The OSB distributed queue proxy configuration

I implemented a distributed WeblogicServer queue and I wonder how can I configure proxy OSB to consume her JMS messages. I have read the documentation on the Oracle website, and he told a group of distributed queues a bunch of local JMS queues in different servers which can be accesed through a JNDI name. This failover and load to provide balance to put in the queue of messages.
The BSO a JMS destination proxy is configured with the following URL: jms://server:port / destination. So if I have a distributed queue that maps to two JMS, what server and port servers do I set proxy URL? Do I need to configure two different agents and one for JMS server1 to server2 JMS?

Kind regards

CCI

For weblogic JMS, producer of message load balancing happens in 3 different places.

1. to search for initial context - it depends on the URI that you specify in the call for Initial context. for example if you specify t3: / / localhost:7002, localhost:7003, all research context occur on port 7002. Port 7003 is used only if 7002 is out of service. So this supports the failover instead of the load balancing. If you want the load balancer for executive search, then you must use a dns based address dns cluster where the name to a resolution address different every time.

2 - when a jms connection is created. The jms connection can be created with any managed server to which the connection factory caters to the. So, you can have your search for context on 7002, but real jms connection can get created on 7003. If the server affinity is enabled for the connection factory and then the jms connection will be created to the same server instance managed that in search of context that's happened.

3 - when a message send a producer is run. Send message can land on any member of the cluster dd if NLB is enabled. If the server affinity is enabled, then the message will end up on dd members on the same instance of the server to which the jms connection has been made. For example suppose you have your jms client application has a connection to jms on ms1 and product message ends up on top of ms2, then the following path would have been taken.

JMS client app - via jms---> ms1 - in-house connection transmits---> ms2 - message puts---> dd2

I recommend you read the chapter JMS the book professional Oracle Weblogic Server where it is explained clearly.

Tags: Fusion Middleware

Similar Questions

  • JMS Timestamp in a uniform distributed queue on Weblogic Console

    Dear Experts,

    I should need a clarification on how JMS Timestamp is valued in a uniform distributed queue. Let me explain better:

    I'll use the JMS timestamp to re - order the messages retrieved from the uniform distributed queue. East - reliable? How can I synchronize this JMS property to make sure it is not dependent on the physical machine where distributed uniforms are deployed a queue?

    Thank you very much
    Mike

    Hi Mike,.

    From your brief description it sounds to the AUP is a perfect fit. It is specifically designed to handle this use case and works in all conditions. The application must define a PUA on each message, in accordance with the documentation. See chapter of AUP of the programmer's guide:

    http://download.Oracle.com/docs/CD/E14571_01/Web.1111/e13727/uoo.htm#i1049853

    Tom

  • Configuration of Proxy Server on the OSB to manage SSL

    I have a client with a business on the OSB service that connects to an external service outside their network.

    This connection must go through the proxy server of the company because it is outside the network. This external service requires 1 - way ssl.

    Can someone provide clarification on how the OSB is supposed to interact with a proxy server when business URI is https?

    I configured a proxy server on OSB under System Administration > global resources > Proxy servers and together the details of the configuration on my service company to use the proxy server.

    I tried to set the ssl on the server proxy to 443 port, but the proxy server rejected the connection on this port.
    If I put just the clear text port to 3128, I get an error "socket closed".

    The customer seemed confused by the ssl port field. As a general rule, he sends all traffic on port 3128, he says.

    We have the certificate of the server that hosts the foreign service in our trust OSB store (but I doubt that the proxy server trusts - if that matters, I don't know).

    Does anyone have any experience with what can help out me?

    Possible reason could be ssl handshake failure... can you post here the complete trace of ssl handshake.

    You can try to use ssltap [http://www.mozilla.org/projects/security/pki/nss/tools/ssltap.html], which makes it easier to understand what is happening behind the scenes during the negotiation

  • Message Listener listens only 1 queue in the configuration of distributed queues!

    Hi guys,.

    This may be the wrong place for this post.

    We have created a system of e-mail with the OSB proxies come and messages between distributed queues. After all this messages autour brewing, the messages themselves in a distributed queue where a java client is waiting to pick up the results. Our problem is that it is only reading one of the queues in this queue distributed.

    The following is the code segment that wants the message with a specific id:
    public Message (String queueName, String messageId) receiveMessage throws {FrameworkException}
    BytesMessage, bytesMessage = null;
    If (null == queueSession) {}
    init();
    }
    try {}
    Queue receiveQueue = lookupQueue (queueName);
    QueueReceiver queueReceiver = null;
    Channel selector = null;
    If (null == messageId) {}
    queueReceiver = queueSession.createReceiver (receiveQueue);
    } else {}
    selector = "JMSCorrelationID = '" + messageId + "'";
    queueReceiver = queueSession.createReceiver (receiveQueue, selector);
    }

    bytesMessage (BytesMessage) = queueReceiver.receive ();
    queueReceiver.close ();
    } catch {...


    QueueReceiver.receive () will listen to all members in a distributed queue (spread over 2 servers managed in a cluster)?

    Thank you very much

    No.. Since you have a single consumer, he can listen to only one destination member.

    Is your java client to run in Server or an external client? If its operation in Server convert the client to an mdb.

    Since this one issue of jms, try to post in the forum of jms:
    WebLogic Server - JMS

  • Name of the queues, Instances of the Application, the appellants and this Proxy that I miss read from the help file?

    In a Word, I want to get a few clones of a vi a LabVIEW project reenterant.  Yes, I launch the Clones through CGRA and pass an integer in the clones to implement the queue named ("%d MyClone_")

    "Clones" seem to be the calling project.  The Hieriarchy view displays "Caller Proxy" for example "" MyReenterant.viACBRProxyCaller.<.int> ". And yet, NAMED to clone instances queues seem to have nothing to do with the clone named queues?

    SO how should I name a queue so that it can be passed in a specific clone of a vi that is part of the same project?

    Ah, your problem is that you use option 0 x 40, cloning pool, in addition to 0x80 for your ref VI open.   The reference you get is a reference to the clones, not a specific clone pool.  Thus, the clone of the real start is not the same as the clone that you place in the void Panel.   Change the options of REF VI open to only 0x80.  Then it works because each reference now points to the specific clone.

  • Adhoc activation of Proxy of the OSB for DB on election

    Hi guys,.

    How to enable the proxy of the OSB on an ad hoc basis in the amount of time that is out of the polling interval? Assume that if I have a proxy that queries DB for all 60 minutes for new records and if I have records within 30 minutes after the last polling cycle, how I invoke the proxy such that it queries immediately for new records.

    Please let me know.

    Hello

    I do not think that that is supported in OSB... If you modelled as a poller db you will have to wait for the next survey cycle... If you need this feature, you may need to rethink accordingly...

    See you soon,.

    Vlad

  • How to configure the SMTP server for the osb 10.3.1

    Hi all

    Anyone can share information on how to configure the SMTP server for the osb 10.3.1
    and then how to send an email to OSB 10.3.1

    Thanks in advance!

    See this url:
    https://blogs.Oracle.com/christomkins/entry/sending_an_email_from_oracle_s

  • Question about the OSB proxy service

    Hello

    I'm new to the world of SOA/OSB. I'm working on a POC from the OSB for our existing application. I have a question about the definition of the URL endpoint to the proxy service. It is possible to specify a generic url endpoint to a proxy service. Something like / SomeService / *. I tried and got errors. Is it possible to do somethig like that or it is a mistake on a conceptual level.

    Thank you

    anything you type in the uri of the endpoint of entry will be the contextroot to your service, so /SomeService should indeed be sufficient or as mentioned Pierluigi/SomeService/blabla is also valid (Betty is not a parameter query, but only a part of the contextroot)

    If you want to use a service like http rest

    / SomeService/blabla would still be the contextroot, and after that, you can use the query parameters

    / SomeService/badarou? var1 = test & var2 = test or/SomeService/blabla/employee/id/1

  • OSB - loads the URL resources using proxy

    Hi all

    How is - a force the OSB to use a proxy server when you use the option of loading resources of the URL?

    I am creating a resource of wsdl from a url, but the OSB has need to use a proxy to access the url.

    I tried to create a Proxy Server under system-> resources-> Proxy servers Administration, but I can't seem to find a place to use a proxy server?

    How boys and girls are so wsdl files a proxy?

    Thank you!

    William

    Wiliam,

    I faced the same issue in SOA Suite. I solved it by adding proxy.host & proxy.port params to java starts at parameters.

    Kind regards
    Milan

  • is there any function in the osb to generate a unique number in proxy

    is there any function in the osb to generate a unique number in proxy

    FN - bea: uuid()

    The function fn - bea: uuid() returns a universal unique identifier. The function has the following signature:

    FN - bea: uuid() as XS: String

    You can use this function in the pipeline of proxy to generate a unique identifier. You can insert the unique identifier that is generated in an XML document in the form of element. You are unable to generate a unique identifier to the system variable. You can use this to edit a message payload.

    For example, suppose you want to generate a unique identifier to add it to a message for follow-up purposes. You can use this function to generate a unique identifier. The function returns a string that you can add it to the SOAP header.

  • Can't get rid of a TX - message keeps appearing and being processed by the OSB

    I have a sort of a poison message or TX, I can't empty. Every 10 seconds, I get a message from journal like the second one below and the number of pending messages to several places and OSB proxy service processed messages keeps climbing--all this without producing new messages on my part I tried to delete the Bank to default server on the server managed OSB and storing files of the JMS server. No luck.

    When this first started happening, the error messages resemble the first below. Something I did caused the change, I guess. However, it's the same TX ID overall.

    So, first of all, how can I get rid of this thing? It makes me nuts and prevents me from closing on a VINE.

    Secondly, why is it happening? I have a suspicion - would it because we have configured somehow mutiple domains with the same name for a distributed application? It is not my habit but it happened. These areas do not communicate directly, but there are areas that need to communicate with both. So I think that the ambiguity of the name can be wrong us. Just a guess, if.

    In this case, the field of the sgosb proxy service (this domain name is unique) is receiving messages from a queue lies in the pega_domain to Singapore and another proxy service is put a message to another queue in the pega_domain in the United Kingdom. Is not in a single TX; the first proxy service forwards the message to a queue in the sgosb_domain, the second proxy service receives this message and puts it in the other pega_domain. It's a TX XA for each proxy service.

    Just to make it more fun, the sgosb_domain has another service of proxy read from a different queue and sent to a queue in the third pega_domain to the United States.

    DRM for any help or idea.

    Oh yes, the field of the OSB's WLS 10.3.4 while the pega_domains are WLS 10.3.2

    Original error message 
    ####<Apr 13, 2011 4:32:13 AM GMT> <Error> <EJB> <sg01app510> <sgosb_1> <[ACTIVE] ExecuteThread: '7' for queue: 'weblogic.kernel.Default (self-tuning)'>
<<anonymous>> <> <92f54a30d60e6302:-4b6d523c:12f4cfeaabc:-8000-0000000000000123> <1302669133597> <BEA-010026> <Exception occurred during commit of 
transaction Xid=BEA1-039B0B6D3D0E77C1B135(1898471720),Status=Rolled back. [Reason=Unknown],numRepliesOwedMe=0,numRepliesOwedOthers=0,seconds since 
begin=0,seconds left=600,XAServerResourceInfo[WLStore_pega_domain_ProcessEventJMS_Store_mgd1]=(ServerResourceInfo[WLStore_pega_domain_ProcessEventJMS_Store_mgd1]=
(state=new,assigned=none),xar=null,re-Registered = false),SCInfo[sgosb_domain+sgosb_1]=(state=rolledback),SCInfo[pega_domain+pega_1]=(state=rolledback),properties=
({}),OwnerTransactionManager=ServerTM[ServerCoordinatorDescriptor=(CoordinatorURL=sgosb_1+152.64.128.243:22110+sgosb_domain+t3+, XAResources={eis/tibjms/Topic,
WLStore_sgosb_domain_FileStore_auto_1, eis/aqjms/Queue, eis/wls/Queue, eis/tibjms/Queue, WLStore_sgosb_domain__WLS_sgosb_1, eis/AQ/aqSample, eis/aqjms/Topic,
eis/pramati/Queue, eis/sunmq/Queue, WLStore_sgosb_domain_WseeFileStore_auto_1, WLStore_sgosb_domain_MesssageForwardingJMS_Store_mgd1, 
WSATGatewayRM_sgosb_1_sgosb_domain, eis/jbossmq/Queue, eis/activemq/Queue, eis/fioranomq/Topic, eis/tibjmsDirect/Topic, eis/wls/Topic, 
eis/tibjmsDirect/Queue, eis/Apps/Apps, eis/webspheremq/Queue},NonXAResources={})],CoordinatorURL=pega_1+nj09mhm5078:22111+pega_domain+t3+):
javax.transaction.RollbackException: This transaction does not exist on the coordinating server.  It was probably rolled back and forgotten.
        at weblogic.rjvm.ResponseImpl.unmarshalReturn(ResponseImpl.java:234)
        at weblogic.rmi.internal.BasicRemoteRef.invoke(BasicRemoteRef.java:223)
        at weblogic.transaction.internal.CoordinatorImpl_1032_WLStub.commit(Unknown Source)
        at weblogic.transaction.internal.TransactionImpl$1.run(TransactionImpl.java:331)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
        at weblogic.transaction.internal.SecureAction.runAction(SecureAction.java:72)
        at weblogic.transaction.internal.TransactionImpl.commit(TransactionImpl.java:327)
        at weblogic.transaction.internal.ServerTransactionImpl.internalCommit(ServerTransactionImpl.java:252)
        at weblogic.transaction.internal.ServerTransactionImpl.commit(ServerTransactionImpl.java:239)
        at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:553)
        at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:424)
        at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:326)
        at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
        at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
        at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3821)
        at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
        at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
        at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
Caused by: javax.transaction.RollbackException: This transaction does not exist on the coordinating server.  It was probably rolled back and forgotten.
        at weblogic.transaction.internal.CoordinatorImpl.commit(CoordinatorImpl.java:94)
        at weblogic.transaction.internal.CoordinatorImpl_WLSkel.invoke(Unknown Source)
        at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
        at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
        at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
        at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
    The error message I receive now 
    ####<Apr 13, 2011 4:51:38 AM GMT> <Error> <EJB> <sg01app510> <sgosb_1> <[ACTIVE] ExecuteThread: '18' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> 
<92f54a30d60e6302:-42808c28:12f4d3173cb:-8000-0000000000000032> <1302670298730> <BEA-010026> <Exception occurred during commit of transaction 
Xid=BEA1-0011D0679BA5074B8E12(1930603846),Status=Rolled back. [Reason=javax.transaction.xa.XAException],numRepliesOwedMe=0,numRepliesOwedOthers=0,seconds since begin=0,seconds 
left=60,XAServerResourceInfo[WLStore_sgosb_domain_MesssageForwardingJMS_Store_mgd1]=(ServerResourceInfo[WLStore_sgosb_domain_MesssageForwardingJMS_Store_mgd1]=
(state=rolledback,assigned=sgosb_1),xar=WLStore_sgosb_domain_MesssageForwardingJMS_Store_mgd1239571724,re-Registered = 
false),XAServerResourceInfo[WLStore_pega_domain_ProcessEventJMS_Store_mgd1]=(ServerResourceInfo[WLStore_pega_domain_ProcessEventJMS_Store_mgd1]=
(state=rolledback,assigned=pega_1),xar=null,re-Registered = false),SCInfo[sgosb_domain+sgosb_1]=(state=rolledback),SCInfo[pega_domain+pega_1]=(state=rolledback),properties=
({}),OwnerTransactionManager=ServerTM[ServerCoordinatorDescriptor=(CoordinatorURL=sgosb_1+152.64.128.243:22110+sgosb_domain+t3+, XAResources={eis/tibjms/Topic, 
WLStore_sgosb_domain_FileStore_auto_1, eis/aqjms/Queue, eis/wls/Queue, eis/tibjms/Queue, WLStore_sgosb_domain__WLS_sgosb_1, eis/AQ/aqSample, eis/aqjms/Topic, eis/pramati/Queue, eis/sunmq
/Queue, WLStore_sgosb_domain_WseeFileStore_auto_1, WLStore_sgosb_domain_MesssageForwardingJMS_Store_mgd1, WSATGatewayRM_sgosb_1_sgosb_domain, eis/jbossmq/Queue, eis/activemq
/Queue, eis/fioranomq/Topic, eis/tibjmsDirect/Topic, eis/wls/Topic, eis/tibjmsDirect/Queue, eis/Apps/Apps, eis/webspheremq/Queue},NonXAResources=
{})],CoordinatorURL=sgosb_1+152.64.128.243:22110+sgosb_domain+t3+): weblogic.transaction.RollbackException: Unknown reason
        at weblogic.transaction.internal.TransactionImpl.throwRollbackException(TransactionImpl.java:1881)
        at weblogic.transaction.internal.ServerTransactionImpl.internalCommit(ServerTransactionImpl.java:345)
        at weblogic.transaction.internal.ServerTransactionImpl.commit(ServerTransactionImpl.java:239)
        at weblogic.ejb.container.internal.MDListener.execute(MDListener.java:553)
        at weblogic.ejb.container.internal.MDListener.transactionalOnMessage(MDListener.java:424)
        at weblogic.ejb.container.internal.MDListener.onMessage(MDListener.java:326)
        at weblogic.jms.client.JMSSession.onMessage(JMSSession.java:4659)
        at weblogic.jms.client.JMSSession.execute(JMSSession.java:4345)
        at weblogic.jms.client.JMSSession.executeMessage(JMSSession.java:3821)
        at weblogic.jms.client.JMSSession.access$000(JMSSession.java:115)
        at weblogic.jms.client.JMSSession$UseForRunnable.run(JMSSession.java:5170)
        at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:528)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:176)
Caused by: javax.transaction.xa.XAException
        at weblogic.store.gxa.internal.GXAResourceImpl.prepare(GXAResourceImpl.java:1227)
        at weblogic.transaction.internal.XAServerResourceInfo.prepare(XAServerResourceInfo.java:1295)
        at weblogic.transaction.internal.XAServerResourceInfo.prepare(XAServerResourceInfo.java:500)
        at weblogic.transaction.internal.ServerSCInfo.startPrepare(ServerSCInfo.java:380)
        at weblogic.transaction.internal.ServerTransactionImpl.localPrepare(ServerTransactionImpl.java:2593)
        at weblogic.transaction.internal.ServerTransactionImpl.localPrepare(ServerTransactionImpl.java:1321)
        at weblogic.transaction.internal.SubCoordinatorImpl.startPrepare(SubCoordinatorImpl.java:183)
        at weblogic.transaction.internal.CoordinatorImpl_WLSkel.invoke(Unknown Source)
        at weblogic.rmi.internal.BasicServerRef.invoke(BasicServerRef.java:589)
        at weblogic.rmi.internal.BasicServerRef$1.run(BasicServerRef.java:477)
        at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
        at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
        at weblogic.rmi.internal.BasicServerRef.handleRequest(BasicServerRef.java:473)
        at weblogic.rmi.internal.wls.WLSExecuteRequest.run(WLSExecuteRequest.java:118)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
.>
    Published by: SteveElkind on April 13, 2011 05:50

    I see these possibilities:

    -Cross over the security of the domain (like atheek1 mentioned).
    -Transaction timeouts are too short (I think that there is a default configurable large area, as well as the ability to define a basis of CMT or BMT. waiting periods)
    -Configuration has a duplicate name.

    It is not required to nominate every single store between areas, is not generally necessary to ensure that each JMS server is named unique (even if it can help in certain use cases).

    WebLogic requires the following when you work with several areas:

    -Each unique domain name.
    -Name of the each server wl unique, even if in different areas.
    -Name of the each server unique, even if jms in different areas (is usually not necessary - and not the problem in this case - but you should do it anyway).
    -Name each unique, even if saf agent in different areas (is usually not necessary - and not the problem in this case - but you should do it anyway).
    -Configure the security of the area.

    For a bit more details, see the "best practices" section of the JMS configuration edoc.

    Tom

    Published by: falls on April 13, 2011 09:33

    Published by: falls on April 13, 2011 09:35

  • JMS according to the messaging service and the OSB Service account

    Hi forum,

    I have a question about the service and the account of JMS Messaging Service.

    My OSB service:
    I created a service of OSB that JMS type
    configuration:
    General: email
    E-mail: Request Type: type of XML response: no
    Transport: JMS
    JMS transport: Destination queue. Type, account Service JMS:... (Browse)


    My requirement is to ensure security to the JMS proxy.
    I saw an option available in the JMS transport is JMS Service account.

    I don't have an idea on the use of service accounts in JMS.

    one can pls give idea about the JMS service account in JmS.How to ensure safety to jms proxy...
    If you have any documents pls share me


    Thank you and best regards,
    Krishna.

    In your weblogic console go to your JMS Modules > * JMSModule > * tail > roles > policies. Add a user to the queue. This user must exist in the field of security in the weblogic console.
    Create a service with the same user name password account and use it in your OSB to read or write to the queue.

  • Why the OSB is called stateless?

    Hi team,

    I often hear this "OSB is stateless and BPEL is dynamic," but never had an explanation for the same support. I went by this blog once again the same are mentioned here, but any theory about it Can I get some information as possible to this?

    Thanks in advance,

    Malcolm.

    Hi seb,

    I'll try to give you my explanation in this regard.

    The main difference between the two components of Oracle SOA Suite (OSB and SOA Infrastructure service engines) is that SOA Infrastructure, i.e. the BPEL service engine, mediator, business, Human Workflow rules widely uses the underlying database called Infrastructure SOA metadata store. For instance when you call a synchronous service developed in BPEL service engine BPEL and SOA infrastructure c a number of inserts in the base of SOA INFRASTRUCTURE. This process is also known as dehydration. Things get more complicated when we have an asynchronous service - then we have the two dehydration - storing the State of an application in the dehydration store (the store Infrastructure SOA metadata) and restore it later (rehydration) on the back of the State in the memory of the server for execution.

    However, the OSB does not such store of dehydration, i.e. OSB acts as a proxy that passes through (with some intermediate processing) to the demands of consumers of services to service producers.

    That is why the OSB is stateless (it does not store the intermediate state of executions application OSB) as opposed to SOA that stores the application States in the store of dehydration.

    There are some cases where a composite SOA application can be configured as stateless, which will prevent the SOA to store its State in the store of dehydration.

    Hope you find my useful and reasonable response!

    Kind regards

    A.

  • Filtering the access to the OSB proxies

    Hello

    Suppose you have 2 users X and Y and three different proxy services: 1, 2, and 3. I want that X can only access proxy 2 and Y only proxy 1 and 3. In addition, the entire communication should be in HTTPS.


    I did some research and I found two different methods:

    (1) configuration in the console of the OSB access of transport:

    But for some reason, it does not: every single request is rejected and no one can access the proxy.

    (2) using the certificates

      1. I tried using oracle/http_basic_auth_over_ssl_service_policy, but with this, I can't distinguish each service. For this reason, it is not feasible.
      2. A strategy using personalized. I'm not sure on this subject and how to write it.

    What is your opinion? What is the best option?

    Hi there user,

    You must use the OWSM strategy for:

    1. identify the user who calls the service (it could be, for example, the authentication policy for one user name)

    2. allow the user to access the service, i.e. authorization policy.

    In short, you need create a custom in GOSA combine strategy:

    1 HTTPs (possibly - you can use the transport/network encryption)

    2. identification of the user, e.g. the username token

    3 manage permissions - you have predefined patterns of assertion of strategy for this part.

    For more details, take a look at this - http://www.oracle.com//technetwork/middleware/webservices-manager/soa-component-role-authz-1555950.pdf.

    HTH,

    A.

  • Basic authentication for the OSB exposed as a Rest Service

    Hi all

    We expose OSB Service as a Rest Service to the customer. Need to add basic for the client authentication. In the HTTP transport Service proxy, we have enabled basic authentication. However, we do not know how to proceed. We want to take care of the authentication section in the BSO it itself, so what should be our next step for her? How to extract the authentication information for the request and where to add the check? Is there an easy way to integrate with authentication AD in OSB?

    Hello

    OSB will do authentication for you, no need to make something of yourself. Just move the radiobutton control to basic authentication. It uses the Weblogic domain in the to do. OSB will get the name of user and password of the authentication HTTP header property and validate it against weblogic. If weblogic confirms as a name of user and password valid, OSB running the proxy. Any valid user in weblogic will do, there is no authorization: so no way to limit to a specific user. This means that to connect to AD you must configure using Weblogic. In the field of weblogic, you can add any AD or any LDAP as authenticator.

    With the help of its also possible to validate on a particular user using the UserToken GOSA strategy. You can also use GOSA do BasicAuthentication by applying the specific policy. But GOSA only supports basic over SSL authentication, not simple basic authentication.

    By the way: for BA on a Business Service: you must create a ServiceAccount object with the specific user name password and assign to specific BusinessService. You can create a surveillance society by environment, each in a particular folder of dev/test/ACC/prod. Then use a customization file to switch between them.

    Kind regards
    Martian

Maybe you are looking for