Archive Page 3

Using ADFBC REST Services in MAF

This article is presented in tutorial format and can be downloaded from here and sample application from here.

Installing Cloud Adapters

When JDeveloper 12.1.3 is installed, the Sales force adapter is shown and available by default but the other cloud adapters like Sales Cloud, Right Now, HCM Cloud etc.. will not be available. In this post, I will show how to install these adapters through patches provided by Oracle.

These integration adapters can be downloaded from here and available on top of 12.1.3.0.1 (BP1). Do download Oracle Cloud Adapters 12.1.3.0.1.

Installation:

  • Install Oracle SOA 12.1.3 using quick installer.
  • Apply p19707784 using OPatch  to bring it to BP1. Refer to this post for additional help on OPatch utility.
  • Unzip the above download and observe the following patches available.

patch

  • Apply p20680367* and p20780464* in same middleware home.
  • Create JDeveloper shortcut from below location and open to observe the cloud adapters Eloqua Adapter, Oracle HCM Cloud, Oracle RightNow and Oracle Sales Cloud available in Cloud section. You will get to see this section when you create new SOA or Service Bus Application.
       MW_HOME/jdeveloper/jdeveloper.exe

cloud

  • If you are not seeing these adapters, add –clean** option as shown below in your desktop shortcut and re-open JDeveloper.  

MW_HOME\jdeveloper\jdeveloper.exe -clean

* Always read the patch README files and follow the available instructions.

** I thank my colleague who helped me by providing this workaround.

ADF BC REST Services Articles

Sample application can be found here.

ADF BC REST Services–III – Using Row Finder

In this post, we will see how to use Row Finder in ADF BC REST services.

Open REST resource VO and create a View Criteria as shown below having 2 bind variables for Department name and Location ID.

vc

vc1

Go to Row Finders section and create new one with searhByDeptName.

rf0

Here we can observe that above VC is selected by default. In Variables section as shown below, we can also set whether bind variable is allowed to be passed in REST resource URL along with Required settings.

rf

Deploy the application and use any REST client to test GET method using the following urls. Observe the usage of row finder and bind variables.

Passing single bind variable:

http://localhost:7001/departmentApi/rest/r1/departments?finder=searchByDeptName;bindDeptName=A

Passing both bind variables:

http://localhost:7001/departmentApi/rest/r1/departments?finder=searchByDeptName;bindDeptName=A,bindLocId=1800

Now mark bindLocId variable as required and try to test without using it in the URL and you will observe the error as shown below.

error

Using Translate activity for XML to JSON

In this post, we will discuss about using Translate activity for converting XML to JSON. This is one of the functionalities I wanted to try since release of 12c as nxsd has been enhanced to handle JSON as well. So I tried this using BPEL in both 12.1.3 and 12.2.1 but found to be not working as expected. Hence I will just mention about approach to use Translate activity. And will show you how its working with File Adapter.

Create a BPEL process and drag Translate activity.

translate

trbpel

Click gear icon to define NXSD schema as per required JSON data.

native

Finish the wizard as shown below to create NXSD.

step1

step2

step3

step4

finish

Create BPEL variable varJson of NXSD complex type as shown below.

varjson

Create XSLT transformation to transform the input variable to varJson. For simplicity, we considered the NXSD structure almost similar to inputVariable.

xform

xform1

Now modify Translate activity by giving required values for all other fields.

translate2

Click OK. Now our BPEL process should look like below.

bpel

Deploy the composite and test to observe the following error.

input

error

Note: Please note that the issue has been fixed in latest releases of SOA suite as observed by readers.

However, the same XML to JSON translation is working as expected with File Adapter. Create file adapter using below screenshots using Write operation.

filestep1

filestep2

filestep3

filestep4

filestep5

filestep6

Now in BPEL process, create invoke activity to invoke the file adapter.

invokefilewrite

composite

Now create XSLT to transform inputVariable to inputFileWrite.

xformtofile

xform

Now deploy composite again and test using same input as above. Now  we will observe an output file in directory D as shown below.

ddir

json

You can find a sample project here having both of the cases discussed above.

ADF BC REST Services–II – Change Indicator

In ADF, often we see error saying ‘JBO-25014: Another user has changed the row with primary key oracle.jbo.Key’. The framework throws this error to make sure that none of the user changes are accidentally overwritten by another user and generally occurs when a user trying to modify record that has been just modified and committed by another user. In this post, we will see how to take care of this scenario using ADF BC REST services in context of HTTP PATCH.

ADF BC REST Services make use of attribute called changeIndicator  which can be observed in response of GET.

Follow the steps mentioned below to enable this in a resource:

  • EO should have an attribute marked as Change Indicator and set Track Change History as shown below.

ovn

  • Add this attribute in VO i.e to be exposed as REST resource.

ovnvo

Deploy your changes and issue GET to observe changeIndicator as below.

get

cin

for e.g. changeIndicator for department 10 (resource instance):

ACED0005737200136A6176612E7574696C2E41727261794C6973747881D21D99C7619D0300014900047
3697A65787000000001770400000001737200116A6176612E6C616E672E496E746567657212E2A0A4F7
81873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08
B02000078700000000178

Now update department 10 using following sql query to simulate the actual update.

update departments set department_name = ‘Administration-modified’, object_version_number = object_version_number+1
where department_id = 10

Issue GET again on same resource and observe the changeIndicator.

ACED0005737200136A6176612E7574696C2E41727261794C6973747881D21D99C7619D0300014900047
3697A65787000000001770400000001737200116A6176612E6C616E672E496E746567657212E2A0A4F7
81873802000149000576616C7565787200106A6176612E6C616E672E4E756D62657286AC951D0B94E08
B02000078700000000378

 

cin1

As observed above, the value of changeIndicator changes with each update and is calculated by RESTServlet registered in web.xml of RESTWebService project.

restsvlt

Here is an interesting observation and do issue issuing GET for department 10.

http://localhost:7001/departmentApi/rest/r1/departments/10

If we observe HTTP response headers, the value of ETag is same as that of changeIndicator. Hence changeIndicator works in similar lines of ETag defined in HTTP specification.

etag

Now let us observe the behavior of REST resource when  ETag is used for If-Match/If-None-Match HTTP headers during GET and PATCH. Basically these HTTP headers tells server to do requested operation when sent Etag value matches or did not match respectively.

Make sure you enclose ETag value with “ (double quotes) as shown below.

If-None-Match:

Using GET:

  • When resource is not modified, returns status code as 304.

getnonematch

  • When resource is modified, returns response with new changeIndicator value.

getnonematch1

Using PATCH:

  • When resource is not modified, returns response status code as 412.

patchnonematch

  • When the resource is not modified, then returns response with new changeIndicator value after update.

patchnonematch1

If-None-Match

Modified

Not Modified

GET

Status:200
(Query Successful)
Status: 304

PATCH

Status: 200
(Update Successful)
Status: 412

If-Match:

Using GET:

  • When resource is not modified, resource is returned.

getmatch1

  • When resource is modified, expected response status code is 304 but shows 200 with junk response.

getmatch3

Using PATCH:

  • When resource is not modified, returns response with new change Indicator value after update.

getmatch2

  • When resource is modified, expected response status code is 412 but shows 200 with junk response. However you will observe that the actual update is not happening though it returns 200.

patchmatch1

If-Match

Modified

Not Modified

GET

Status:304 Status:200
(Query Successful)

PATCH

Status:412 Status: 200
(Update Successful)

Note: As you observed above, ETag combination with If-Match header is not working as expected which is a bug in this release.

References:

http://docs.oracle.com/middleware/1221/adf/develop/GUID-589F3905-5A8D-402D-B2D2-3BEEB2D7DDD4.htm#ADFFD54158

ADF BC REST Services-I

In this blog post, We will see how to expose ADF VOs as REST resources. ADF has got native REST support in 12.2.1 release.

We will use Department, Employee VOs and following AM Data Model here.

vos

am

Creating Release Version:

Creating a release version in adf-config.xml is the first step to be done before exposing any of the AM VOs as resource. Use the following steps to create one and you can follow your own conventions for versioning REST resources. Here I  have given the initial version as r1.

relversion

rel1

relactive

Expose VO as REST resources:

Open AM and navigate to Web Service –> REST and Click + icon.

restampage

Creation of REST resources create a new project RESTWebService.jpr in our workspace that can be deployed as WAR through which these REST services get deployed.

restws

Give the resource name as shown below and click OK.

createrest

Observe the new RESTWebService project gets created.

restws1

Also observe other files related to REST resources that get created as shown below.

files

You can use the following tabs to choose the methods to be exposed and the attributes to be exposed to consumers.

attr

When a VO has View Links the Resource Structure will show all these VOs as shown below. Check these VOs as shown below if it has to be exposed as child resource.

restdetail

Deployment:

Modify context root of RESTWebService project as shown below representing the purpose of your REST API.

deptApi

Optionally, we can modify URL pattern in web.xml as shown below.

urlp

Integrated WLS:

Select RESTWebservice project and do Run on right click as shown below.

runintg

Standalone WLS:

Create EAR profile for ADF application and include RESTWebService project as shown below and deploy this EAR to standalone WLS.

ear

Once the deployment is done, you can access the REST resource using url like:

http://<<host>&gt;:<<port>>/<<ContextRoot>>/<<url pattern>>/<<version>>/<<resource name>>

For e.g.: http://localhost:7001/departmentApi/rest/r1/departments

We can also use latest keyword to access the latest version of the resource.

For e.g.: http://localhost:7001/departmentApi/rest/latest/departments

You can use any REST client to try out POST, DELETE, PUT, PATCH depending on the operations you exposed on REST resource.

Describing Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/describe

Describing Resource Instance – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/10/describe

 

Querying Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments

Querying a particular Department – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Creating Department – POST:

URI: http://localhost:7001/departmentApi/rest/r1/departments

Content-Type: application/vnd.oracle.adf.resourceitem+json

Body:

{
“DepartmentId”: 1000,
“DepartmentName”: “Administration”,
“ManagerId”: 200,
“LocationId”: 1700
}

Deleting a Department – DELETE:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Updating a Department – POST:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Content-Type: application/vnd.oracle.adf.resourceitem+json

X-HTTP-Method-Override: PATCH

Body: (contains only fields to be modified)

{
“DepartmentName”: “Administration-Modified”
}

Replacing a Department – PUT:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}

Content-Type: application/vnd.oracle.adf.resourceitem+json

Body: (Values not sent in body will be set to null)

{
“DepartmentId”:10,

“DepartmentName”: “Administration-Replace”,
“ManagerId”: 100
}

Querying Department for a few fields – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?fields=DepartmentName,ManagerId

Querying a Department using an attribute – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}?q=DepartmentName=Administration

Querying a Department for only Data – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?onlyData=true

Will not fetch any links or  metadata for resource instances in response.

Sorting Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?orderBy=DepartmentName:asc

URI: http://localhost:7001/departmentApi/rest/r1/departments?orderBy=DepartmentName: desc

Limiting the records in Querying Departments – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?limit=2

Fetches only 2 records.

Querying Departments from a particular record– GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?offset=2

Fetches only 2 records.

URI: http://localhost:7001/departmentApi/rest/r1/departments?offset=2&limit=5

Fetches 5 records starting from 2nd record.

Expanding a Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments?expand=Employee (Child Resource Name)

Querying Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee

Querying a particular Child Resource – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee/{Child Resource Id}

Querying a Child Resource using an attribute – GET:

URI: http://localhost:7001/departmentApi/rest/r1/departments/{id}/child/Employee?q=FirstName=Jennifer

References:

http://docs.oracle.com/middleware/1221/adf/develop/GUID-8F85F6FA-1A13-4111-BBDB-1195445CB630.htm#ADFFD589

http://docs.oracle.com/middleware/1221/adf/develop/GUID-589F3905-5A8D-402D-B2D2-3BEEB2D7DDD4.htm#ADFFD54082

MAF 2.1.2 to MAF 2.2 observations

Recently involved in activity of migrating MAF 2.1.2 application to MAF 2.2. Here in this blog post, I want to list down my quick observations of this. We have not used lot of advanced features of MAF in our application so the following list is not going to be exhaustive and at the same time, it will be different if you are doing migration from MAF 2.1.3.

  • Now the default Alta Skin version is 1.4, however we need to manually modify to this version in maf-config.xml for a migrated application.
  • AdfmfContainerUtilities.toggleSpringboard() APi is provided to toggle the spring board.
  • AdfmfJavaUtilities.getAdfELContext is deprecated and replaced by AdfmfJavaUtilities.getELContext.
  • The plugin-ids for core plugins Network Information, Camera and geo-location are changed to cordova-plugin-network-informationcordova-plugin-camera and cordova-plugin-geolocation respectively.
  • The options Include login server cookie in REST calls and Include basic authentication header in HTTP requests in Authorization tab of Login connection are no longer available.
  • Web Service Security Policies section came as new security section of maf-application.xml and we need to add OSWM policies oracle/http_cookie_client_ policy and oracle/wss_http_token_client_policy to imitate the 2 options listed above and this information is stored in new file wsm-assembly.xml found in .adf folder of application.
  • oracle/wss_http_token_client_policy policy is mandatory to be attached if you are making use of HTTP PATCH method in mobile application. This is one of the observations and may be required in another scenarios as well.
  • A new java.security file is added in resources/security folder containing security related properties where SSLv3 is disabled by default.
  • Android Back functionality is supported out of the box. The tag amx:systemActionBehavior can be used to override/add some functionality during back navigation.
  • We can achieve previous release back functionality using legacyBack tag in maf-config.xml.
  • Swipe  to Reveal design pattern is supported out of the box in ListView using amx:accessoryLayout.

I observed the following issues are resolved in MAF 2.2:

  • Now we can load multiple resource bundles in maf-feature.xml using loadBundle tag which was an issue in 2.1.2.
  • We can use the notation like #{resourceBundle[‘String.id’]} for labels and all in AMX pages. This was an issue in 2.1.2 because of ‘.’ in resource bundle key though it’s working from java code.
  • In 2.1.2, junk characters are shown in the response by RestServiceAdapter if the REST service returns an exception and is in Gzip format. This issue has been fixed in 2.2.

And I am still using a workaround for the following issues even after migrating to MAF 2.2:

  • Seeing inconsistency in behavior of Action property of command button/link. When throw AdfException is used in Action property binding code, the error is shown properly in android but not in iOS – Fixed in 2.2.1
  • When AdfmfJavaUtilities.overrideConnectionProperty is used to override ACS URL in connections, it’s not persisted on application relaunch, thus facing authorization issues – Fixed in 2.2.1

And I am still facing following new issues in MAF 2.2:

  • Range Change Listener with managed bean is not working for child collection in data control – Fixed in 2.2.1

OWSM 12c–Using WSS10 SAML Policies

In this post, we will see  the required setup for WSS10 SAML policies and we will use SOAP UI to demonstrate client side setup in brief and recommend to refer to previous post for detailed steps to create Outgoing Configuration at client side and server side keystore setup.

SAML Issuer Setup:

wsmdomain

samlissuer

wss10_saml_token_service_ policy:

Create an Outgoing Configuration with SAML Token as shown below.

samlconfig

SAML Token:

image_thumb

samlform

Attach Outgoing Configuration to request as shown below.

attachsaml

wss10_saml_token_with_message_integrity_service_ policy:

Requires both SAML Token and message body to be digitally signed, hence we need to modify above SAML token setup to consider signing and need to add separate Signature setup in Outgoing Configuration.

SAML Token modification:

Check Signed attribute and use the client side keystore and private key alias as shown below.

saml1

Add Signature setup in Outgoing Configuration as shown below.

samlsign

wss10_saml_token_with_message_protection_service_ policy:

Requires to  setup SAML Token, Timestamp, Signature and Encryption in Outgoing Configuration where as SAML Token, Timestamp and Body to be digitally signed and Body to be encrypted.

Timestamp:

tstamp1

tstamp

SAML Token:

  • SAML Verison: 1.1
  • Uncheck Signed
  • Assertion Type: Authentication
  • Confirmation Method: Sender Vouches
  • Issuer: www.oracle.com
  • Subject Name: <<username>>
  • Subject Qualifier: leave it blank

saml

saml1

Signature:

sig1

Encryption:

enc1

enc

Note: we should maintain the order Signature and Encryption in Outgoing Configuration as shown above.

Attach both Outgoing and Incoming configuration as shown below.

attachsaml

Sample SAML1.1 Assertion:

<saml1:Assertion AssertionID="_14F9EF7DC64266B61B144285601642823" IssueInstant="2015-09-21T17:20:16.428Z" Issuer="www.oracle.com" MajorVersion="1" MinorVersion="1" xsi:type="saml1:AssertionType" xmlns:saml1="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <saml1:Conditions NotBefore="2015-09-21T17:20:16.428Z" NotOnOrAfter="2015-09-21T17:25:16.428Z"/>
   <saml1:AuthenticationStatement AuthenticationInstant="2015-09-21T17:20:16.428Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password" xsi:type="saml1:AuthenticationStatementType">
      <saml1:Subject>
         <saml1:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">weblogic</saml1:NameIdentifier>
         <saml1:SubjectConfirmation>
            <saml1:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml1:ConfirmationMethod>
         </saml1:SubjectConfirmation>
      </saml1:Subject>
   </saml1:AuthenticationStatement>
</saml1:Assertion>

Notes:

  • With above setup, the request is returning error response when I used SOAP UI5.0.0 but working with SOAP UI 5.2.0. So I would recommend to use SOAP UI 5.2.0.
  • Observe that, we had added Assertion as one of the Parts in Signature setup. This is the only option working for Message Protection policy and it’s not working when signing setup is done in SAML Token by checking Signed.
  • In SOAP UI, i got the saying Error getting response for […]; null even with all this setup. Following solution is given here to resolve this issue.

    Replace the existing xmlsec-1.4.5.jar file in /lib folder with xmlsec-1.5.2.jar.

    Replace the existing wss4j-1.6.16.jar file in /lib folder with wss4j-1.6.2.jar.

wss10_saml20_token_service_ policy:

Required setup is similar to wss10_saml_token_service_ policy except that we have to use SAML Token version 2.0 as shown below.

saml2

Sample SAML2.0 Assertion:

<saml2:Assertion ID="_14F9EF7DC64266B61B144294396204152" IssueInstant="2015-09-22T17:46:02.041Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <saml2:Issuer>www.oracle.com</saml2:Issuer>
   <saml2:Subject>
      <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">weblogic</saml2:NameID>
      <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
   </saml2:Subject>
   <saml2:Conditions NotBefore="2015-09-22T17:46:02.041Z" NotOnOrAfter="2015-09-22T17:51:02.041Z"/>
   <saml2:AuthnStatement AuthnInstant="2015-09-22T17:46:02.041Z">
      <saml2:AuthnContext>
         <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
      </saml2:AuthnContext>
   </saml2:AuthnStatement>
</saml2:Assertion>

wss10_saml20_token_with_message_protection_service_ policy:

Required setup is similar to wss10_saml_token_with_message_protection_ service_ policy except that we have to use SAML Token V2.0 and have to add the following in Parts of Signature setup. Note the namespace change.

  • Assertion urn:oasis:names:tc:SAML:2.0:assertion

saml2ts

saml2

saml2sig

saml2enc

wss10_saml_token_with_message_protection_ski_basic256_service_policy:

Similar setup as OWSM policy wss10_saml_token_with_message_protection _ service_ policy except that different Key Encryption, Encoding algorithms and Key referencing mechanism.

Timestamp:

tstamp

SAML Token:

skitoken

Signature:

skisig

Encryption:

skienc

Note: When we use 256-bit encryption algorithm in SOAP UI, we are seeing the error java.security.InvalidKeyException: Illegal key size or default parameters’. This is because java does not support key sizes greater than 128 by default. To get rid of this error, we need to copy policy files local_policy.jar and US_export_policy.jar to %java_home%/jre/lib/security. The policy files can be downloaded using the following links depending on the JDK you use.

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 6

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 7 Download

Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files 8 Download

SOAP UI can either use your existing JDK installation or bundled JRE and this information can be found in <<SOAP UI Install Dir>>\bin\soapui.bat. If bundled JRE is used by SOAP UI then we need to copy above policy files to location <<SOAP UI Install Dir>>\jre\lib\security.

You can get the SOAP UI project and keystores used in this post over here.

OWSM 12c–Using Username Message Protection Policy

In this post, I will demonstrate required steps at both server and client side for the OWSM  policy oracle/wss10_username_with_message_protection_ server_policy. I will use SOAP UI to demonstrate the client side setup.

Server Side

Attach OWSM policy to service, here I will be using OSB Proxy Service for demo.

attachpolicy

This OWSM policy requires private keys to be generated at both server and client side. So create clientkeystore.jks for SOAP UI and osbkeystore.jks for server using commands below.

keytool -genkeypair -keyalg RSA -alias localclient -keystore clientkeystore.jks -storepass cljks123 -validity 360 -keysize 2048

keytool -genkeypair -keyalg RSA -alias localosb -keystore osbkeystore.jks -storepass osbjks123 -validity 360 -keysize 2048

Export the public certificate from each keystore using following commands.

keytool -exportcert -alias localclient -keystore clientkeystore.jks -file localclient.cer

keytool -exportcert -alias localosb –keystore osbkeystore.jks -file localosb.cer

Import the certificate into each other using following commands.

keytool -importcert -alias localclient -keystore osbkeystore.jks -file localclient.cer

keytool -importcert -alias localosb –keystore clientkeystore.jks -file localosb.cer

Now add these keys in oracle.wsm.security map using the following steps.

mapcred

mapkey

Create key keystore-csf-key as below.

kscsf

Also create other 2 keys enc-csf-key and sign-csf-key similar to above using the same alias  localosb.

keys

Now navigate to the WSM Domain Configuration as shown below to set the keystore and keys to be used by OWSM runtime.

wsmdomain

keyset

Client Side

The SOAP UI documentation has detailed information related to ws-security setup here so I will keep my description brief and readers are recommended to go through the given link.

Double click on SOAP UI project where we can specify ws-security setup.

ws-sec

Keystores:

Add clientkeystore.jks in Keystores tab and give the key store password as shown below. Status should be shown as OK implies that it’s a valid keystore.

keystore

Incoming WS-Security configuration:

Since clientkeystore.jks has required keys for both encryption and digital signature, we have to just select this keystore in Incoming Configuration as shown below.

incoming

Outgoing WS-Security configuration:

Add Outgoing Configuration with name OutConfig as shown below.

outgoing

Now we have to add the configuration for Timestamp, Username Token, Signature and Encryption in detail tabs of Outgoing Configuration as required.

  • Timestamp
    • Give 20000 as value for Time to live
    • Check Millisecond precision

tstamp1

tstamp

  • Username Token
    • Give Username and Password
    • Check Add Nonce and Add Created
    • Select Password Type as PasswordText

utoken1

utoken

sig1

sig

enc1

enc

Note: we should maintain the order Signature and Encryption in Outgoing Configuration as shown above.

Adding Outgoing/Incoming configuration:

addconfig

With all this setup in place, when I execute the request I was getting the error saying Error getting response for […]; null. Following is the solution given in one of the forum posts here. Note that, I was using SOAP UI 5.0.0.

Replace the existing xmlsec-1.4.5.jar file in /lib folder with xmlsec-1.5.2.jar.

Replace the existing wss4j-1.6.16.jar file in /lib folder with wss4j-1.6.2.jar.

Sample Request

request

Sample Response

response

Note: We also have another way of attaching Outgoing Configuration to the request as shown below by doing right click on request window. When we do this way, don’t select Format XML option on right click which is causing digital signature verification failure.So I always recommend the above mentioned way to attach Outgoing Configuration.

reqright

reqsig

Similarly, for OWSM policy oracle/wss_username_token_service_policy the above Username token setup is enough.

You can get the SOAP UI project and keystores used in this post over here.


Pages

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 379 other followers

Enter your email address to follow this blog and receive notifications of new posts by email.