Thursday, June 10, 2010

How to encrypt payloads in BPEL

We often come across a situation where in we want our payloads to be encrypted.
This is mostly required in case of a credit card where in you don't want the card number to be displayed in your audit trail,in that scenario we can you encryption of payloads.It can be done through owsm layer also but here we will see how to do it from the new feature added in SOA Suite 10.1.3.4.

We will be using the following document for the set up.


Desing
=========

Open up your jdeveloper 10.1.3.4 and create a new BPEL Process



Give it some logical name



Say next and Finish the creation of the Process.

Now drag and drop an assign activity in between and create a copy operation to copy the input variable to output variable.



Now if you will look in to the schema file created you will find you have an input element

element name="input" type="string"

Our purpose in this Tutorial is to encrypt the input payload.

For this we will select the .bpel process and go the structure tab of the BPEL process.

Select property and say create a property

Give the property name same as the input and make data type as string




So now you should see the property create as below.




Now choose the Property alias and click on create

make sure that in the property input is selected.

Now drill down till your payload comes and then in the query box click ctrl and space button to get the query automatically populated.Make sure it is till the input.Say ok and save the project





Now open up the wsdl file Encrypt.wsdl there you should have the following


xmlns:xsd="http://www.w3.org/2001/XMLSchema"

shcema included.

Again at the bottom

you should have following entry

<bpws:property name="ssn" type="xsd:string"
xmlns:pns1="http://xmlns.oracle.com/Encrypt"/>
<bpws:propertyAlias xmlns:pns1="http://xmlns.oracle.com/Encrypt"
propertyName="pns1:input"
xmlns:client="http://xmlns.oracle.com/Encrypt"
messageType="client:EncryptRequestMessage"
part="payload"
query="/client:EncryptProcessRequest/client:input"/>


Also in your BPEL.xml you should have following entry

<configurations>
<property name="encryptProperties" encryption="plaintext">{http://xmlns.oracle.com/Encrypt}input</property>
<property name="decryptProperties" encryption="plaintext">{http://xmlns.oracle.com/Encrypt}input</property>
</configurations>

Save those changes and deploy your project.Now once project is deployed invoke it with some data and check if it is encrypted or not.

For my case it is encrypted and shows the following




Here in my tes process i have used both encrypt and decrypt properties in my BPEL Process which is not required.We need to use only the encrypt properties

<configurations>
<property name="encryptProperties" encryption="plaintext">{http://xmlns.oracle.com/Encrypt}input</property>

in our bpel.xml to encrypt the payload.
Similary if you want to decrypt it you can use the same steps to create a process and decrypt the values using decrypt properties in the bpel.xml file.


Again name space used in definition of property and property alias should be same as the target namespace of the process to make it work.If you change the namespace then you have to change all the namespace in relation to that,better stick to the sample i have provided and let me know if any issue occurs.

20 comments:

Anonymous said...

Sрot on with this ԝrite-up, I seriously believe this website needs a lot more attention. I'll probably
be returning to гead through more, thanks for the information!
this website : How To Password Prⲟtect Ϝolder In Less Than Ϝive Minutes Using These
Amazing Tools

Anonymous said...

After looking over a handful of the blog posts on your web page,
I honestly like your technique of writing a blog.
I saved it to my bookmark website list and will be checking back
in the near future. Please visit my web site as well and let me know what you
think.

Anonymous said...

You have made some good points there. I checked on the net to
find out more about the issue and found most people will go along with
your views on this website.

Anonymous said...

Its such as you read my mind! You seem to know a lot approximately this,
like you wrote the e-book in it or something. I feel that you just could
do with a few p.c. to drive the message home a bit, but instead of that, that is excellent blog.
A fantastic read. I'll certainly be back.

Anonymous said...

Hello, yup this paragraph is really fastidious and I have learned lot of
things from it regarding blogging. thanks.

Anonymous said...

Greetings! This is my 1st comment here so I just wanted to give a quick shout out and tell
you I truly enjoy reading through your articles.
Can you suggest any other blogs/websites/forums that cover the same subjects?
Thanks a lot!

Anonymous said...

Wonderful items from you, man. I've take into accout your
stuff prior to and you are just extremely fantastic. I really
like what you've obtained here, certainly like what you're stating and the way in which through which you are saying it.
You are making it enjoyable and you continue to care for to keep it sensible.
I can't wait to read much more from you. This is really a great web site.

Anonymous said...

Pretty section of content. I just stumbled upon your weblog and in accession capital to assert that I get in fact enjoyed account your blog posts.

Anyway I will be subscribing to your feeds and even I achievement you access consistently fast.

Anonymous said...

Just desire to say your article is as surprising.
The clarity on your post is simply spectacular and i could think
you are an expert in this subject. Well together with your permission allow me to seize your feed to keep updated with approaching post.
Thanks a million and please carry on the rewarding work.

Anonymous said...

Howdy I am so grateful I found your web site, I really found you by error, while I was searching on Aol for something else,
Nonetheless I am here now and would just like to say thanks a lot for a fantastic
post and a all round entertaining blog (I also love the theme/design), I
don't have time to go through it all at the moment but I have book-marked it and also added your
RSS feeds, so when I have time I will be back to read much more, Please do
keep up the awesome job.

Anonymous said...

Thanks for sharing your info. I really appreciate your
efforts and I will be waiting for your next post thanks once again.

Anonymous said...

I like what you guys are usually up too. Such clever work and exposure!

Keep up the good works guys I've incorporated you guys to our blogroll.

Anonymous said...

I always spent my half an hour to read this website's content daily along with a mug of coffee.

Anonymous said...

Good information. Lucky me I came across your blog by accident (stumbleupon).

I've book-marked it for later!

Anonymous said...

You actually make it seem so easy with your presentation but I find this matter to be really something that I think I would
never understand. It seems too complex and extremely broad for me.

I'm looking forward for your next post, I will try to get the hang of it!

Anonymous said...

I'm amazed, I have to admit. Seldom do I come across a
blog that's both equally educative and engaging, and let me tell you, you've hit the nail
on the head. The problem is something which too few people are
speaking intelligently about. I am very happy I found this during my search for something regarding this.

Anonymous said...

I simply couldn't depart your site prior to suggesting that
I extremely enjoyed the usual information an individual supply to
your visitors? Is going to be again incessantly in order to check out new posts

Anonymous said...

Greetings I am so happy I found your site, I really found you by
error, while I was looking on Google for something else, Regardless I am here now and would just like to say thanks for a tremendous post and a all round exciting
blog (I also love the theme/design), I don't have time
to look over it all at the moment but I have
book-marked it and also added your RSS feeds, so when I have time I will be back to read much
more, Please do keep up the fantastic work.

Ravi said...

I am trying to configure this in 12c and it is not working as expected. Iam trying to encrypt one of the fields in payload , where i am setting the value for that field inside the composite and passing it as input to invoke the service. can you please Guide me through the steps for doing that. I am seeing the below exception right now.

Error(408): Element 'configurations' not expected

Ravi said...



Error(408): Element 'configurations' not expected