tag:blogger.com,1999:blog-1839316484051079047.post2648839190364544099..comments2024-03-28T06:38:40.958+01:00Comments on Java / Oracle SOA blog: The things you need to do for OWSM 11g policiesEdwin Biemondhttp://www.blogger.com/profile/02338716126881111629noreply@blogger.comBlogger93125tag:blogger.com,1999:blog-1839316484051079047.post-37259154419532277352016-07-01T09:49:57.501+02:002016-07-01T09:49:57.501+02:00Hi Edwin,
I did use OWSM in 10g long back in year...Hi Edwin, <br />I did use OWSM in 10g long back in year 2008 since then I didn't use OWSM, during that time it was having its own console wherein we can develop wrapper service on top of actual service and can specify all sort of rules.<br /><br />But in SOA11g and 12c I can't find similar console. Is the architecture of OWSM been completely changed in SOA 11g and 12c. <br />Manish Kumar Guptahttps://www.blogger.com/profile/02928528074366288273noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-2513102053936893792015-12-28T08:30:00.301+01:002015-12-28T08:30:00.301+01:00Can you please illustrate how to go with it as sho...Can you please illustrate how to go with it as shown with other policies above.Umashankar Sharmahttps://www.blogger.com/profile/01679709591016335816noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-26911477610955162852015-12-13T04:52:39.276+01:002015-12-13T04:52:39.276+01:00Hi Edwin,
How to configure the following jks in w...Hi Edwin,<br /><br />How to configure the following jks in weblogic server to deploy and run the client web application in application server? I am able to run the code with standalone java file. But what all the configuration changes which needs to be done to deploy the client code in weblogic server.<br /><br />reqContext.put(ClientConstants.WSSEC_KEYSTORE_LOCATION, "C:/client_keystore.jksAnonymoushttps://www.blogger.com/profile/04329126163905127136noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-71354650259885797842015-12-02T13:39:54.021+01:002015-12-02T13:39:54.021+01:00Hello Edwin,
I was trying to resolve an issue wit...Hello Edwin,<br /><br />I was trying to resolve an issue with oracle/wss10_x509_token_with_message_protection_service_policy, maybe you came across it too.<br /><br />If I add the CN as a user the policy goes well although when I then remove the user the policy is still allowed. Seems like the username is cached. Any ideas?Anonymoushttps://www.blogger.com/profile/08174858798724454246noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-75284147027367044552015-10-21T17:39:21.578+02:002015-10-21T17:39:21.578+02:00Hi Edwin, Great post. Follow up with this questio...Hi Edwin, Great post. Follow up with this question, if we use these policies, let's say for a SOA composite service to access UCM, we would need to provide the username and password as properties in the composite and thus expose in the SOAP header. But for security reasons, we don't want to expose the password, then how would you approach it ?Darwaynoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-54347902837768348132015-08-21T11:22:46.904+02:002015-08-21T11:22:46.904+02:00Hi Edwin,
I am using FMW 12.1.3. Misteriously, I c...Hi Edwin,<br />I am using FMW 12.1.3. Misteriously, I can't anymore attach OWSM policies to my Web Service via EM. In the page showing the details of my Endpoint, the tab "WSM Policies" is missing and in its place there is a tab "WebLogic Policies violations". It looks like there is some WebLogic policy attached to my WS, but I checked and there is none. I tryied to llazzerihttps://www.blogger.com/profile/06487974018693264555noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-18431314956175490812015-08-02T08:44:57.095+02:002015-08-02T08:44:57.095+02:00Hi Edwin,
I am a newby. The code samples you provi...Hi Edwin,<br />I am a newby. The code samples you provide are for a Java SE standalone client, right? And your IDE is Jdev, I suppose.<br />I would like to implement your samples with Eclipse OEPE. Is it feasible? May you please summarize the main steps and mainly the jars I have to put in the classpath?<br /><br />Thanksllazzerihttps://www.blogger.com/profile/06487974018693264555noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-82106729520836168262015-06-12T15:06:52.834+02:002015-06-12T15:06:52.834+02:00Hi ,
Can you please provide the configuraton for :...Hi ,<br />Can you please provide the configuraton for : this policy : wss11_saml_token_with_message_protection_client_policy<br /><br />Reg<br />SridharSridhar Yerramhttps://www.blogger.com/profile/06904887781190622545noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-51808605817435614662014-08-15T19:05:20.785+02:002014-08-15T19:05:20.785+02:00Hi I tried consuming a Rest Service (https GET) wi...Hi I tried consuming a Rest Service (https GET) with self-signed certificates without hostnames through BPEL. <br /><br />When I try to call the service returns this error: <br /><br />java.net.ProtocolException: missing header WWW-Authenticate <br /><br />Could you please tell me that I can do to call a service with these featuresJhon Gamboahttps://www.blogger.com/profile/08893931350647735990noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-75699374416704680912014-08-04T11:54:52.869+02:002014-08-04T11:54:52.869+02:00Hi Shyam,
How did you manage to consume the webse...Hi Shyam,<br /><br />How did you manage to consume the webservice which is enabled with wss11_saml_or_username_token_with_message_protection_service_policy and wss11_saml_token_with_message_protection_client_policy policies<br /><br />????Anonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-40999598677956133262014-07-09T19:46:51.607+02:002014-07-09T19:46:51.607+02:00Hi ,
probably you need a pub and private key for ...Hi ,<br /><br />probably you need a pub and private key for this client.<br />for 2 it is probaby or you need to do this in the EM , here you have a credentials store where you can add this password entry.<br /><br /><br />Thanks<br />Edwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-86332919711828143482014-07-09T19:42:27.258+02:002014-07-09T19:42:27.258+02:00Hi,
Did you do this in the EM or in jdeveloper.
...Hi,<br /><br />Did you do this in the EM or in jdeveloper.<br /><br />ThanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-63237239299202723522014-07-01T11:52:02.081+02:002014-07-01T11:52:02.081+02:00Hi Edwin,
I am trying to use policy Sets so that ...Hi Edwin,<br /><br />I am trying to use policy Sets so that the policies attach to the composite on deployment.<br />Can you share any steps/way to do that?<br /><br />ThanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-7401568484664887742014-07-01T11:47:15.937+02:002014-07-01T11:47:15.937+02:00Hi Edwin,
I am trying to use policy Sets so that ...Hi Edwin,<br /><br />I am trying to use policy Sets so that the policies attach to the composite on deployment.<br />Can you share any steps/way to do that?<br /><br />ThanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-6847546344696596832014-07-01T11:41:34.989+02:002014-07-01T11:41:34.989+02:00Hi Edwin,
Do you have any blogs which details on ...Hi Edwin,<br /><br />Do you have any blogs which details on creating Policy Sets?<br />I have created a new policy set and added policies to it. Now when I deploy my composite I expect it to attach Policies but it doesnot. Any pointers what could be wrong?<br /><br />ThanksAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-18495294870922216302014-05-26T17:15:25.222+02:002014-05-26T17:15:25.222+02:00Hi Edwin,
I am consuming a webservice which is ena...Hi Edwin,<br />I am consuming a webservice which is enabled with wss11_saml_or_username_token_with_message_protection_service_policy and wss11_saml_token_with_message_protection_client_policy policies using proxy client and data control in ADF. But i have following questions in consuming them<br />1) Can i use the certificate from the browser of server url to configure as public key in my client shyamhttps://www.blogger.com/profile/05147434624656979826noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-48285741044961941792014-03-17T03:11:48.023+01:002014-03-17T03:11:48.023+01:00Hi Edwin,
The UCM server side I setup a ws with o...Hi Edwin,<br /><br />The UCM server side I setup a ws with oracle/wss_username_token_over_ssl_service_policy and add a credential pair in my domain, Then I create a new conten repo connection in jdeveloper with jaxws socket type, fill in the client policy and credential. However there always is an error like "The request must be over SSL". Any help for that?<br /><br />Thx & BR Quinn Wangnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-38593760298522559032013-10-17T16:23:17.639+02:002013-10-17T16:23:17.639+02:00Hi,
did you also create a matching client policy ...Hi,<br /><br />did you also create a matching client policy and when testing from Jdeveloper you alsio need to add this to a folder. ( don't know exactly which one )<br /><br />Thanks<br />Edwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-12010417119755707262013-09-19T14:58:40.884+02:002013-09-19T14:58:40.884+02:00Hi Edwin,
I am having a requirement to use oracle...Hi Edwin,<br /><br />I am having a requirement to use oracle/wss11_x509_token_with_message_protection_service_policy policy without any message encryption i.e. a custom policy.<br /><br />From Em Console i have created a custom policy of oracle/wss11_x509_token_with_message_protection_service_policy without message encryption i.e. i have unchecked the option of body encryption in EM Console.And ASHISHhttps://www.blogger.com/profile/09725683867970285199noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-80646934764936643322013-05-23T15:08:34.196+02:002013-05-23T15:08:34.196+02:00Hi,
So the response is not encrypted ( what is on...Hi,<br /><br />So the response is not encrypted ( what is on the server side also OWSM ) and if you change and copied the new OWSM client policy and attach this to the BS then it should work.<br /><br />Thanks<br /><br />Edwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-67694042622293934102013-05-17T14:42:29.801+02:002013-05-17T14:42:29.801+02:00Hi Edwin
In my case, I am using a message_protec...Hi Edwin <br /><br />In my case, I am using a message_protection_client_policy on the business service. It encrypts and sign the request fine but it fails on the response. IT seems it is trying to apply the policy on the response leg as well. I have turned that option off on the policy level via wsm but the behavior is till the same.<br /><br />Regards,<br />Tumi Mametsatumihttps://www.blogger.com/profile/10066668949936189492noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-61235536260868816402013-05-01T22:53:34.143+02:002013-05-01T22:53:34.143+02:00Hi,
Strange, This should work when you create and...Hi,<br /><br />Strange, This should work when you create and test this user in the weblogic internal LDAP.<br /><br />ThanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-91932542144182058092013-05-01T06:56:20.678+02:002013-05-01T06:56:20.678+02:00Hi Edwin,
I have a requirement to call secured we...Hi Edwin,<br /><br />I have a requirement to call secured webservice passing username and passwrd as passowrd+securitytoken. I tried using wss_username_token_service_policy but getting as INVALID username,passowrd,security token. Please let me know what policy i should be using.<br /><br />Thanks<br />BhagyaAnonymousnoreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-79332023202920769452013-03-20T19:49:15.701+01:002013-03-20T19:49:15.701+01:00Hi,
you can use these policies
oracle/wss_http_to...Hi,<br /><br />you can use these policies<br />oracle/wss_http_token_service_policy<br />oracle/wss_username_token_service_policy<br /><br />ThanksEdwin Biemondhttps://www.blogger.com/profile/02338716126881111629noreply@blogger.comtag:blogger.com,1999:blog-1839316484051079047.post-63020895369021146272013-03-07T11:06:02.094+01:002013-03-07T11:06:02.094+01:00Hi Edwin,
We would like to enforce authentication...Hi Edwin,<br /><br />We would like to enforce authentication on an HTTP binding service exposed to an external service. However the certificate stuff is not required. We require only authentication through credentials(username and pwd) and no extra security?<br /><br />Is it supported in 11g and if its supported which policies should we use?<br /><br />Thanks,<br />SureshSureshhttps://www.blogger.com/profile/04857037531047465875noreply@blogger.com