com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(Unknown Source)
at com.sun.net.ssl.internal.ssl.JsseX509TrustManager.checkServerTrusted(Unknown Source)
... 18 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
at sun.security.provider.certpath.SunCertPathBuilder.engineBuild(Unknown Source)
at java.security.cert.CertPathBuilder.build(Unknown Source)
... 23 more
I do not know where I have gone wrong. Could someone point out my mistake.
Thanks In advance!Hi jazz123,
There's an example in the [*Java Web Services Tutorial*|http://java.sun.com/webservices/docs/2.0/tutorial/doc/] : see Chapter 1: Building Web Services with JAX-WS - A Simple JAX-WS Client. -
BAD_CERTIFICATE error calling a web service over SSL in ALSB 2.6
We have a business service on an ALSB 2.6 server (running on WL 9.2.1) that connects to a web service over SSL. When we try to run it, we get the following exception:
<Sep 17, 2009 7:49:17 AM PDT> <Error> <ALSB Kernel> <BEA-380001> <Exception on TransportManagerImpl.sendMessageToService, com.bea.
wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
com.bea.wli.sb.transports.TransportException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.bea.wli.sb.transports.TransportException.newInstance(TransportException.java:146)
at com.bea.wli.sb.transports.http.HttpOutboundMessageContext.send(HttpOu
tboundMessageContext.java:310)
at com.bea.wli.sb.transports.http.HttpsTransportProvider.sendMessageAsync(HttpsTransportProvider.java:435)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
Truncated. see log file for complete stacktrace
javax.net.ssl.SSLKeyException: FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireException(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.fireAlertSent(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
Truncated. see log file for complete stacktrace
This exception only occurs when hitting the web service through the bus. I have written a standalone Java application that posts to the web service and it works fine. I ran the application on the server where the ALSB is running using the same jdk (1.5.0_06 - the version that ships with 9.2.1) and the same cacerts file so I know it's not a problem with the certificate not being trusted. I have tried updating the cacerts file to the latest one distributed with JRE 1.6 and it still doesn't work.
After 8 hours of troubleshooting, I'm out of ideas. Does anyone have any suggestiosn?
Thanks.
Matt
Edited by: user6946981 on Sep 17, 2009 7:58 AMAre you sure that your standalone application is using the same keystore (eg. cacert)? Default WebLogic configuration uses different keystore (demo).
I saw BAD_CERTIFICATE error only once and the cause was in keytool that somehow corrupted certificate during import. Deleting and importing certificate again helped me, but I doubt you have the same problem as your standalone application works.
Another idea ... Is hostname varification used? I know that the error message would look different if this was the cause, but try to add this parameter to your weblogic startup script: -Dweblogic.security.SSL.ignoreHostnameVerification=true
Last but not least, there is difference between your standalone application and ALSB runtime as WebLogic uses Certicom SSL provider. If you don't find the reason, contact Oracle support. Maybe they can help you to tweak Certicom provider in some way. -
How to invoke a web service using https
Hi,
I have a few security related questions surrounding BPEL process manager.
1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
2. If not, what needs to be done to enable accessing a https based web service?
3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
Thanks,
Pranav1. Does the BPEL engine have the capability to invoke a web service using https (HTTP over SSL)? Does it automatically do that if partner link URI starts with https:// ?
We currently don't have support for HTTP over SSl. We are working on it to include this functionality in near future.
2. If not, what needs to be done to enable accessing a https based web service?
I am not sure it is possible with current product offering. I will confirm it after discussing with our concerned development group. There is some work going to integrate with Oblix security mechanism [recently acquired by Oracle].
3. I need to write a web service that accepts a message and updates certain information in the database. The web service will be deployed in an OC4J instance in Oracle App Server. We want to allow the web service to be accessed from BPEL only by users registered in the database. What is the recommended way to pass username and password to a webservice if service is invoked from BPEL process manager? Note that specifying username/password in bpel.xml is not an option.
This will be easier to do if we can use Oblix along with BPEL PM. Could you please let us know more about your application so that we can provide you the customized solution till it's part of the product. You can send this query to [email protected] so that our product management team can give you more detailed roadmap regarding this.
HTH.
Thanks,
Rakesh -
Calling a web-service using JAX-WS client on the browser
Hi,
I created a basic web-service using netbeans/glassfish, which can be successfully called from a JavaFX application running stand-alone.
But when I try to run the same JavaFX application on a browser, the web-service call does not work, and it is hard to get any information on where it is failing.
I can see the error is a Throwable (not an Exception), but the message is null.
What are the restrictions on being able to call a webservice using the JAX-WS libraries? Are there security issues? I am not using the javafx HTTP libraries.
Also, if Java1.6u10 is available on the machine running the browser, do I still need to package all the JAX-WS libraries for the client?
Any help is appreciated, even if it is just about how to track down the problem.Thank you very much for responding.
There was no error due to WebService. Actually, I was using xmlbeans and I did not put those xmlbeans jar files into appropriate place. That is what caused the problem. I have solved it now and it is working fine.
I put those xmlbeans jar files into my war file. It is working. Earlier, I had put them in tomcat 5.5's shared/lib directory. It was not working.
Thank you once again for replying.
Sasi. -
Web service client behind a proxy server connecting to web service over SSL
Hi Friends,
A web service is exposed by an external system over SSL. We are behind a proxy server and are trying to get connected to web service over SSL. <p>
We are getting the following error on the test browser of workshop<p><p>
External Service Failure: FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters.<p><p>
the whole trace is <p>
<p>JDIProxy attached
<Sep 24, 2005 9:27:25 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl:salesExpertServiceControl; Method=creditcheckcontr
ol.SalesExpertServiceControl.doCreditVerification(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=creditCheckCtrl; Method=creditcheckcontrol.CreditCheck.testCreditC
heck(); Failure=com.bea.control.ServiceControlException: SERVICE FAULT:
Code:javax.net.ssl.SSLHandshakeException
String:FATAL Alert:HANDSHAKE_FAILURE - The handshake handler was unable to negotiate an acceptable set of security parameters
Detail:
END SERVICE FAULT [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Warning> <WLW> <000000> <Id=top-level; Method=processes.CreditCheck_wf.$__clientRequest(); Fai
lure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled process exception [ServiceException]>
<Sep 24, 2005 9:27:26 AM EDT> <Error> <WLW> <000000> <Failure=com.bea.wli.bpm.runtime.UnhandledProcessException: Unhandled pr
ocess exception [ServiceException]><p>
I am not able to make out what could be possibly wrong. Please let me know if you guys have any ideas about how to resolve it.
Thanks
Sridhardid you resolve this problem. I am looking at the same issue. If you did I would really appreciate your response.
Thanks.
Maybe you are looking for
-
Hosting Zenworks 7 Application Files On Windows Server?
Hi, Background: We currently host our Zenworks packages on Netware 6.5 servers. Our Zen7 is also installed on a Netware 6.5 server so we are running Novell Client 4.91 SP2 and the Zenworks agent on our Windows XP SP3 desktops (no middle tier). We are
-
Workspace 11.1.1.3 can't open Task-list in Basic mode
Hi, I'm using EPM 11.1.1.3 on Weblogic 9.23, MS SQL, Win2003R2 EE User's task list has been created and successfully opened by user in Planning and Workspace (Advanced mode). He'd like to open this task list in Workspace (Basic mode). Workspace get e
-
Cant open Office, or office files, even after re-istall of Office 2008. Keep getting Microsoft Error Reporting message box.
-
Advantage of Oracle Database Firewall
Hi I am newbie to Database Firewall. One of our client is already using SecureSphere Database Firewall. Now we are proposing Oracle Database firewall to the client so that we need to know the advantage of oracle database firewall compared to securesp
-
How to get event from message?
Hi,All: I write a run-time interface by CVI, I use TS_EngineRegisterUIMessageCallback to register my callback function, but when message passed to the callback function, as the type is struct IDispatch but not CAObjHandle, I don't know how to read ev