Home > Default > Confirming method to secure web services through oracle web service manager

Confirming method to secure web services through oracle web service manager

October 11Hits:3
Advertisement
Hi All,
I am just wondering about the method to secure web service through oracle web service manager.
I have a unsecure web service "helloworld" which is deployed on JWSDP1.6 toolkit.I want to secure it through oracle web service manager.
Inorder to secure this unsecure web service,I use gateway(web service manager for securing web service using message level security through certificate).
So when client want to access the helloworld service,it contacts the gateway securely and gateway intern connect to original web service after decrypting and verification of the signature.When gateway gets response from the web service,it signs the response message and then encrypt and passs on to the client.
So my question is,is it the right way to secure web service?
As I am getting the following fault exception :
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode "http://schemas.oblix.com/ws/2003/08/Faults">c</faultcode>
<faultstring>Step execution failed with an exception
</faultstring>
<detail></detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
I checked the log at :
C:\coresv_install_home\external\oc4j-10.1.2.0.0\j2ee\home\log\http-web-access
but there is no helpful information available.Thanks for any help.
Kash

Answers

Hi Rajesh,
Thanks for your reply.I am using the following policy steps:
1)for Request (Decrypt and Verify signature).
2)for Response(Sign Message and Encrypt).
The configuration for Request is shown below:
Pipeline "Request"
Pipeline Steps:
Start Pipeline
Log
Decrypt and Verify Signature
Basic Properties Type Default Value
Enabled (*) boolean true true
XML Decryption Properties Type Default Value
Decryptor''s keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-keystore.jks
Decrypt Keystore Type (*) string jks jks
Decryptor''s keystore password string *******
Decryptor''s private-key alias (*) string s1as
Decryptor''s private-key password string *******
Enforce Encryption (*) boolean true true
XML Signature Verification Properties Type Default Value
Verifying Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-truststore.jks
Verifying Keystore type (*) string jks jks
Verifying Keystore password string *******
Signer''s public-key alias (*) string xws-security-client
Enforce Signing (*) boolean true true
End Pipeline
And the configuration for Response is shown below:
Pipeline "Response"
Pipeline Steps:
Start Pipeline
Log
Sign Message and Encrypt
Basic Properties Type Default Value
Enabled (*) boolean true true
Signing Properties Type Default Value
Signing Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-keystore.jks
Signing Keystore Type (*) string jks jks
Signing Keystore password string *******
Signer''s private-key alias (*) string s1as
Signer''s private-key password string *******
Signed Content (*) string BODY BODY
Sign XPATH Expression string
Sign XML Namespace string[]
Encryption Properties Type Default Value
Encryption Keystore location (*) string C:\Sun\jwsdp-2.0\xws-security\etc\server-truststore.jks
Encrypt Keystore Type (*) string jks jks
Encryption Keystore password string *******
Decryptor''s public-key alias (*) string xws-security-client
Encrypted Content (*) string BODY BODY
Encrypt XPATH Expression string
Encrypt XML Namespace string[]
End Pipeline
I checked the log again but nothing useful there,it is just giving the following values:
2006-08-14 16:32:50,372 INFO [Thread-21] mstore.OLiteMStore - SELECT MEASUREMENT_STR FROM MEASUREMENT_PERSISTED_STORE WHERE ID=? FOR UPDATE
2006-08-14 16:34:50,364 INFO [Thread-16] mstore.OLiteMStore - INSERT INTO MEASUREMENT_PERSISTED_STORE (ID,DEF_ID,CONTEXT_ID,PARENT_CONTEXT_ID,TIME,STORETIME,KEY0,KEY1,KEY2,KEY3,KEY4,KEY5,KEY6,KEY7,KEY8,KEY9,KEY10,KEY11,KEY12,KEY13,KEY14,KEY15,KEY16,KEY17,KEY18,KEY19,KEY20,KEY21,KEY22,KEY23,KEY24,KEY25,KEY26,KEY27,KEY28,KEY29,KEY30,KEY31,KEY32,KEY33,KEY34,KEY35,KEY36,KEY37,KEY38,KEY39,DBM0,MEASUREMENT_STR) VALUES(?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,?,'R',empty_clob())
2006-08-14 16:34:50,364 INFO [Thread-16] mstore.OLiteMStore - SELECT MEASUREMENT_STR FROM MEASUREMENT_PERSISTED_STORE WHERE ID=? FOR UPDATE
Any help would be appreciated.Thanks.
Kash

Read other 3 answers

Tags:

Related Articles

  • Confirming method to secure web services through oracle web service managerOctober 11

    Hi All, I am just wondering about the method to secure web service through oracle web service manager. I have a unsecure web service "helloworld" which is deployed on JWSDP1.6 toolkit.I want to secure it through oracle web service manager. Inord

  • Error while invoking a WS-Security secured web service from Oracle BPEL..October 11

    Hi , We are facing some error while invoking a WS-Security secured web service from our BPEL Process on the windows platform(SOA 10.1.3.3.0). For the BPEL process we are following the same steps as given in an AMIS blog : - [http://technology.amis.nl

  • Secured web service for secured AM methodOctober 11

    Hello, I need to invoke method of secured Application Module (jbo.security.enforce = Must) from secured web service. I have a simple java class with Configuration.createRootApplicationModule ... and a web service built for this java class. I found I

  • SJSAS 8.2 secure and unsecure methods in one web service with ws-securityNovember 30

    Hi I'm trying to deploy a web-service (using SJSAS 8.2) using JAXRPC using message security (at the application level). I have one simple question: I have an EJB that exposes 2 methods as web-services, I specified in the sun-ejb-jar.xml that one of t

  • How Oracle IDM secure web services ?November 30

    Hi, I am using Oracle Product. Wanted to know How IDM can secure web services or one has to use OWSM/OPSS something like this or what security setting we can do at weblogic level? Help Appreciated.Hi, I am using Oracle Product. Wanted to know How IDM

  • Calling secured web service, cross domain securityOctober 11

    Hey all, I am trying to call a secured service, for which i need to enable cross domain security. I have followed the steps described in http://download.oracle.com/docs/cd/E15523_01/web.1111/e13707/domain.htm#i1176046 i.e. enabling trust between webl

  • Calling secured Web ServiceOctober 11

    Hi, I am new in calling web service from PL/SQL block. From the code I'm successfully able to call non-secured webservice like this "http://www.ignyte.com/webservices/ignyte.whatsshowing.webservice/moviefunctions.asmx?wsdl" And also by setting t

  • Secured Web service performance problem in BPEL 11gNovember 30

    Hi, When calling Secured web service from BPEL 11g, performance issue is coming. Actually when we test a Secured web service using SOAP UI, Average response time is 2-3 secs. Where when we are calling from BPEL, average response time is 18-22 secs. S

  • Can config wallet on cloud DB for security web service invoke ?November 30

    Currently, I can invoke the security web service by APEX at my local DB env. based the apex_web_service API http://docs.oracle.com/cd/E37546_01/doc/doc.41/e28475/apex_web_service.htm#AEAPI537 we need wallet to store the cert files. want to confirm th

  • [ANN] Online seminar - Web services management and security seminarNovember 30

    Join us now (Thu 09:00am) for a live seminar about Web services management and security here: http://www.oracle.com/technology/tech/java/newsletter/seminars.htmlI have got the following error when i run the WebServicesAssembler.jar D:\Oracle\Oc4j\j2e

Copyright (C) 2019 wisumpire.com, All Rights Reserved. webmaster#wisumpire.com 14 q. 0.982 s.