Monday, September 06, 2010

Configure WS Policies in SOA Suite 11g

Create a new SOA Project in Jdeveloper








Make it a synchronous BPEL process



Now drag and drop an assign activity in between the receive and reply activity of bpel process and create a copy operation where in you copy the input variable to output variable.



So after that your bpel process should look something like this.




now go to the composite.xml and right click on the exposed service and choose configure WS policices



There are some predefined policies for web services,you can find it in following location


In our use case we will be using oracle/wss_username_token_service_policy as shown



this will enforce the user to pass the user and password while calling the web service.

Now save the project and deploy it to application server.

ONce deployed try to invoke the process.It will give an error


java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: InvalidSecurity : error in processing the WS-Security security header at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:575) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:381) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:298) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(AstValue.java:157) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53) at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183) at oracle.adf.view.rich.component.fragment.ContextSwitchingComponent$1.run(


in the console,it says error in processing the WS-Security security header

this issue occurs because we have implemented a security policy which forces us to use WSS username token to be passed as a header.

Now again try to invoke the bpel process providing the user and password as header
you will be able to get the result.




Similarly if we will use oracle/wss_http_token_service_policy as the security policy we will get error

java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: javax.xml.soap.SOAPException: javax.xml.soap.SOAPException: Bad response: 403 Forbidden at oracle.sysman.emas.model.wsmgt.WSTestModel.invokeOperation(WSTestModel.java:575) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:381) at oracle.sysman.emas.view.wsmgt.WSView.invokeOperation(WSView.java:298) at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:597) at com.sun.el.parser.AstValue.invoke(AstValue.java:157) at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283) at org.apache.myfaces.trinidadinternal.taglib.util.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:53) at org.apache.myfaces.trinidad.component.UIXComponentBase.broadcastToMethodBinding(UIXComponentBase.java:1245) at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:183)


we can again get rid of this issue this time by using http basic auth and providing the user id and passowrd similar to the way we have used wss username token.

No comments: