Secure Web Service call

Oracle Database 10g Enterprise Edition Release 10.2.0.2.0 - production
PL/SQL Release 10.2.0.2.0 - Production

Hello
Is it possible to contact a secure Web service (ws-security) with pl/sql code?
I can communicate with a https without problem, but I don't see how I can do for the ws-security header.

Thanks in advance.

Unfortunately, WS-Security is not supported with the Oracle DBWS utility legend, right now. However, we have a very high improvement gravity request filed for this internallt - so it's probably in one of the upcoming releases soon.

In the meantime, you may want to consider going back to using UTL_HTTP for it where you can create your own custom SOAP (WS-Security headers in this case) headers-, but keep in mind that UTL_HTTP can be used with types only very basic of Web Services with simple data types, methods, etc. Another and a better solution would be to have a 'bridge' Web Service (via the SSL protocol, perhaps) who speaks to your main Web Service using WS-Security. This WS bridge can then be invoked by your database using the utility DBWS legend.

HTH,
Yogesh

Tags: Oracle

Similar Questions

The secure web service call error.
Hello

I try to access a web service secured through a simple BPEL process in SOA Suite 11 g. When I test it through the company Manager, I get the following error. Since this is a guarantee websecure I put the policy(oracle/wss_username_token_client_policy) WS in the external reference and also provided identifying information. If someone had a similar error or know the solution please let me know. Also, I'm not sure if its related to security, or is - the way I am calling the service.

Error message:
Error ID reference: 80014
Lack of time may 22, 2011 12:54:45
Anomaly of the non-recoverable system:
javax.xml.ws.soap.SOAPFaultException: 99999: unknown Service

Error message: {http://schemas.oracle.com/bpel/extension} remoteFault
Error default/Mocking!1.0*soa_be35cb3e-5f05-49df-a696-a653d5703681/BPELProcess1/30017-BpInv0-BpSeq0.3-3 ID
Lack of time may 22, 2011 12:54:46

Anomaly of the non-recoverable system:
< bpelFault > < faultType > 0 < / faultType > < remoteFault xmlns = "http://schemas.oracle.com/bpel/extension" > < a name = "summary" part > < summary > 99999: unknown Service < / summary > < / part > < part name = "detail" > < details > & lt; con xmlns:Con: fault = "http://www.bea.com/wli/sb/context" > & lt; Con: errorCode > 99999 & lt; / con: error code > & lt; Con: reason > unknown Service & lt; / con: reason > & lt; Con: location > & lt; Con: node > PipelinePairNode1 & lt; / con: node > & lt; Con: pipeline > PipelinePairNode1_request & lt; / con: pipeline > & lt; Con: Stadium > stage1 & lt; / con: Stadium > & lt; / con: location > & lt; / con: fault > < / detail > < / part > < part name = "code" > < SOAP: server code > < / code > < / piece > < / remoteFault > < / bpelFault >
This occurs if you have several (different webservices) WSDL imported into your project and they share common artifacts(XSD's). In this case, what you do, it's just that you separated from xsd to wsdl and deleted conflicts. This approach is suggested when you do not have control on WSDL that may be provided by different team and they all share common XSD.

Thank you
Smail
http://soadiscovery.blogspot.com

BPM 11 g: call a secure web service

Hi all
I need to invoke a web service secured a BPM process. I do the following
1. to add a reference, I added the customer strategy security "oracle/wss_username_token_client_policy' using option set up political WS on the reference. I also added oracle/log_policy to see SOAP requests being generated.
2. I added the below properties in the composite.xml slot of the reference binding.ws
< name = "oracle.webservices.auth.username property" type = "xs: String" "
much = 'false' override = "may" > SomeUserName < / property >
< name = "oracle.webservices.auth.password property" type = "xs: String" "
Override = 'may' many 'false' = > SomePassword < / property >
But I get an exception during the invocation
MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd} Security] are not included
Also the SOAP request sent to the service of reference I think newspapers don't have the password or a usernametoken anywhere. What else must be configured or set to invoke the secure web service.
Thank you
Siva Renon

Hi all

I got it working to create a new key - basic.credentials - in oracle.wsm.security map the credentials of the domain. You can check this link for the steps.

Thank you

Siva Renon

Access a secure web service of ADF Mobile Application

Hello
We try to create an ADF Mobile application that uses a secure web service located in Oracle EBS (with SOA Suite).
We use JDeveloper 11 g 11.1.2.4.0
Initially, create usd a Control(SOAP/REST) Gallery Web Service data and provided the WSDL document. We tried to run on a simulator, but not did not do anything. We have also found a way to provide the user name and password. So we left it there.
Then we tried to create a Java desktop app to check if it was a problem with our server. In the desktop application, we created a "Web Service Client and Proxy" new gallery followed the steps and used oracle/wss_username_token_client_policy, added the code below to put the username and password and was able to call the service and retrieve data.
(reqContext.put (BindingProvider.USERNAME_PROPERTY, "DBAKER");
reqContext.put (BindingProvider.PASSWORD_PROPERTY, "xxxxx");
So we thought to return to the application the ADF Mobile and creating a "Web Service Client and Proxy" it, but when we built this project, we had the ' annotations are not supported in - source 1.4 "&" generics are not supported in - source 1.4 "errors and found that ADF Mobile does not support beyond Java 1.4" "» (Is that right?)
We then found the video "to access the secure Services of ADF Mobile Web" by Shay (https://www.youtube.com/watch?v=rk5om3o3Pas) and saw that he was using a login server.
We wanted to confirm if you use a login server is the right path to access a secure web service of an Oracle ADF Mobile application?
Are there other ways to do it?
If we need to create a login server, can provide you links that will put us on the right track in establishing a connection server that can connect to the EBS?
Thank you.

The URL must point to a protected page that prompts the user for basic authentication.

See an example here:

https://blogs.Oracle.com/Shay/entry/accessing_secure_web_services_from

As well as the blogs linked at the bottom of this entry.

Make a REST Web service call. Error code: 401 Access to the requested resource is not allowed

Hi all
I'm having a hard time finding ways to Rest Web service calls.
I tried this runs directly through the browser and I get an error.
http:localhost:8080/r EST/bean/atg/userprofiling/ProfileServices/loginUser? [email protected] & arg2 = password
13:18:20, 613 [RestSecurityServlet] error code: 401
Access to the requested resource is not allowed: / atg/userprofiling/ProfileServices
1. atg.rest.RestException: access to the requested resource is not allowed: / atg/userprofiling/ProfileServices
at atg.rest.processor.RestSecurityProcessor.checkAccess(RestSecurityProcessor.java:546)
at atg.rest.processor.RestSecurityProcessor.handleGetRequest(RestSecurityProcessor.java:313)
at atg.rest.processor.RestSecurityProcessor.doRESTGet(RestSecurityProcessor.java:199)
at atg.rest.servlet.RestPipelineServlet.serviceRESTRequest(RestPipelineServlet.java:417)
at atg.rest.servlet.RestPipelineServlet.service(RestPipelineServlet.java:260)
at atg.servlet.pipeline.PipelineableServletImpl.passRequest(PipelineableServletImpl.java:157)
at atg.servlet.pipeline.PipelineableServletImpl.service(PipelineableServletImpl.java:320)
at atg.rest.servlet.RestPipelineServlet.service(RestPipelineServlet.java:264)
at atg.rest.servlet.HeadRestServlet.service(HeadRestServlet.java:130)
at atg.servlet.pipeline.PipelineableServletImpl.service(PipelineableServletImpl.java:267)
Documentation, I understand that I need to create a session, the session is needed to access the secure components since this
method specific 'ProfileServices.loginUser' was declared as non-secure, restSecurityConfiguration.xml
In addition, there are two different ways in which I can connect
1. 1. with the help of RestSession.createSession providing the user name and password.
2. 2. or by using ProfileServices.loginUser or ProfileFormHandler
Can someone please clarify

If you call the REST web service from a Java client, you can create a RestSession object using the createSession method. But in your case you seem to be invoking it with an HTTP request, which, by default, would be considered a GET request by application of the REST of the ATG. So either a GET, he would try to get a property "loginUser" of the component/atg/userprofiling/ProfileServices (based on your URL) that would always fail.

To call the method ProfileServices loginUser() with your argument, you need to tell the system to the REST of the ATG to process your incoming request not GET, but as a demand that you can do to atg-rest-http-method of the parameter control in your application like this

http:localhost:8080/rEST/bean/atg/userprofiling/ProfileServices/loginUser? [email protected]& arg2 = password & atg-rest-http-method = POST

It should work in this way, your restSecurityConfiguration.xml is correct.

ADF Mobile | using secure web services

Hi all
I'm pretty new to ADF Mobile, I use JDev 11.1.2.4.
In my Mobile application I want to use the secure web service.
Here's what I do:
1. creation of a data control based on the WSDL binding.
2. get the web service methods in the data control.
3. during the race, I'm getting that error "oracle.j2ee.ws.client.jaxws.JRFSOAPFaultException: Client from server SOAP fault: Missing < wsse: Security > in the SOAP header.
When trying to run the WSDL binding in SOAP UI, I need set request username and passwordproperties, then only I will be able to invoke this web service.
Here, my question is where can I set these properties for the data control to the web service ?
Please suggest.
Thank you
Vieu

Hi Shay,

Thank you very much for the reply, I'm able to resolve the problem with the approach mentioned user guide.

I forgot to set it up for the first time: ADF Mobile allows you to specify a custom provider class in your DataControls.dcx file. This custom class extends oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider . You can use it to specify an implementation of the SoapHeader[] getAdditionalSoapHeaders() method

Example 9-1 shows how to extend the SOAPProvider and create a custom header has shown in example 9-2

package provider.ebs.soap;

Import oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider;

Import oracle.adfinternal.model.adapter.webservice.provider.soap.SoapHeader;

SerializableAttribute public class EBSSOAPProvider extends SOAPProvider {}

SoapHeader public getAdditionalSoapHeaders() {}]

SoapHeader header [] = SoapHeader News [2];

SoapHeader token = null;

SoapHeader user = null;

SoapHeader pass = null;

header [0] = new SoapHeader ("http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/",

"SOAHeader");

header [0] .addChild (new SoapHeader)

"http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/,"

"Responsibility."

'SYSTEM_ADMINISTRATOR'));

header [0] .addChild (new SoapHeader)

"http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/,"

"RespApplication,"

'SYSADMIN'));

header [0] .addChild (new SoapHeader)

"http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/,"

"SecurityGroup."

'STANDARD'));

header [0] .addChild (new SoapHeader)

"http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/,"

"NLSLanguage,"

'AMERICAN'));

header [0] .addChild (new SoapHeader)

"http://xmlns.oracle.com/apps/fnd/soaprovider/plsql/fnd_user_pkg/,"

"Org_Id."

"0"));

header [1] = (new) SoapHeader

"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,"

'Security');

Token = new (SoapHeader

"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,"

"UsernameToken");

User = new (SoapHeader

"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,"

"Username."

"sysadmin");

pass = new (SoapHeader

"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,"

"Password."

"sysadmin");

Header [1]. AddChild (Token);

token.addChild (user);

token.addChild (pass);

Returns the header;

}

}

Kind regards

Vieira

Is it possible to recover all the virtual machines in a cluster in a single web service call?

I tried to retrieve the list of all virtual machines in a cluster to a single web service call, but to no avail. It seems that there is no direct web service API to achieve this goal. Alternative options must first recover the hosts or data warehouses in the cluster and then recover virtual machines from there. But still, if anyone has an idea how we can do this please let me know. All help information will be greatly appreciated.

It is possible, if you use the PropertyCollector.

(It is usually the answer to questions of the form "Is it possible to retrieve the X in a single web service call").

Call"propertycollector.retrievecontents:

http://www.VMware.com/support/developer/VC-SDK/visdk41pubs/ApiReference/vmodl.query.PropertyCollector.html#retrieveContents

allows you to retrieve a whole bunch of stuff in a single call, which you then have to go through and interpret.

A snippet of code Java VI is not-really-tested to find virtual machines in a ComputeResource (cluster) is attached.

Web service call - works locally but not on mobile?

Hello
I have a web service call (the service is hosted on the cloud is an external area of permamnent) which works fine when I test locally using the Flex Buritto built in emulator or directly by using my browser.
But when trying a android phone (tried a few of them - link one, nexus s and galaxy tab) the service is called but never returns anything.
Is there a good way to trace of call / understand the problem?
Thank you
NIR

Export project based on your device...

If your developling locally you must do in order to get the remote calls to work

That should solve your problem

Results of long-term with the web service call process

I'm starting a long-lived process that dragged out variables using a .net web service call. I would like to be able to get these output variables. I find all of the features in the JobManager service to do this... y at - it another way to do this? I am not above querying the Livecycle database...
Thank you
Mike

It will work only after that the process is 'complete'.. then you need to check the status... .and when that is complete, then you can check the results.

Paul

ODSI web service calls
Hello

I want to route the ODSI web service calls to different hosts in different environments. In other words, in my development environment, I don't want to call a quick service to "myosb - dev.mycompany.com:7001", but in production, I don't want to call the same service to the "myosb - prod.mycompany.com:8021".

I see that I can configure a different port for the Physics Department in the ODSI administration console. However, it is not very practical, since the original WSDL must contain information port for all environments from the get-go. If the service is reinstalled in the production, I need to update the wsdl file and redeploy my data space for moving. This can be a problem due to the cycle of deployment of my app be out of sync with the service that I give the floor.

My question is: is it possible to configure the addresses to host more dynamically? Is it possible to use a variable to control this information a set of services that are located on the same server?

Thank you!

The f
Go to the Console ODSI. Click your data space. Click the physical Source (at the bottom of the left panel).
Click on "Web Services" and select the Web service you want to change.

You will see a place where you can specify a 'new value' for the wsdl file. So if you make a copy of your wsdl and the change of the
to the other server, you could specify that wsdl.

It seems you could also copy the "service" element (or just the "port" element) in the original wsdl, and substitute in the ODSI console for the appropriate service or port. I've never tried that. I'm not sure if you also need to copy any elements that refer to the service or port.

Here's the doc http://download.oracle.com/docs/cd/E13162_01/odsi/docs10gr3/admin/server.html#wp1049919

Here's a thread about doing this via WLST Dataspace imports with WLST : Full Deployment option?

Problem with the web service call

I use ajax with json to call webservice but its not working with the localhost url in the emulator of the ripple. If I use an ip address or external url does not call the webservice.

I also tried with BlackBerry, webservice does not.

can someone guide me how to call the Web service?

Thank you

Sundaram

Your file config.xml needs the ip address or the url in the "whitelist". Use the access for that tag. for example:
The piece above is not secure because it whitelists ALL------* areas. You can put your url in the uri.

Integration with the secure web service IS deployed on EBS

Hello experts,
I have a REST webservice deployed to an Instance of the EBS. I try to call the web service using a mobile application in the ADF. However, the web service is secure and requires security settings to be sent in the request header.
Anyone can recall or explain how I can add a custom header to the object of the application for the REST web service? Any help will be appreciated.
Thank you
Abhishek

Hi Abhishek,

You can do the following:

String theUsername = "abc";

String thePassword = "pass";

String userPassword = theUsername + ': ' + thePassword.

String encoding = new sun.misc.BASE64Encoder () .encode (userPassword.getBytes ());

restServiceAdapter.addRequestProperty ("Authorization", "Basic" + coding);

If you use Webservice DataControl, then automatically the connection information in the login form is injected into the webservice framework.

Kind regards

Deepak

Secure Web Service client
Hello.
I'm trying to create a Proxy Web Service using JDeveloper (client). The goal is to connect to a secure external web service.
Provided by the service web WSDL contains no information on security policy.
I decided to give it a try, so, since "Configuration of the customer strategy" page "Editor of Proxy" window I selected "oracle/wss_username_token_client_policy.
The problem is that I have found a way to define the user name and the password. If I get an error like this:

BASS: WSM-00078 powers in policy configuration is incorrect.
SEVERE: WSM-00016 name username/password credentials or certificates null are missing.
SEVERE: WSM-00005 error in sending the request.
SEVERE: WSM-07607 failure in the execution of the assertion executor wss-username-token class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor {http://schemas.oracle.com/ws/2006/01/securitypolicy}.
SEVERE: WSM-07602 failure in execution of WS-Policy because of the exception.
SERIOUS: Failure WSM - 07501 Oracle WSM Agent processRequest, category = security, function = agent.function.client, = null, composite application = null, modelObj = EVPQuery, political = oracle/wss_username_token_client_policy policyVersion = null, assertionName = {http://schemas.oracle.com/ws/2006/01/securitypolicy} username-wss-token.
oracle.wsm.common.sdk.WSMException: WSM-00015: the user name is missing.
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.sendRequest(WssUsernameTokenScenarioExecutor.java:219)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:545)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:608)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion (WSPolicyRuntime
...

The code is something like this:

Private Shared EVPQuery_Service eVPQuery_Service;

Public Shared Sub main (String [] args)
{
eVPQuery_Service = new EVPQuery_Service();
SecurityPolicyFeature [] = securityFeatures
new SecurityPolicyFeature [] {new SecurityPolicyFeature("oracle/wss_username_token_client_policy")};
EVPQuery eVPQuery = eVPQuery_Service.getEVPQuery (securityFeatures);
EVPPersonQueryCriteria crit = new EVPPersonQueryCriteria();
crit.setCnpNumber ("something");
crit.setCountyCD ("something");
Res EVPPersonQueryResult;
Add your code to call the desired methods.
try {}
RES = eVPQuery.queryPerson (written);
} catch (SableEVPQueryException e) {}
System.out.println (e.getMessage ());
}
}

I am looking for a solution pass the user name and the password for the web service.
I'm here after six hours of searching, so if my question is stupid, please forgive me.

Thank you
Hello

The chances are very slim that you will be able to get this to work since you don't really know how the service has been obtained.
But since you want to do a test with the user name token policy, you can try with the code below:
.
Public Shared Sub main (String [] args)
{
class1Service = new Class1Service();
SecurityPolicyFeature [] = securityFeatures
new SecurityPolicyFeature [] {new SecurityPolicyFeature("oracle/wss_username_token_client_policy")};
Class1, class1 = class1Service.getClass1Port (securityFeatures);
Add your code to call the desired methods.
Card reqContext = (class1) .getRequestContext ((BindingProvider));
reqContext.put (BindingProvider.USERNAME_PROPERTY,">" ");
reqContext.put (BindingProvider.PASSWORD_PROPERTY,">" ");
System.out.println (Class1.SayHello ("SecureCall"));

}

Thank you
Vishal

Via HTTPS Web service call

Hi all

I use Weblogic 9.2 with the default configuration of the keystore & SSL. The Web service client is generated using the 'Clientgen' Ant task, I can invoke Web service using http without problems, but when you use https, it is always rejected, basically I know not what system for the customer properties, here is my last desperate attempt:

System.setProperty("weblogic.webservice.verbose", "true");
System.setProperty("java.protocol.handler.pkgs", "weblogic.net");
System.setProperty("weblogic.security.SSL.trustedCAKeyStore", "config/DemoIdentity.jks");
System.setProperty("weblogic.security.SSL.ignoreHostnameVerification", "true");
System.setProperty("weblogic.security.SSL.TrustKeyStore", "DemoTrust");
System.setProperty("weblogic.webservice.client.ssl.strictcertchecking", "false");
System.setProperty("ssl.debug", "true");

PaymentGateway service = new PaymentGateway_Impl();
PaymentGatewayPort port = service.getPaymentGatewayPort();
Stub.class.cast(port)._setProperty(Stub.ENDPOINT_ADDRESS_PROPERTY, "https://192.168.56.3:7002/ws/PaymentGateway?WSDL");
Stub.class.cast(port)._setProperty(Stub.USERNAME_PROPERTY, "weblogic");
Stub.class.cast(port)._setProperty(Stub.PASSWORD_PROPERTY, "weblogic");

ISODocument isoDoc = new ISODocument();
isoDoc.setMti(new Integer(200));
port.balanceInquery(isoDoc);

And here is the exception that is thrown in the client:

Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Not in server, Certicom SSL license found
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacSHA1
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE Mac: SunJCE version 1.5 for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default Mac for algorithm HmacMD5
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Ignoring not supported JCE KeyAgreement: SunJCE version 1.5 for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm DiffieHellman
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Will use default KeyAgreement for algorithm ECDH
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DESede/CBC/NoPadding
Apr 16, 2010 8:18:14 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm DES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm AES/CBC/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RC4
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Using JCE Cipher: SunJCE version 1.5 for algorithm RSA/ECB/NoPadding
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSL Session TTL :90000
<!-------------------- REQUEST FROM CLIENT ---------------->
URL        :  https://192.168.56.3:7002/ws/PaymentGateway?WSDL
Headers    :
  Authorization: [Basic d2VibG9naWM6d2VibG9naWM=]
  SOAPAction: [""]
  Content-Type: [text/xml]

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><env:Header></env:Header><env:Body env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><m:balanceInquery xmlns:m="http://www.telkomsel.com/PaymentGateway"><iSODocument xmlns:n1="java:com.visitek.pgi.models" xsi:type="n1:ISODocument"><amount xsi:nil="true"></amount><audit_number href="#ID_2"></audit_number><bank_code xsi:type="xsd:string">000151</bank_code><currency_code href="#ID_2"></currency_code><data href="#ID_2"></data><encrypted_pin href="#ID_2"></encrypted_pin><expiration_date href="#ID_2"></expiration_date><institution_code href="#ID_2"></institution_code><institution_data xsi:type="xsd:string">62812006002616</institution_data><local_tracking_id xsi:type="xsd:string">080722163229082127.0.0.1:9595</local_tracking_id><mti xsi:type="xsd:int">200</mti><network_information_code xsi:type="xsd:short">0</network_information_code><original_data_element href="#ID_2"></original_data_element><pan_null_true xsi:type="xsd:string">yes</pan_null_true><pos_entry href="#ID_2"></pos_entry><primary_acc_number xsi:nil="true"></primary_acc_number><response_code href="#ID_2"></response_code><response_terminal_number href="#ID_2"></response_terminal_number><service_code xsi:type="xsd:int">6016</service_code><settlement_date href="#ID_2"></settlement_date><terminal_number href="#ID_2"></terminal_number><transaction_code xsi:type="xsd:int">380000</transaction_code><transaction_data href="#ID_2"></transaction_data><transaction_date href="#ID_2"></transaction_date><transaction_sequence href="#ID_2"></transaction_sequence><transaction_time href="#ID_2"></transaction_time><transaction_timestamp href="#ID_2"></transaction_timestamp></iSODocument></m:balanceInquery><xsd:string xsi:type="xsd:string" id="ID_2"></xsd:string></env:Body></env:Envelope>
<!-------------------- END REQUEST FROM CLIENT ------------>
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Trusted CA keystore: config/DemoIdentity.jks
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Filtering JSSE SSLSocket
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLIOContextTable.addContext(ctx): 24864323
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: SSLSocket will NOT be Muxing
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: write SSL_20_RECORD
Apr 16, 2010 8:18:15 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: ServerHello
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: isMuxerActivated: false
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 SSL3/TLS MAC
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: 25567987 received HANDSHAKE
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: HANDSHAKEMESSAGE: Certificate
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Cannot complete the certificate chain: No trusted cert found
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: Validating certificate 0 in the chain: Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA

Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE: validationCallback: validateErr = 16
Apr 16, 2010 8:18:16 PM weblogic.diagnostics.debug.DebugLogger debug
FINE:   cert[0] = Serial number: -151503846264256045339669576782538934945
Issuer:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=CertGenCAB
Subject:C=US, ST=MyState, L=MyTown, O=MyOrganization, OU=FOR TESTING ONLY, CN=paymentd
Not Valid Before:Wed Mar 12 15:39:27 GMT+07:00 2008
Not Valid After:Mon Mar 13 15:39:27 GMT+07:00 2023
Signature Algorithm:MD5withRSA

<Apr 16, 2010 8:18:16 PM GMT+07:00> <Warning> <Security> <BEA-090542> <Certificate chain received from 192.168.56.3 - 192.168.56.3 was not trusted causing SSL handshake failure. Check the certificate chain to determine if it should be trusted or not. If it should be trusted, then update the client trusted CA configuration to trust the CA certificate that signed the peer certificate chain. If you are connecting to a WLS server that is using demo certificates (the default WLS server behavior), and you want this client to trust demo certificates, then specify -Dweblogic.security.TrustKeyStore=DemoTrust on the command line for this client.> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Validation error = 16> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Certificate chain is untrusted> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <SSLTrustValidator returns: 16> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <Trust status (16):  CERT_CHAIN_UNTRUSTED> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
     at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
     at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
     at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
     at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
     at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
     at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
     at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
     at com.certicom.tls.record.WriteHandler.write(Unknown Source)
     at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
     at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
     at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
     at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
     at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:153)
     at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:367)
     at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
     at weblogic.net.http.HttpURLConnection.getHeaderField(HttpURLConnection.java:705)
     at java.net.URLConnection.getContentType(URLConnection.java:479)
     at weblogic.webservice.binding.http11.Http11ClientBinding.receive(Http11ClientBinding.java:230)
     at weblogic.webservice.core.handler.ClientHandler.handleResponse(ClientHandler.java:64)
     at weblogic.webservice.core.HandlerChainImpl.handleResponse(HandlerChainImpl.java:238)
     at weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:246)
     at weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:147)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:473)
     at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:459)
     at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:306)
     at com.visitek.pgi.client.PaymentGatewayPort_Stub.balanceInquery(PaymentGatewayPort_Stub.java:48)
     at com.visitek.test.pg.TestPGWebservice.testWebserviceSSLInvocation(TestPGWebservice.java:70)
     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
     at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
     at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
     at java.lang.reflect.Method.invoke(Method.java:585)
     at junit.framework.TestCase.runTest(TestCase.java:164)
     at junit.framework.TestCase.runBare(TestCase.java:130)
     at junit.framework.TestResult$1.protect(TestResult.java:106)
     at junit.framework.TestResult.runProtected(TestResult.java:124)
     at junit.framework.TestResult.run(TestResult.java:109)
     at junit.framework.TestCase.run(TestCase.java:120)
     at junit.framework.TestSuite.runTest(TestSuite.java:230)
     at junit.framework.TestSuite.run(TestSuite.java:225)
     at org.eclipse.jdt.internal.junit.runner.junit3.JUnit3TestReference.run(JUnit3TestReference.java:130)
     at org.eclipse.jdt.internal.junit.runner.TestExecution.run(TestExecution.java:38)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:467)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.runTests(RemoteTestRunner.java:683)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.run(RemoteTestRunner.java:390)
     at org.eclipse.jdt.internal.junit.runner.RemoteTestRunner.main(RemoteTestRunner.java:197)
>
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <write ALERT, offset = 0, length = 2> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <close(): 19097823> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1> 
<!-------------------- RESPONSE TO CLIENT --------------->
URL           : https://192.168.56.3:7002/ws/PaymentGateway?WSDL
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read(offset=0, length=8192)> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Debug> <SecuritySSL> <000000> <19097823 read returns -1> 
<Apr 16, 2010 8:18:16 PM GMT+07:00> <Info> <WebService> <BEA-220025> <Handler weblogic.webservice.core.handler.ClientHandler threw an exception from its handleResponse method. The exception was:
javax.xml.rpc.JAXRPCException: java.io.EOFException: Response contained no data.>

I'm completely extraneous to this thing HTTPS & SSL & I googled around only to find partial responses. My plan is to use a custom identity, but I first want to make sure that the use of the default work.

Any help would be greatly appreciated.

Kind regards

Setya

Hello

To call your web service via the SSL protocol, the simplest is to use only the following code snippet:
You used the threshold:
System.setProperty ("weblogic.security.SSL.trustedCAKeyStore", "* config/DemoIdentity.jks" *);

instead of DemoIdentity.jks, you provide the full path and the file name of the DemoTrust.jks file as below:

System.setProperty ("weblogic.security.SSL.trustedCAKeyStore", "* D:/wls103/wlserver_10.3/server/lib/DemoTrust.jks*");

Hope this will solve the problem.

Thank you
Sandeep

Data is encrypted for web service calls?

I wrote a small JME (J2ME) application for a BlackBerry handheld device. This application calls web services to accomplish its mission. I am using the advantage of the specifications of Web Services, J2ME (JSR 172) supported by Blackberry JDE 4.3 +. I use Java Wireless Toolkit 2.2 from Sun to generate stubs and other support classes. I am able to invoke web services and also get the correct answers to it.

After recalling some documents and websites, I understand that any communication that happens between your handheld and BES is encrypted (3DES or AES).

Is the question that I have, if the data between the computer pocket and BES/MDS previously described WebService invocation are also encrypted? I have a question to cause that communication here is initiated by the device.

Can someone please let me know the answers? Thanks in advance.

If you are using MDS: Yes. Between the MDS and the webservice: No.
If you use another link, as direct tcp, wifi etc.: No.

Secure Web Service call

Similar Questions

Maybe you are looking for