WLS 7.0 security sample providers available on dev2dev

Sample providers for auditing, authentication, identity assertion,
authorization, and role mapping are now available on dev2dev at
http://dev2dev.bea.com/code/codedirect.jsp?highlight=codedirect
- Neil

Good job, Neil.
The sample does not show PrincipalValidator. Do you know of any example of it?
If not, can you provide one?
Much appreciated
chuck
Neil Smithline <[email protected]> wrote:
Sample providers for auditing, authentication, identity assertion,
authorization, and role mapping are now available on dev2dev at
http://dev2dev.bea.com/code/codedirect.jsp?highlight=codedirect
- Neil

Similar Messages

  • Problem configing WLS 9 WS Security samples w/ new keys

    I am trying to modify the WebLogic "samples" webservices/security_jws example in Weblogic 9 to use a user-defined keystore and keytool generated keys and certs. So far I have modified to code to pull encoded certs from a keystore instead of the provided sample *.der files for cert and private keys. I use a different constructor as follows: ClientBSTCredentialProvider(X509Certificate, PrivateKey, X509Certificate); I build the X509Certificate by pulling certs from a JKS keystore:
    java.security.cert.CertificateFactory cf = java.security.cert.CertificateFactory.getInstance("X.509");          
    Certificate c1 = keystore.getCertificate(certAlias);
    java.io.ByteArrayInputStream bais1 = null;
    try {
    bais1 = new java.io.ByteArrayInputStream(c1.getEncoded());                    
    serverCertificate = (X509Certificate)cf.generateCertificate(bais1);
    } finally {bais1.close();}
    I have configured Web Service Security in the domain using "default_wss". I have configured Confidentiality and Integrity settings pointing to file system-based keystores of integrity.jks and confidentiality.jks. Passphrases are checked for encrypt. I assume I need to use my alias instead of the instruction's "Bob" and passphrase of "true". I have added my client's cert to the JDK's cacerts as a trusted cert. I have imported the server identity cert to the client.jks
    The server and client build and deploy. When I run the client I get the following error. I have also tried creating an X509 TokenHandler and adding X509 to my security realm's IdentityAsserter using Default Mapper.
    I am not using a Certificate Authority signed cert.
    Should I be using *.der files and BEA CA signed certs with BEA supplied key generator?
    [java] </detail>]; nested exception is:
    [java] javax.xml.rpc.soap.SOAPFaultException: weblogic.xml.crypto.wss.WSSecurityException: weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.
    [java] at examples.webservices.security_jws.client.SecureHelloWorldPortType_Stub.sayHello(SecureHelloWorldPortType_Stub.java:37)
    [java] at examples.webservices.security_jws.SecureHelloWorldClient.main(SecureHelloWorldClient.java:154)
    [java] Caused by: javax.xml.rpc.soap.SOAPFaultException: weblogic.xml.crypto.wss.WSSecurityException: weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instantiated.weblogic.xml.crypto.encrypt.api.XMLEncryptionException: com.rsa.jsafe.JSAFE_PaddingException: The input requires padding, but NoPad was instanti
    ated.

    Hello,
    I have a problem quite similar but regarding to sending multipart messages using Oracle ESB 10.1.3.4 with Oracle Application Server 10.1.3.4.
    Concretely, I have virtualized a Web Service by using an ESB service flow with a Routing Service and SOAP Service elements and where the used WSDL defines multipart messages. What do you believe that the result has been? A soap request message with only one part. Obviously, the responses are incorrect for most of the operations.
    Have you found something for fixing it?
    A little help would be appreciated!
    Kind Regards.

  • JWSDP 1.5: Certificates for XWS-Security samples expired April 9

    The digitial certificates supplied with the XWS-Security samples in JWSDP 1.5 (e.g., JWSDP_HOME/xws-security/etc/client-truststore.jks) expired April 9, 2005. The XWSS sample programs now fail because the certificates are invalid. Are newer versions of the truststores available to replace the existing truststores, or do I need reinstall JWSDP to get newer certificates?
    Thanks,
    Mike

    I am having the same problem. I tried creating my own RSA keys with the same aliases, self signing them and putting them into the key/trust stores but still get errors. What procedure is there to replace them? Included below are my steps for dropping the certs and adding in new self signed ones, that I tried.
    Josh
    keytool -delete -keystore server-keystore.jks -alias s1as -storepass changeit
    keytool -delete -keystore client-truststore.jks -alias s1as -storepass changeit
    keytool -genkey -keyalg RSA -alias s1as -keystore server-keystore.jks -dname "cn=Client" -keypass changeit -storepass changeit
    keytool -selfcert -alias s1as -keystore server-keystore.jks -keypass changeit -storepass changeit
    keytool -export -keystore server-keystore.jks -alias s1as -storepass changeit -file s1as
    keytool -import -alias s1as -keystore client-truststore.jks -storepass changeit -file s1as
    keytool -delete -keystore client-keystore.jks -alias xws-security-client -storepass changeit
    keytool -delete -keystore server-truststore.jks -alias xws-security-client -storepass changeit
    keytool -genkey -keyalg RSA -alias xws-security-client -keystore client-keystore.jks -dname "cn=Client" -keypass changeit -storepass changeit
    keytool -selfcert -alias xws-security-client -keystore client-keystore.jks -keypass changeit -storepass changeit
    keytool -export -keystore client-keystore.jks -alias xws-security-client -storepass changeit -file xws-security-client
    keytool -import -alias xws-security-client -keystore server-truststore.jks -storepass changeit -file xws-security-client

  • Compilation error- xws-security sample aplication for signing

    hi
    I tried to run the sample application (xws-security) in JWSDP 1.6 but i am getting the following error.
    [echo] Running wscompile....
    [wscompile] C:\Sun\jwsdp-2.0\xws-security\samples\simple\build\server\WEB-INF\c
    asses\simple\PingService.java:10: cannot access java.lang.Object
    [wscompile] bad class file: C:\Sun\AppServer\jdk\jre\lib\rt.jar(java/lang/Objec
    .class)
    [wscompile] class file has wrong version 49.0, should be 48.0
    [wscompile] Please remove or make sure it appears in the correct subdirectory o
    the classpath.
    [wscompile] public interface PingService extends javax.xml.rpc.Service {
    [wscompile] ^
    [wscompile] 1 error
    [wscompile] error: compilation failed, errors should have been reported

    it worked ....thank you ghstark

  • Struts Security Sample

    I am attempting to run the Struts Security Sample and am getting a Error: invalid node name (null). I have commented out the error code as suggested in the readme.html file, compiled and then removed my comments. I get this error when I try to run the logon action per the instructions. Any ideas on what else to check for this error?
    Thanks!

    No the file is at the workspace level not the viewcontroller project level.
    The exception to this is that you can place a copy of jazn-data.xml in the meta-inf directory of a project. We do this in SRDemo for example to make it simple to distribute the credentials with the sample - however - this is not normal as you'd never normally distribute credentials as part of the application - Demos are a special case.
    So check your workspace root directory.
    If in doubt use a tool like filemon.exe from sysinternals.com to see where JDeveloper is writing to.

  • Weblogic Integration Sample is available for download from developer site

    Hi, All,
    The Weblogic Integration 2.0 Sample is available for download from the
    developer site:
    http://developer.bea.com/ftp_bin/download/code/wliSample_1.zip
    This sample shows how to develop a standard based integration solution
    within and across enterprises using the key functionalities of the WebLogic
    Integration 2.0, including Business Process Management (BPM), Enterprise
    Information System (EIS) connectivity, inter-enterprise collaboration
    (B2Bi), and XML/non-XML data transformation.
    Chunbo Huang
    BEA System

    It shoud not took 3 hours. Normally, you expect wait for 1 -2 minutes.
    For your case, I suggest to
    (1)run the cleanWF.cmd script then shutdown the server
    (2)restart the server
    (3) run cleanWF again
    (4) run the sample.
    let me know if you still have problems
    Chunbo
    "Chris Stead" <[email protected]> wrote in message
    news:[email protected]..
    Chunbo/Henry,
    While running the WLI sample, I have been waiting for a QPA Reponse frommy
    suppliers for about three hours, is this expected behavior? I havechecked the
    weblogic.log file and there are no exceptions. I seem to be stuck on the
    "Check QPA Reponse" screen. This was addressed briefly in the user guide,
    however, it didn't say how long you should wait. Please advise, thanks.
    Cheers,
    Chris
    Chunbo Huang wrote:
    Hi, All,
    The Weblogic Integration 2.0 Sample is available for download from the
    developer site:
    http://developer.bea.com/ftp_bin/download/code/wliSample_1.zip
    This sample shows how to develop a standard based integration solution
    within and across enterprises using the key functionalities of the
    WebLogic
    Integration 2.0, including Business Process Management (BPM),Enterprise
    Information System (EIS) connectivity, inter-enterprise collaboration
    (B2Bi), and XML/non-XML data transformation.
    Chunbo Huang
    BEA System

  • Errors trying to run the xws-security sample app

    Hi all,
    I'm geting errors trying to compile the xws-security sample app, does anyone have any advice? Thanks in advance!
    [kerzhner@kerzhner]~/jwsdp-1.5/xws-security/samples/simple% ant run-sample Buildfile: build.xml
    clean:
    [delete] Deleting directory /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build
    [delete] Deleting directory /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/dist
    as8-check:
    ws-check:
    tc-check:
    [mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/client/classes
    [mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/server/WEB-INF/classes
    [mkdir] Created dir: /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/dist
    compile-handler-code:
    [echo] Compiling the handler source code
    [javac] Compiling 1 source file to /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build/server/WEB-INF/classes
    [javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:0: error: malformed .zip archive in CLASSPATH: /home/kerzhner/jdk1.5.0_03/lib/tools.jar/
    [javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:25: error: Class or interface `java.security.cert.X509CertSelector' not found in import.
    [javac] import java.security.cert.X509CertSelector;
    [javac] ^
    [javac] /home/kerzhner/jwsdp-1.5/xws-security/samples/simple/src/com/sun/xml/wss/sample/SecurityEnvironmentHandler.java:535: error: Type `X509CertSelector' not found in the declaration of the local variable `certSelector'.
    [javac] X509CertSelector certSelector = new X509CertSelector();
    [javac] ^
    [javac] 2 errors
    BUILD FAILED
    file:/home/kerzhner/jwsdp-1.5/xws-security/samples/simple/build.xml:68: Compile failed; see the compiler error output for details.

    Resolved. It was a space issue. Deleted a couple of old apps and have now installed the Sample Websheet Application.

  • Will the security update be available for IOS 6?

    Will the security update be available for IOS 6?

    linrey wrote:
    Not so - Apple says they have release iOS 6.1.6 to address the security problem. However no one seems to know how to get it since every request for an update only offers iOS 7. Very strange...
    Nothing strange about it.  iOS update only allows the installation of the latest release based on the hardware it detects you are using.  The 6.1.6 update is only available to those devices that CANNOT run iOS 7, like the iPhone 3Gs.  For any device capable of running iOS 7, the iOS update system will ONLY offer the option of updating to iOS 7.0.6, regardless of whether the device is still running iOS 6 at the time you try to update it.
    That is how the iOS update system has always worked - you simply cannot update to a lesser iOS release then the most recent for your particular hardware.

  • Nokia 5310 : secure connection not available

    when i try to download a gain using the nokia.com bit in applications: games i can get on line and browse thro some games but when i try to download them it always comes up secure connection not available. i only want sudoku or something similar nothing complicated.

    you must change the resolution to 640x480 or smaller to take advantage of image sequence.  at it's highest setting of 640x480, you only get three images in sequence.  at the smallest, 160x120, you get six images in sequence, the sequences of images is placed in a folder in your image gallery.

  • Secure Connection not Available E71

    Hi,
    I have nokia E71
     When clicking to local SharePoint site, I get:
    Web: Secure connection not available    :robotsad:
    Thanks

    I am getting this error on N97 mini. Can some one help me to get rid of this?
    Thanks,
    Gopichand Pai

  • Jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed

    Hi everyone,
    I am trying to deploy the simple sample for xws-security in the JWSDP 1.4 on redhat 9.0, I have done all the configurations as suggested by the tutorial and the readme file in the sample. But when I tried to run the sample by running "asant run-sample", I got a "wsdeploy failed" error. It looks like the following and happened at the "process-war" stage: (The earlier targets including "clean", "prepare", "gen-server", "compile-server", " set-web-inf", "raw-war" etc. work fine).
    [snip]
    process-war:
    [echo] Running wsdeploy...
    [wsdeploy] Exception in thread "main" java.lang.NoSuchMethodError: org.apache.xml.dtm.ref.sax2dtm.SAX2DTM.<init>(Lorg/apache/xml/dtm/DTMManager;Ljavax/xml/transform/Source;ILorg/apache/xml/dtm/DTMWSFilter;Lorg/apache/xml/utils/XMLStringFactory;ZIZZ)V
    [wsdeploy] at org.apache.xml.dtm.ref.sax2dtm.SAX2DTM2.<init>(SAX2DTM2.java:1901)
    [wsdeploy] at org.apache.xalan.xsltc.dom.SAXImpl.<init>(SAXImpl.java:767)
    [wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:324)
    [wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:267)
    [wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.getDOM(TransformerImpl.java:477)
    [wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:637)
    [wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:317)
    [wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.defineServletsAndListeners(DeployTool.java:553)
    [wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.run(DeployTool.java:255)
    [wsdeploy] at com.sun.xml.rpc.util.ToolBase.run(ToolBase.java:43)
    [wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.Main.main(Main.java:22)
    [wsdeploy] Command invoked: /work/nzw3/SUNWappserver/jdk/jre/bin/java -classpath /work/nzw3/SUNWappserver/lib/endorsed/dom.jar:/work/nzw3/SUNWappserver/lib/endorsed/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/endorsed/xalan.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/ant/lib/ant.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xml-apis.jar:/work/nzw3/SUNWappserver/lib/ant/lib/optional.jar:/work/nzw3/SUNWappserver/lib/soapprocessor.jar:/work/nzw3/SUNWappserver/lib/jaxr-api.jar:/work/nzw3/SUNWappserver/lib/saaj-api.jar:/work/nzw3/SUNWappserver/lib/activation.jar:/work/nzw3/SUNWappserver/lib/security-plugin.jar:/work/nzw3/SUNWappserver/lib/jaxb-xjc.jar:/work/nzw3/SUNWappserver/lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jhall.jar:/work/nzw3/SUNWappserver/lib/xmlsec.jar:/work/nzw3/SUNWappserver/lib/j2ee-svc.jar:/work/nzw3/SUNWappserver/lib/deployment/sun-as-jsr88-dm.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-sec.jar:/work/nzw3/SUNWappserver/lib/mail.jar:/work/nzw3/SUNWappserver/lib/appserv-admin.jar:/work/nzw3/SUNWappserver/lib/jaxb-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-cmp.jar:/work/nzw3/SUNWappserver/lib/appserv-jstl.jar:/work/nzw3/SUNWappserver/lib/jaxb-libs.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/namespace.jar:/work/nzw3/SUNWappserver/lib/jaxr-impl.jar:/work/nzw3/SUNWappserver/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-spi.jar:/work/nzw3/SUNWappserver/lib/verifier/verifierhelp.jar:/work/nzw3/SUNWappserver/lib/xalan.jar:/work/nzw3/SUNWappserver/lib/appserv-upgrade.jar:/work/nzw3/SUNWappserver/lib/appserv-assemblytool.jar:/work/nzw3/SUNWappserver/lib/deployhelp.jar:/work/nzw3/SUNWappserver/lib/j2ee.jar:/work/nzw3/SUNWappserver/lib/xmldsig.jar:/work/nzw3/SUNWappserver/lib/commons-logging.jar:/work/nzw3/SUNWappserver/lib/saaj-impl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-tags.jar:/work/nzw3/SUNWappserver/lib/appserv-ext.jar:/work/nzw3/SUNWappserver/lib/relaxngDatatype.jar:/work/nzw3/SUNWappserver/lib/admin-cli.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-api.jar:/work/nzw3/SUNWappserver/lib/jsf-api.jar:/work/nzw3/SUNWappserver/lib/jaxb-api.jar:/work/nzw3/SUNWappserver/lib/install/applications/__cp/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__ds/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__xa/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/jmsra/imqjmsra.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/cc.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admingui-jsp.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/jato.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-xml.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/help.jar:/work/nzw3/SUNWappserver/lib/install/applications/samples.jar:/work/nzw3/SUNWappserver/lib/install/applications/com_sun_web_ui/WEB-INF/lib/registrationservlet.jar:/work/nzw3/SUNWappserver/lib/install/applications/jaxr-ra/jaxr-ra.jar:/work/nzw3/SUNWappserver/lib/commons-launcher.jar:/work/nzw3/SUNWappserver/lib/jsf-impl.jar:/work/nzw3/SUNWappserver/lib/sun-appserv-ant.jar:/work/nzw3/SUNWappserver/lib/appserv-rt.jar:/work/nzw3/SUNWappserver/lib/xsdlib.jar:/work/nzw3/j2sdk1.4.2_04/lib/tools.jar com.sun.xml.rpc.tools.wsdeploy.Main -keep -tmpdir /work/nzw3/jwsdp-1.4/xws-security/samples/simple/build/server -o /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/securesimple.war /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/simple-portable.war
    BUILD FAILED
    file:/work/nzw3/jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed
    If anyone has any idea about this problem, please let me know.
    Many thanks,
    Jake

    Hello again,
    I got progress today, but still have some errors for the simple sample in the xws-security . (I am running on Redhat 9.0 and with Sun Java System Application Server 8) Looks like the sending message is ok, but at the receiving message stage, I got the following errors when running "asant run-sample":
    [snip]
    run-sample:
    [echo] Running the simple.TestClient program....
    [java] Service URL=http://giga15.ncl.ac.uk:8080/securesimple/Ping
    [java] Sep 8, 2004 1:14:19 AM com.sun.xml.wss.filter.DumpFilter process
    [java] INFO: ==== Sending Message Start ====
    [java] <?xml version="1.0" encoding="UTF-8"?>
    [java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    [java] <env:Header>
    [java] <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
    [java] <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="Id4487442798885738858">MIIFKDCCBBCgAwIBAgICBl4wDQYJKoZIhvcNAQEEBQAwcDELMAkGA1UEBhMCVUsxETAPBgNVBAoT
    [java] CGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZIhvcNAQkB
    [java] Fh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWswHhcNMDQwMjEwMTQzMDUyWhcNMDUwMjA5
    [java] MTQzMDUyWjBcMQswCQYDVQQGEwJVSzERMA8GA1UEChMIZVNjaWVuY2UxEjAQBgNVBAsTCU5ld2Nh
    [java] c3RsZTEPMA0GA1UEBxMGTkVSZVNDMRUwEwYDVQQDEwxqYWtlIHpoZW5nd3UwgZ8wDQYJKoZIhvcN
    [java] AQEBBQADgY0AMIGJAoGBAO7B3texMjuzdA6zT6/F/hx3U4a+iWglhNWptB3JerhHHu7El0HkWky0
    [java] 9AzYVKZ7Y3n5qpgmSOe16a2MKySii5ud44DABj+3qkRBzkb/LDgNuF02X/XORbFbuZYEWwCHckZI
    [java] xQ50vJpdxJQqLOwrhMP48RXNBzrdXo9iYfcWP5cnAgMBAAGjggJiMIICXjAMBgNVHRMBAf8EAjAA
    [java] MBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA+gwLAYJYIZIAYb4QgENBB8WHVVLIGUt
    [java] U2NpZW5jZSBVc2VyIENlcnRpZmljYXRlMB0GA1UdDgQWBBRlyb19GkybkmGa6QnQ9fPZ7mQ+NzCB
    [java] mgYDVR0jBIGSMIGPgBQCOKsRo5aAiw3TFSsIpY4w2rLaqKF0pHIwcDELMAkGA1UEBhMCVUsxETAP
    [java] BgNVBAoTCGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZI
    [java] hvcNAQkBFh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWuCAQAwKQYDVR0SBCIwIIEeY2Et
    [java] b3BlcmF0b3JAZ3JpZC1zdXBwb3J0LmFjLnVrMBkGA1UdIAQSMBAwDgYMKwYBBAHZLwEBAQEEMD0G
    [java] CWCGSAGG+EIBBAQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4vaW1wb3J0
    [java] Q1JMMD0GCWCGSAGG+EIBAwQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4v
    [java] aW1wb3J0Q1JMMDwGCWCGSAGG+EIBBwQvFi1odHRwOi8vY2EtcmVuZXcuZ3JpZC1zdXBwb3J0LmFj
    [java] LnVrL3JlbmV3Lmh0bWwwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NhLmdyaWQtc3VwcG9ydC5h
    [java] Yy51ay9jZ2ktYmluL2ltcG9ydENSTDANBgkqhkiG9w0BAQQFAAOCAQEAgdN714aoC53Wef9JGaDD
    [java] PDJkmgmwVbL8ZuovBpORFsgy2GOPgIdtw15qTQx1NFbsFqW2I7d/9AteeXAk3sUGUODOvq8loeYB
    [java] iA+QofduwJ0VWO8TZ0e+7+J3cDQKbsukptRJd2L2W8PeCNPojCRkfiV/nT6BiF5yjh4Ui5e+pWGw
    [java] t3oN1qFDZViCFOTiB6Koi0MB+cu47gOEIxBQfP8jTEyf/SSy4RzjI+7C1LpDYCZpO/jqXMb67j9b
    [java] KdcmlWhMrzNOyRDM7A11rt5nBMABgRVAJsdBZIDevfKJ/kRGxUHGHqf8Pg+3qK22mNwMN8U2plr7
    [java] TgORAx6aOn4EQP2AzA==</wsse:BinarySecurityToken>
    [java] <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    [java] <ds:SignedInfo>
    [java] <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    [java] <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
    [java] <ds:Reference URI="#Id5553294937503469412">
    [java] <ds:Transforms>
    [java] <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
    [java] </ds:Transforms>
    [java] <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
    [java] <ds:DigestValue>AcRqiIoxfOWauZ/FDnng4D1C5WU=</ds:DigestValue>
    [java] </ds:Reference>
    [java] </ds:SignedInfo>
    [java] <ds:SignatureValue>
    [java] omVS7TF+IqESZuMcRdsFfet8INaU4J9Vall1oGaPMRoEkc9xks+YK2ew4nG7hSekITwJrQLx42hH
    [java] Vb6HvEdWgsIrjOJslqQILQkYU7qdoptb6OEgY5lHQpjUJaTKNn4krsDXgpwZieQE45Gcu/zuP4eY
    [java] v8yMhUwVUE8xHy+6dLs=
    [java] </ds:SignatureValue>
    [java] <ds:KeyInfo>
    [java] <wsse:SecurityTokenReference>
    [java] <wsse:Reference URI="#Id4487442798885738858" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
    [java] </wsse:SecurityTokenReference>
    [java] </ds:KeyInfo>
    [java] </ds:Signature>
    [java] </wsse:Security>
    [java] </env:Header>
    [java] <env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id5553294937503469412">
    [java] <ns0:Ping>
    [java] <ns0:ticket>SUNW</ns0:ticket>
    [java] <ns0:text>Hello !</ns0:text>
    [java] </ns0:Ping>
    [java] </env:Body>
    [java] </env:Envelope>
    [java] ==== Sending Message End ====
    [java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.DumpFilter process
    [java] INFO: ==== Received Message Start ====
    [java] <?xml version="1.0" encoding="UTF-8"?>
    [java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    [java] <env:Body>
    [java] <env:Fault>
    [java] <faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:InvalidSecurityToken</faultcode>
    [java] <faultstring>Certificate validation failed</faultstring>
    [java] </env:Fault>
    [java] </env:Body>
    [java] </env:Envelope>
    [java] ==== Received Message End ====
    [java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.ProcessSecurityHeaderFilter process
    [java] WARNING: Message does not contain wsse:Security header
    [java] Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Certificate validation failed
    [java] at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:515)
    [java] at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
    [java] at simple.PingPort_Stub.ping(PingPort_Stub.java:80)
    [java] at simple.TestClient.main(TestClient.java:37)
    [java] Java Result: 1
    I don't know if I have configured anything wrong. Basically, i just want to sign the outgoing soap message with my own p12 format certificate, hence I have chosen the following in the $JWSDP_HOME/xws-security/samples/simple/build.properties :
    client.security.config=config/sign-client.xml
    server.security.config=config/dump-server.xml
    Also, according to the last section of the jWSDP release notes at http://java.sun.com/webservices/docs/1.4/ReleaseNotes.html#KnownIssues
    I added these two changes,
    1. In the <jwsdp.home>/xws-security/samples/buildconfig/sjsas-config.xml file, delete the original .... app.classpath element definition and replace it with the following definition:
    <path id="app.classpath">
    <fileset dir="${sjsas.home}/lib/endorsed">
    <include name="dom.jar"/>
    </fileset>
    <fileset dir="${sjsas.home}/lib">
    <include name="*.jar"/>
    </fileset>
    <fileset dir="${javahome}/lib">
    <include name="tools.jar"/>
    </fileset>
    </path>
    2. In the <as.home>/domains/domain1/config/server.policy file, add the following configurations to the server.policy file, for the securesimple sample and pingservice samples, respectively.
    // These permissions apply to securesimple webapp grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/securesimple/WEB-INF/-" {
    permission javax.security.auth.AuthPermission "modifyPrincipals";
    permission javax.security.auth.AuthPermission "modifyPublicCredentials"; permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
    permission javax.security.auth.AuthPermission "getSubject";
    permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.x500.X500PrivateCredential * \"*\"","read";
    permission java.security.SecurityPermission "putProviderProperty.BC";
    Moreover, has the sent message really been signed correctly? how can I tell the message has been signed by my own certificate? I have done the following:
    1. In the $JWSDP_HOME/xws-security/samples/simple/config/sign-client.xml, change to
    <xwss:SecurityConfiguration
    xmlns:xwss="http://com.sun.xml.wss.configuration" dumpMessages="true">
    <xwss:Sign/>
    </xwss:SecurityConfiguration>
    2. In the $JWSDP_HOME/xws-security/samples/simple/config/build.xml, change to something like the following in the run-sample target,
    <sysproperty key="javax.net.ssl.keyStore" value="/work/nzw3/jakenew.p12"/>
    <sysproperty key="javax.net.ssl.keyStorePassword" value="jake"/>
    <sysproperty key="javax.net.ssl.keyStoreType" value="pkcs12"/>
    I didn't change anything about truststore.
    What was the problem? What have I done wrong?
    Many thanks,
    Jake

  • Web Services Security Sample

    I colud not understand that:
    "9.The mail also contains links to the Root Certificate using whose key your Certificate was signed. Follow the link and click Accept. This install the root
    certificate in your browser.(Use Internet Explorer)."
    in the Web Services Security Sample Installation.
    Is there clear info for this and "Get a Client Certificate"?
    Thanks...

    When you get the certificate client certificate from Verisign( or any certificate authority), you also need a root certificate from Verisign which says that this client certificate was given by Verisign.
    When you provide all your info to Verisign (along with certificate request) you get the client certificate to your email address (which you gave to Verisign for sending certificate). This email address also contains the link to root address which you need to obtain in order to validate your certificate. Follow the link and do as instructed to import the root certificate in Internet Explorer. The root certificate will be imported into IE with the name "VeriSign authorized testing only.No assurances" in "Trusted Root Certificate Authorities tab"
    Your Oracle Wallet manager, Internert Explorer etc will accept and use the client certificate only if the corresponding root certificate is present.
    Hope this clarifies the doubt.
    Chandar

  • Security Update now Available

    A new security update is available on the update site.....

    Hi syntrak,
    You must have been busy this week. The update is about three days old. But it's good to remind everyone to continually check for updates. Good job!

  • Security Samples Out of Date

    Hello;
    I noticed that the Security Samples code is hopelessly out of date especially VPD.
    Are there plans to update them?
    http://otn.oracle.com/sample_code/deploy/security/9i_security.html

    Hi
    Thanks for providing your feedback. We are currently working on a plan to update these examples with latest releases of Oracle Software.
    Best regards
    -- OTN, IDC Team.

  • WLS 7 and Security

    Hello,
    Can we have a glance on what is supported in WLS 7 regarding
    security?
    JAAS?
    GSS-API?
    Will it support JRE 1.4?
    Cheers,
    T

    Hi Thierry,
    Both the authorization portion of JAAS as well as the authentication
    part should be implemented and supported (rather than just the
    Authentication mechanism, which all that is currently implemented and
    supported.) I'm sorry but I don't have specific versions of the JAAS
    spec that BEA will be supporting in WLS 7. Even so, I hope this helps.
    Joe Jerry
    Thierry Janaudy wrote:
    Hello,
    Can we have a glance on what is supported in WLS 7 regarding
    security?
    JAAS?
    GSS-API?
    Will it support JRE 1.4?
    Cheers,
    T

Maybe you are looking for

  • Make clickable UI-elements for windows Phone 8.1 apps maps

    Windows Phone 8.1 App , C# I would like to let the user add Pushpins ( which apparently are called MapIcons ) to the map and when the user clicks the newly created Pushpin some other ui-elements should appear. But apparently MapIcons are not clickabl

  • New Macbook Air will not connect to 802.11n, but my old 2011 model will

    I have just bought a new MBA 13", i7, 8 GB RAM, 256 GB SSD. When I connect to my home network I see it as a 802.11n network, but as soon as I log on, I only have 802.11g connection. I still have my old 2011 MBA, and it connects to the n-standard just

  • How I fixed the Spinning Beach Ball Issue

    Ok, like many of you, I was also getting iTunes to hang when plugging in my shuffle, and it would just sit with the spinning beach ball. Even after an hour, it was still frozen. Well, I just fixed mine. I went to check the Library File to see if it w

  • Templates from Office 2004

    Can I move my templates created in MS Word into my Pages '08 template folder????? I have several templates I would prefer to save and not recreate again. \ Perhaps there is a better path I should follow to covert the MS Word templates over to Pages??

  • PDF files will not open in Mozilla, they do in Safari.

    I am unable to open PDF files when working in Firefox. A message comes up indicating failure. I am able to open a PDF file is I am working in Safari. I have an Apple Macbook.