WS-Policy Confidentiality Element Question
I have a Web service that requires WS-Security encryption and signing for parts of the request and encrypts and signs parts of the response. I am attempting to create a proxy to invoke that back-end WS-Security Web service.
I've created two custom WS-Policy files, one that corresponds to the request and one that corresponds to the response for the back end Web service.
I've modified the WSDL for my business service to reference the two policy files.
Inside the ALSB proxy, I am able to apply the correct encryption/signature on the request to the back end Web service. I can invoke the proxy and see the back-end Web service being invoked with the correct components encrypted and signed.
The problem I am having is with the WS-Policy file that describes the response.
My understanding is that the policy for the response has to be abstract in order to be able to decrypt the response.. my policy file has a Confidentiatlity element that looks like:
<wssp:Confidentiality>
<wssp:KeyWrappingAlgorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<wssp:Target>
<wssp:EncryptionAlgorithm
URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
<wssp:MessageParts>
/xpath/to/element
</wssp:MessageParts>
</wssp:Target>
<wssp:KeyInfo/>
</wssp:Confidentiality>
However when I invoke the proxy with this in the response policy, the proxy doesn't invoke the back end Web service I get the following error on the console:
Failed to load WSDL binding information for service
If I remove the <Confidentiality> element it invokes the back-end Web service but is unable to decrypt the results.. I get an error that references the CertPathBuilder
How am I supposed to specify the Confidentiality on the response?
(The proxy service has a proxy service provider associated with it and the proxy service provider has both encryption and digital signature credentials as well)
Hi Martin,
uff, its a long time ago ;-)
Not directly, I created an Implicit Enhancement Spot at the end of method APPLY() (class CL_ST_USERNAME10).
Based on the interface name I'm reading a custom configuration table in order to define (overwrite) the username token settings in structure (instance attribute) "m_username_token".
I also opened a message at SAP, because the digest password was not calculated correctly.
The answer was the following OSS Note provided by SAP:
1587834 - wsse:UsernameToken: incorrect Password digest
I created the WS-Policy manually and attached it to the WSDL file.
This will generate the signature configuration.
It is very helpful to create a "dummy" provider service with the same WSS settings (SOAMANAGER) in order to generate a WS-Policy template.
If you need further information, don't hesitate to contact me.
Kind regards
Axel
Similar Messages
-
Please help I forgot confidential answers questions to my account The problem I shipped itunes card and when I buy from my request answers"
Call AppleCare for your country and request help resetting the questions.
-
More ACR for elements questions
After having played around with ACR 4.1 I have a few questions and observations:
Not all the the features described as being in 4.1 in this article
http://photoshopnews.com/2007/05/31/about-camera-raw-41/
seem to be accessible, e.g. holding down the alt key while looking at radius and sharpening values to see the masks applied. Are these features available from CS but not in elements (It's the same plugin) or were they never implemented in 4.1 but only in some beta copy of the SW?
As noted in different msgs, there is scarcely any documentation for ACR 4.1 except what I can glean from articles like the one above and from trial and error - am I correct in this assessment?
If I bring the raw file into elements, some of the functions can work on 16 bit files but for most I must permanently convert down to 8 bits. How much print quality am I losing for 11x14 blowups during this process? I guess I'm losing none in resolution (PPI) but a little in gradations of color and luminosity.
How does this raw pre-processing in ACR compare with the new Nikon Capture 4 ( I have a D40x) ? Is it worth having both sets of SW? I couldn't find a price for Capture4 in the website - only a 30 day download trial. Anybody have any idea how much it costs?
Now if I would only go out and shoot some more photos instead of nerding out on the tech stuff!! Thanks.
ChrisThanks Barbara - you wrote:
Your printer will almost certainly downsample your image to 8 bits when you print, so you're not losing there. The loss, such as it is, is in the available gradations of color for editing.
Is this the case If I get it printed at a photo printing/editing store (we have Mtophoto here in CO which I really like because a couple of the guys there really know their stuff)? -
Search Help attached to Data Element Question
Hello! Hopefully this is a simple question to answer. I have looked online but cannot find exactly what I need.
We currently have a search help attached to a data element. The search help is a custom search help. It does work so when you are in the screen it will show you options to pick from for that field. However, the field also allows for free-form text so the user can type in whatever and the screen will take it.
Is there a way through the data element or search help to make it so the user is restricted to only what is in the search help and cannot just enter whatever?
Thanks!!For restricting values You can use the at selection screen event on that field.
The search help field values will be there in a table .
So what ever values are there in the table for that particular field , only those values will come in F4 also ..
If it not maintained then issue an appropriate error message.
at-selection screen on p_field.
selct single field from table into v_value.
if sy-subrc <> 0.
message ""Error message.
Endif.
Regards
Mishra -
Show policy-map interface | Question about QOS show command output
I hope this is the correct place for this question. If not, please let me know.
When I issue the show policy-map interface command (in this case on a 3845) there is some output I don't understand. I have included some output below and formatted the lines I am confused about as "computer code" which show up as red on my screen. A list of the individual lines i'm confused about is below, followed by those liens in the context of the show policy-map command's output.
Any help with this will be greatly appreciated. Thanks in advance.
5 minute offered rate 46000 bps, drop rate 0 bps
5 minute rate 10000 bps
bandwidth remaining 50% (768 kbps)
show policy-map interface
--- previous output omitted ---
GigabitEthernet0/0
Service-policy input: QoS_IN
class-map: Silver (match-any)
164691299 packets, 23570752398 bytes
5 minute offered rate 46000 bps, drop rate 0 bps
Match: access-group name MAINFRAME
4371992 packets, 2311242335 bytes
5 minute rate 0 bps
Match: access-group name KRONOS
13334297 packets, 3051409140 bytes
5 minute rate 5000 bps
Match: access-group name EMAIL
97652823 packets, 10323856470 bytes
5 minute rate 10000 bps
Match: access-group name VOIP-CONTROL
20782858 packets, 1481676784 bytes
5 minute rate 0 bps
Match: access-group name LOGIXWEB
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name GRINDLOG
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name CITRIX
46895 packets, 14669179 bytes
5 minute rate 0 bps
Match: access-group name CORP_WEB
28502414 packets, 6387897396 bytes
5 minute rate 4000 bps
QoS Set
dscp af31
Packets marked 164691269
show policy-map interface s0/0/0:0
Serial0/0/0:0
Service-policy output: QoS_OUT
--- previous output omitted ---
Class-map: Silver (match-any)
86590227 packets, 12051546524 bytes
5 minute offered rate 3000 bps, drop rate 0 bps
Match: access-group name MAINFRAME
7641084 packets, 2701232492 bytes
5 minute rate 0 bps
Match: access-group name KRONOS
6975052 packets, 1555404656 bytes
5 minute rate 0 bps
Match: access-group name EMAIL
58438150 packets, 5433636586 bytes
5 minute rate 3000 bps
Match: access-group name VOIP-CONTROL
355083 packets, 41252455 bytes
5 minute rate 0 bps
Match: access-group name LOGIXWEB
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name GRINDLOG
0 packets, 0 bytes
5 minute rate 0 bps
Match: access-group name CITRIX
19 packets, 4967 bytes
5 minute rate 0 bps
Match: access-group name CORP_WEB
13180836 packets, 2320015236 bytes
5 minute rate 0 bps
Queueing
queue limit 64 packets
(queue depth/total drops/no-buffer drops) 0/18156/0
(pkts output/bytes output) 86421413/12004278837
bandwidth remaining 50% (768 kbps)this is my configuration
DGMGRL> show configuration
Configuration
Name: matrix
Enabled: YES
Protection Mode: MaxPerformance
Databases:
stdby1 - Primary database
stdby2 - Physical standby database
stdby3 - Physical standby database
Fast-Start Failover: DISABLED
Current status for "matrix":
SUCCESS
--- this is my first successful switchover -----
DGMGRL> switchover to stdby2
Performing switchover NOW, please wait...
New primary database "stdby2" is opening...
Operation requires shutdown of instance "stdby1" on database "stdby1"
Shutting down instance "stdby1"...
ORA-01109: database not open
Database dismounted.
ORACLE instance shut down.
Operation requires startup of instance "stdby1" on database "stdby1"
Starting instance "stdby1"...
ORACLE instance started.
Database mounted.
Switchover succeeded, new primary is "stdby2"
-------------------this is my second switchover -------------
DGMGRL> switchover to stdby1
Performing switchover NOW, please wait...
New primary database "stdby1" is opening...
Operation requires shutdown of instance "stdby2" on database "stdby2"
Shutting down instance "stdby2"...
ORA-01109: database not open
Database dismounted.
ORACLE instance shut down.
Operation requires startup of instance "stdby2" on database "stdby2"
Starting instance "stdby2"...
Unable to connect to database
ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
Failed.
You are no longer connected to ORACLE
Please connect again.
Unable to start instance "stdby2"
You must start instance "stdby2" manually
Switchover succeeded, new primary is "stdby1"
DGMGRL>
Edited by: user6981287 on Jan 7, 2010 12:57 AM
Edited by: user6981287 on Jan 7, 2010 1:00 AM -
Old version of Photoshop Elements question
I have Photoshope Elements 1.0.1 (2001). It will not install on my laptop. Is there anyway to get an up-date with out paying again. (The software came with my Epson Perfection 2450 Photo Scanner)
What OS are you using?
Photoshop Elements 1 is a very very old software.
Please considering buying the latest Photoshop Elements 11. -
Should I delete photoshop elements 9 from my computer since I now have Photshop elements 12. It takes up space. Will I lose anything?
You won't lose anything but you do need to take time getting used to PSE12 because it is completely different from PSE10 and before.
However, it is your choice but I would keep it for about a month so that PSE12 becomes easy to use.
G/L -
Web Site Design Element Question
Hi,
I want to include as a design element a puzzle. I want to present the puzzle unassembled and allow the visitor to move the pieces into place.
What is the best way to do this in Dreamweaver CS5?SP,
Apart from the forum of the source application, this may be the right place to ask: http://forums.adobe.com/community/dreamweaver/dreamweaver_general -
Hey guys. I was wondering, is it possible to create this GUI element with Scripting?
I could create EditText element, but I'd like to use, if possible, this more elegant way for user to input values.
I am talking about 120 / 84 / 0 elements in this GUI (screenshot from Character palette)
Is it doable?Yeah those sliding edit texts are cute, but unfortately they are not part of ScriptUI.
As David said, you can stack 2 texts, but that will only have aesthetic effects.
It could be useful to store more digits in the edit texts and display less in the static one for nicer UI (like native sliders do), but this is something one simply never need when scripting...
var w = new Window("palette");
var tt =w.add("group{orientation: 'stack',\
staticT: StaticText{text: '0.0', characters: 8, justify: 'left', visible: true},\
editT: EditText{text: '0.0', characters: 8, justify: 'right', visible: false}\
tt.staticT.onActivate = function(){this.visible=false; this.parent.editT.visible=true;};
tt.editT.onChange=tt.editT.onDeactivate=function(){
var x=parseFloat(this.text) || 0.0;
this.text = x.toFixed(3);
this.parent.staticT.text = x.toFixed(1);
this.visible=false;
this.parent.staticT.visible=true;
w.center();
w.show();
When there is no element to give focus to (like in this example) it is hard to get the static text back if you finally don't change its value...
Xavier -
Hello,
I have a process designed with multiple reviewer levels. The process is designed to automate a route slip for a project. The route slip is a simple PDF that has comment fields for each user to enter their comments for the project into. In some of the reviewer levels there are multiple users who need to add their comments to the PDF at the same time. I have set up the process at those points to go through a gateway element. The element is set to And-Wait, and has at most three branches. The branches are exactly the same in that I'm setting some variables, and then have a User Assigned Task set up to allow each user to add their comments to the form. The form has a section set up for each user to enter their own comments into. The intended goal is to capture each users comments before the form goes to the next reviewer level. The problem is that when I get to the next reviewer level in the process only the last user who adds comments inside the gateway has their comments saved and passed through. I am a little puzzled on why the gateway element isn't capturing each users comments. Any assistance or insight into my problem would be greatly appreciated.
Thank you,
KyleThe Gateway element sends the item in parallel and they each get a copy of the Form variable for the duration of their branch. Once the split is completed it'll update the main process Form variable with the content from the last branch that was complete.
Right now, there is not built in functionality that will combine the three instance of the Form variables from the three branches back into the main process. You'll need to do that manually using a SetValue operation.
I would store the comments from each branch in a string variable. Then update the main process Form variable with the content of the comments variables outside of the Gateway, just before it goes to the next approver.
Jasmin -
Installation photoshop 12 elements question
Downloaded photoshop elements 12 prem and it stops installation with message:
''The following applications are using files that need to be updated by this setup
Close these applications and click retry to continue elementsautoanalyzer.exe''
Any ideas to get this sorted will be appreciated.restart your computer and then start installation.
-
Pl suggest Table-Field for the following Data Elements in TEM
Location where Event held
Schedule of the EventPL check this <a href="https://forums.sdn.sap.com/click.jspa?searchID=3972037&messageID=3775117">Thread</a>.
~Suresh -
RETENTION POLICY in RMAN question
Is a good practice to set up a RETENTION POLICY for the full backups (level 0) and another RETENTION POLICY for the incremental backups (level 1)? If yes, why and how could I do this ?
Thanks for your responses,
Christine.It is from the doc
http://download.oracle.com/docs/cd/B19306_01/backup.102/b14191/rcmconc1007.htm#sthref279
From the perspective of a retention policy, a datafile backup is a full or level 0 backup of an individual datafile or control file. It does not matter whether the backup is a datafile image copy, a proxy copy, or part of a backup set. For datafile copies and proxy copies, if RMAN determines that the copy or proxy copy is not needed, then the copy or proxy copy can be deleted. For datafile backups in backup sets, RMAN cannot delete the backup set until all of the individual datafile backups within the backup set are obsolete.
Besides affecting full or level 0 datafile and control file backups, the retention policy affects archived redo logs and level 1 incremental backups. First, RMAN decides which datafile and control file backups are obsolete. Then, RMAN considers as obsolete all archived logs and incremental level 1 backups that are not needed to recover the oldest datafile or control file backup that must be retained. -
Group Policy Folder Redirection Question
Hello
We have a group Policy Redirection setup, to redirect the Desktop and the documents folder to the users a private Drive.
This works fine.
Its currently setup as a UNC path in the group Policy. The user has their private drive setup by a unc path in the users Active Directory/properties/profile/Home Folder.
I have seen when i chnage the unc path of the users Active Directory/properties/profile/Home Folder to a dfs path and then restart the users computer the user is logged into all the documents in the documents folder disappear.
Any ideas as to why this is?
Will are using windows 7 sp1.
thanks> I have seen when i chnage the unc path of the users Active
> Directory/properties/profile/Home Folder to a dfs path and then restart
> the users computer the user is logged into all the documents in the
> documents folder disappear.
The DFS path points to the same target as the UNC path? Then enable
http://gpsearch.azurewebsites.net/#2673
Greetings/Grüße,
Martin
Mal ein
gutes Buch über GPOs lesen?
Good or bad GPOs? - my blog…
And if IT bothers me -
coke bottle design refreshment (-: -
PatternSequence UI Element question
Was wondering if anyone had any information on using the PatternSequence UI element.
We cannot not use Tabs with our current Ep version; since tabs do not work in Firefox.
So, we are attempting to use PatternSequence and their steps.
Understanding that this UI element is not supported, but it works in our current environment for all the browsers.
However, is there a way to code an automatic skip to the next step after a user performs an action on the current step?I ran across this trying to figure out the same problem.
I finally found a thread which answered it.
Your code, corrected:
var ADAPTwinResource =
"dialog { \
properties:{ \
resizeable:false, \
closeButton:false \
preferredSize: [100, undefined], \
text: 'Test Dialog', \
frameLocation: [100,100], \
pnl1: Panel {type:'tabbedpanel', \
tab1: Panel { type:'tab',\
text:'Tab 1' \
tab2: Panel {type:'tab',\
text:'Tab 2' \
var ADAPTwin = new Window(ADAPTwinResource);
ADAPTwin.show();
Link to thread that cleared up this issue for me.
Maybe you are looking for
-
Splitting clips problem. Corrupt project?
I have a 3 hour 15 minute project that I finished editing (down from 6+ hours of footage). Aside from iMovie starting to run quite slow by the time I was adding chapters and titles, everything went well. After 11 hours of exporting to Quicktime, I
-
BLOCKING THE PAYMENT TO VENDOR LINE ITEM IN APP
I am doing APP Run in F110. Here I want to block one vendor line item. In the Edit proposal button I tried to block the line item. But system is throughing a Error messeage saying that You cannot block the payment in proposal run. Can any one pls
-
How to accept Lincense Agreement
Adobe Reader asks me to press "Accept" button to accept License Agreement, however, there is no Accept button or I do not see it, what should I do?
-
Does managing Oracle 10g RAC with ASM require full root access?
We currently have three entirely separate support areas, Unix, Storage and DBA. We're now considering using Oracle 10g RAC with ASM and as part of the assessment trying to work out if we can still draw similar support boundaries. I know that installi
-
Just about every time I surf the net I have to log on again. Is this usual? or what can I do to keep logged on to btinternet.