Add Basic authentication to the Proxy Services in OSB

Similar Questions

• Error while trying to generate the Proxy Services on OSB

  Hello

  I am developing some services on OSB, every service call stored procedures using a database of JCA adapter.

  I followed this tutorial:

  https://guidoschmutz.WordPress.com/2010/08/08/Oracle-service-bus-11g-and-DB-adapter-a-different-more-integrated-approach/

  Business service are ok, they work fine, I tested it directly from OSB.

  Problems when trying to generate the proxy service.

  The General configuration of the proxy after set the source of the wsdl and when I specify jca file proxy service, an error message returned:

  "Unable to update JCA transport invalid JCA proxy service. Transport exception occurred with the following message:
Invalid JCA file for JCA proxy service. If you are creating a Proxy from a Business Service, please select a different transport type (for example, http). If not, JCA file must contain JCA activation spec properties."

  And here's my content created by JDeveloper jca file:

  
  

  < name of the adapter-config = "getApprover" = 'Database adapter' adapter wsdlLocation = "getApprover.wsdl" xmlns =" " http://platform.integration.Oracle/blocks/adapter/FW/metadata ">

  < connection-factory location = ' ist/DB/adapter' UIConnectionName = "Adapter" adapterRef = "" / >

  < endpoint-interaction portType = operation "getApprover_ptt" = "getApprover" >

  < className = "oracle.tip.adapter.db.DBStoredProcedureInteractionSpec interaction-spec" >

  < property name = "SchemaName" value = "APPS" / >

  < property name = "PackageName" value = "ERS_SKS_TASK_UTILITIES_NEW_PKG" / >

  < property name = "Procedurename" value = "GET_APPROVER" / >

  < property name = "GetActiveUnitOfWork" value = "false" / >

  < / interaction-spec >

  < output / >

  < / interaction of endpoint >

  < / adapter-config >

  
  

  Is there someone who had attempted to use the JCA transport with database adapter already? Please give me a suggestion.

  
  

  Thank you.

  Fairlie
  

  Hello

  In transport, changes in the Protocol on the proxy for local or http service.

• OVD Custom Plugin - return invalid authentication to the Proxy Service

  Hi all

  I develop a plugin for OVD. My goal is to call a Service Proxy by using the credentials of a user in TPM. However, in this plugin, I'm calling a Web service and the authentication result depends on the result of this Webservice. For example, if the WS returns 'false', this means that I should not be allowed to authenticate.

  How can I find an invalid authentication at the request of Service of Proxy, using my plugin implementation?

  Thank you very much.

  You can use the bind method:

  BasePlugin (reference APIs Java Oracle Virtual Directory)

  and set it as the

  ' Public Sub bind (String, String, credentials creds, dn DirectoryString,

  BinarySyntax password, Boolean result) throws DirectoryException.

  {ChainException}

  try {}

  Boolean auth is xyz. Auth (uidValue, pwdValue);

  bool.setValue (auth);

  } catch (Exception e) {}

  Logger.info ("exception:" + e.getMessage (), e);

  bool.setValue (false);

  Customization of Oracle Virtual Directory - 11g Release 1 (11.1.1)

  ~ J

• Basic authentication with the RESTful WEb service and a Web Service reference

  Hi all
  
  We have made significant progress on getting an application to work with RESTful web services, but are now trying to understand how to lock a RESTful Web service while making it available for a particular application.
  
  We use one of the 'emp' table sample web services come with Apex 4.2 and are trying to apply the Basic Auth to the WEb Service using Weblogic filter defined in the web.xml file. Which works very well. I now get challenged when I try to go to:
  
  https://wlogic.edu/Apex/BNR/ACE/HR/empinfo/
  
  And when I authenticate this challenge, I am able to get the data. (we are usiing the Weblogic-level LDAP authentication)
  
  However, I'm not sure how to get even basic authentication to work with Web Service reference in my application. I see the error message in the application when I try to call this Web Service:
  
  401 Unauthorized <
  
  And I see:
  "The request requires user authentication. It MUST contain a header field WWW-Authenticate (section 14.46) containing a fault that is applicable to the requested resource. The client MAY repeat the request with a suitable authorization (section 14.8) header field. If the request already includes identification of the authorization information»
  
  How can I provide the credentials in the Web reference or provide credentials in the Application?
  Web service works fine if I remove the auth basic RESTful web service in the Web.xml file.
  
  We should NOT use basic auth and auth Weblogic web service definition basic RESTful Workspace use instead. If so, how would we implement THIS basic authentication in the definition of Web Service and the Web SErvice reference on the application?
  
  Thank you
  Pat

  Hello Scott,

  Thank you. There is a function for rest in the package:

  function make_rest_request(
  --
  -- This function invokes a RESTful Web service with the supplied name value pairs, body clob, or body blob
  -- the response as an clob.
  --
  -- Arguments:
  --   p_url                  The url endpoint of the Web service
  --   p_http_method          The HTTP Method to use, PUT, POST, GET, HEAD or DELETE
  --   p_username             The username if basic authentication is required for this service
  --   p_password             The password if basic authentication is required for this service
  --   p_proxy_override       The proxy to use for the request
  --   p_body                 The HTTP payload to be sent as clob
  --   p_body_blob            The HTTP payload to be sent as binary blob (ex., posting a file)
  --   p_parm_name            The name of the parameters to be used in name/value pairs
  --   p_parm_value           The value of the paramters to be used in name/value pairs
  --   p_wallet_path          The filesystem path to a wallet if request is https
  --                          ex., file:/usr/home/oracle/WALLETS
  --   p_wallet_pwd           The password to access the wallet
  --
      p_url               in varchar2,
      p_http_method       in varchar2,
      p_username          in varchar2 default null,
      p_password          in varchar2 default null,
      p_proxy_override    in varchar2 default null,
      p_transfer_timeout  in number default 180,
      p_body              in clob default empty_clob(),
      p_body_blob         in blob default empty_blob(),
      p_parm_name         in wwv_flow_global.vc_arr2 default empty_vc_arr,
      p_parm_value        in wwv_flow_global.vc_arr2 default empty_vc_arr,
      p_wallet_path       in varchar2 default null,
      p_wallet_pwd        in varchar2 default null ) return clob;
  

  My point was that using the API makes things easier if you have to look for a solution.

  Denes Kubicek
  -------------------------------------------------------------------
  http://deneskubicek.blogspot.com/
  http://www.Apress.com/9781430235125
  http://Apex.Oracle.com/pls/Apex/f?p=31517:1
  http://www.Amazon.de/Oracle-Apex-XE-Praxis/DP/3826655494
  -------------------------------------------------------------------

• How to change the soap to the proxy service request?

  Here is an example SOAP:
  

  <soapenv:Header>
      <Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <UsernameToken>
      <Username>kvd</Username>
      <Password>testpwd</Password>
      </UsernameToken>
     </Security>
    </soapenv:Header>
  
     <soapenv:Body>
        <per:getApplicationInfo>
           <userName>test</userName>
           <applCode>358</applCode>
        </per:getApplicationInfo>
     </soapenv:Body>

  I need to replace the value of the app with user name in the proxy service. Could someone help me what is the XPath expression for the username and app?
  
  The company should get the underside of SOAP.
  

   <soapenv:Header>
      <Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <UsernameToken>
      <Username>kvd</Username>
      <Password>testpwd</Password>
      </UsernameToken>
     </Security>
    </soapenv:Header>
  
     <soapenv:Body>
        <per:getApplicationInfo>
           <userName>kvd</userName>
           <applCode>358</applCode>
        </per:getApplicationInfo>
     </soapenv:Body>

  This is the approach that I think: 1) alter the flow of messages Proxy Service-> add a pair of Pipeline-> replace app with username-> call Business Service.
  
  I use Oracle Service Bus 10 g.
  
  Published by: user12876168 on April 25, 2011 05:50

  You were missing the namespaces in xpath associated header.

  In your request, soap, security namespaces, UsernameToken, etc... are related to the target namespace. Below is the reason why:
  xmlns = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >

  So that means all the xml tags that don't have not one namespace linked to it belongs to the targetNamespace and where they must be accessible with it.

  So set a namespace as WSSE as http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd and then use the underside of xpath.

  * $header / wsse:Security/wsse:UsernameToken/wsse:Username/text() *.

  It should work.

  Thank you
  Patrick

• Authentication Failed: the Proxy to fail

  What's the matter, authentication fails and the message is this:

  Authentication Failed: the Proxy to fail

  Thank you

  Go to network settings > under 'Groups of network devices' click "(non attribué)" "

  Under servers "(Not Assigned) AAA", note the name of the IP address of your machine, which can be confirmed from the DOS command prompt "

  using the command "ipconfig/all".

  Then, return to the Network Configuration > under "Distribution of Proxy table", click on "(default)".

  And make sure you name server entry AAA for your machine is in the column 'Forward To '. If it isn't, then move your entry of the column machines and ensure that all other entry is under "AAA servers. Press 'submit + Restart.

  Finally, try authenticate a client bit against this ACS server.

  Kind regards

  Prem

• Creating the proxy service

  When I create the proxy service and choose to be created from the WSDL, I have two options for selection of the port and binding, could explain the difference in choosing between the port or binding?

  Thank you!

  This might help... Configuration of the Proxy Services and Business Services

• access to the original inside the proxy service message

  I have the proxy (serviceType = Web Service, WSDL) service that is available to the client endpoint and I want to record the incoming message to the file on the disk. However, I want to persist any incoming message exectly (at the byte level) as it was sent by the sender (so with the envelope).
  Inside of the proxy service I have access to variables such as header, body etc. However, they are not good for my purpose because they differ from the corresponding parts of the original message. For example xmlns:soapenv = namespace "http://schemas.xmlsoap.org/soap/envelope/" in the original message
  defined only at the level of the envelope and not the header or body. But in the header and body available inside the proxy service variables they (namespaces) are visible. Mayby there are more differences, but this one is visible at a time.
  It is therefore possible to access (in order to save it) original message somehow? Any magical variable? Or mayby there is a way of saying the osb to be persisted (incoming query) in file? (it would be enough for me (of course I need file name).) I manage file by myself more far away).
  All advice appreciated

  If you choose the type of service that WSDL based or service of any SOAP, then OSB motor deconstruct the incoming SOAP envelope and complete parts of the envelope (header, body etc) to automatically correct context variables. This occurs before the flow of messages of proxy service is initiated, so you can't do anything. In the proxy service, you will receive the deconstructed only SOAP message.
  If you wish to record the exact message that has been received by the OSB, then change the type of service to (or create another proxy service in front of the existing proxy) type Messaging with text or binary content. Or you can also choose AnyXML service type, in which case the incoming SOAP envelope will be available inside variable $body in mail flow.

• Cannot open/Add essbase server in the Regional service console in SSL mode

  Hello gurus,
  
  I've set up SSL in EMP which ends at the web server level, but it seems that there is a problem with the Essbase server. When I try to add essbase server in the Regional service console in a secure mode it indicates what follows in the Regional service console Message Board
  
  Error: 1040142: NZERROR: nzos_Handshake failed (29024)
  
  Records verified Essbase, but it has the same error mentioned in it. I don't know where to go from here.
  
  Any help will be appreciated. Thank you.

  I think I might have the answer, EAS will use the RTC essbase, which has its own portfolio in \EPMSystem11R1\common\EssbaseRTC-64\11.1.2.0\bin\wallet

  Now you can update the cwallet.sso in that directory or add a file essbase.cfg in \EPMSystem11R1\common\EssbaseRTC-64\11.1.2.0\bin
  wiith the location of the portfolio by using the config parameter

  WalletPath

  I also added the certificate for the cacerts in \jdk160_21\jre\lib\security file

  Restart the services and give it a go, works for me.

  See you soon

  John
  http://John-Goodwin.blogspot.com/

• What type of service you want to use for the Proxy Service

  I have a question about a service Proxy.
  
  I need a local (local transport) the Proxy service which is called by another proxy service.
  It is a synchronous service that has an incoming message XML and an outgoing XML message.
  
  I have the following questions:
  -Does make a difference in performance when I choose a webservice WSDL or a courier service?
  -Which would you choose and why?
  
  Thanx

  Does make a difference in performance when I choose a webservice WSDL or a courier service?

  There would be little difference.

  Which would you choose and why?

  I would choose XML type type e-mail proxy because the input and output XML messages. I choose WSDL web service because it should be used in the case of SOAP packagaing only (in the context of web service, to enable SOAP and WS support) to make fun of a web service that has a WSDL (and an XSD) that is associated with.

  Kind regards
  Anuj

• OSB - Manager of errors in binding to the proxy service

  Hello!
  
  I had a proxy service that queries a POP3 server to download emails and process them.
  My question: How can I bind an error handler to the proxy service to notice when the POP3 server is not available?
  So, I would put an alert when the OSB loses the connection to the mail server. I tried to put an error handler to the top component of the mail flow page, but it does not work...
  Could someone help me?
  Thank you!
  
  Viktor

  For the transport of poller (e-mail/FTP/File, etc.), it is not possible to intercept the transport layer errors, in your service error handler. Re: OSB - Manager of errors in FTP to TransportException transport

  Thank you
  Maury

  Published by: Manoj Neelapu on June 28, 2010 15:51

• Upload file in the Proxy Service ALSB

  Hello
  
  I need to download a file from one system to another system by the Proxy Service.
  
  With the Proxy Service, you can download a file by using the FTP protocol. But, how a upload a file?
  
  Thank you and best regards,
  Charrier

  Hello..

  You can use a business type Messaging service.

• Basic authentication for the OSB exposed as a Rest Service

  Hi all

  We expose OSB Service as a Rest Service to the customer. Need to add basic for the client authentication. In the HTTP transport Service proxy, we have enabled basic authentication. However, we do not know how to proceed. We want to take care of the authentication section in the BSO it itself, so what should be our next step for her? How to extract the authentication information for the request and where to add the check? Is there an easy way to integrate with authentication AD in OSB?

  Hello

  OSB will do authentication for you, no need to make something of yourself. Just move the radiobutton control to basic authentication. It uses the Weblogic domain in the to do. OSB will get the name of user and password of the authentication HTTP header property and validate it against weblogic. If weblogic confirms as a name of user and password valid, OSB running the proxy. Any valid user in weblogic will do, there is no authorization: so no way to limit to a specific user. This means that to connect to AD you must configure using Weblogic. In the field of weblogic, you can add any AD or any LDAP as authenticator.

  With the help of its also possible to validate on a particular user using the UserToken GOSA strategy. You can also use GOSA do BasicAuthentication by applying the specific policy. But GOSA only supports basic over SSL authentication, not simple basic authentication.

  By the way: for BA on a Business Service: you must create a ServiceAccount object with the specific user name password and assign to specific BusinessService. You can create a surveillance society by environment, each in a particular folder of dev/test/ACC/prod. Then use a customization file to switch between them.

  Kind regards
  Martian

• Basic authentication for the WSDL Web Service for load test

  I am trying to load test a web service; the URL of the WSDL is behind a user name and password using http basic authentication. I can add the URL of the WSDL without problem with the user name and password, but when I read the script, I receive a "401 Unauthorized" errors
  
  I looked at the preferences > recording > Web Services > the Proxy Configuration, and then refer you to the preferences > recording > HTTP > the Proxy settings. I also looked at similar settings under Preferences > reading.
  
  I'm running OpenScript (9.1), how to configure it...?
  
  Thank you very much!
  
  KM
  
  Published by: KM 14 Sep, 2011 12:12

  Hello

  You can right click on the section to initialize your script and then:

  Add-> other-> HTTP-> authentication.

  You need 3 parameters:

  A - http://someurl - url that will authenticate any url that contains the http://someurl string for example http://someurl.com/index.html
  A password
  A user

  The following code should be added in your script:

  http.addAuthentication("http://someurl", "username",
                      deobfuscate("5blNah5kX/XuZnepYwInFw=="));
  

  Hope this helps

  Alex

• How the proxy service can get the client certificate in Oracle Service Bus

  Hello everyone, now I'm confused in how can get service proxy client certificate in Oracle Service Bus. I have configured bidirectional SSL in Weblogic, the client sends its cerficate to Weblogic and Weblogic checks this cerficate if have access permissions Weblogic, but my proxy service cannot obtain this certificate to do more work, who can help me?
  And my proxy service service type is the messaging service.
  
  Thank you!!!
  Sea

  Hi, if you have configured for client certificate authentication, weblogic maps an attribute in the DN of the client certificate to a user of weblogic security realm. The attribute is controlled by the default configuration to map the user in the default identity asserter in the WLS Console--> security--> kingdoms--> suppliers--> default identity Asserter. Generally, the CN attribute is selected for this purpose. You must also create a user in the security field, with the value of this attribute in the client certificate for authentication to succeed. Once the authentication is successful, the user is used as the authenticated user. So if you want to set permissions for authorization on the proxy, you can do it based on this user. For this you need not the certificate of the client. In the pipeline of message, I guess you can get the authenticated user of $inbound, which in turn corresponds to an attribute in the DN of the client certificate.