Saturday, November 12, 2011

Invoking Secured Webservice client proxy code

Few setups needed to be done in WLS domain, to enable GPA.
Securing a Webservice producer
Save the below file in name gpa.py under $MW_HOME/oracle_common/common/bin

connect('weblogic','weblogic1','t3://localhost:7101')
beginRepositorySession()
createPolicySet('default-domain-ws-DefaultDomain','ws-service','Domain("*")')
attachPolicySetPolicy('oracle/wss_saml_or_username_token_service_policy')
validatePolicySet()
commitRepositorySession()
beginRepositorySession()
createPolicySet('default-domain-ws-client-DefaultDomain','ws-client','Domain("*")')
attachPolicySetPolicy('oracle/wss10_saml_token_client_policy')
validatePolicySet()
commitRepositorySession()
beginRepositorySession()
createPolicySet('default-domain-ws-connection-DefaultDomain','ws-connection','Domain("*")')
attachPolicySetPolicy('oracle/wss10_saml_token_client_policy')
validatePolicySet()
commitRepositorySession()
beginRepositorySession()
createPolicySet('default-domain-ws-callback-DefaultDomain','ws-callback','Domain("*")')
attachPolicySetPolicy('oracle/wss10_saml_token_client_policy')
validatePolicySet()
commitRepositorySession()
beginRepositorySession()
createPolicySet('soa-domain-sca-reference-fusion_domain','sca-reference','Domain("*")')
attachPolicySetPolicy('oracle/wss10_saml_token_client_policy')
validatePolicySet()
commitRepositorySession()
beginRepositorySession()
createPolicySet('soa-domain-sca-service-fusion_domain','sca-service','Domain("*")')
attachPolicySetPolicy('oracle/wss_saml_or_username_token_service_policy')
validatePolicySet()
commitRepositorySession()


Execute this gpa.py

$MW_HOME/oracle_common/common/bin/wlst.sh gpa.py


$MW_HOME/oracle_common/common/bin/wlst.sh
connect('weblogic','weblogic1','t3://localhost:7101')
createCred(map="oracle.wsm.security", key="keystore-csf-key", user="owsm", password="welcome1", desc="Keystore key")
createCred(map="oracle.wsm.security", key="enc-csf-key", user="orakey", password="welcome1", desc="Encryption key")
createCred(map="oracle.wsm.security", key="sign-csf-key", user="orakey", password="welcome1", desc="Signing key")
createCred(map="oracle.wsm.security", key="basic.credentials", user="weblogic", password="weblogic1", desc="User")


Assumming the Webservice producer App name is "ProducerApp"

$MW_HOME/oracle_common/common/bin/wlst.sh
connect('weblogic','weblogic1','t3://localhost:7101')
grantPermission(codeBaseURL="file:${common.components.home}/modules/oracle.wsm.agent.common_11.1.1/wsm-agent-core.jar",permClass="oracle.wsm.security.WSIdentityPermission",permTarget="resource=ProducerApp",permActions="assert")


Configuration from Client Side
create the Webservice client.(OSMGateWayAMService_Service)
2)-Add the policy "policy:oracle/wss10_saml_token_client_policy" to this client.
3)-Then , they have to create the ProxyClient,i.e oSMGateWayProxy

ProducerService_Service producer_Service =
new ProducerService_Service(new URL(wsdlUrl),
new QName(producer
producer));
SecurityPolicyFeature[] securityFeature = new SecurityPolicyFeature[] { new SecurityPolicyFeature("policy:oracle/wss10_saml_token_client_policy")};
ProducerService producerServiceProxy = producer_Service.getProducerServiceHttpPort(securityFeature);

5)-If you WONT attach this Client Policy, then while invocation, you get "SAML Indentity Assertion Error".

3 comments:

Anonymous said...

commander viagra prix viagra en pharmacie viagra viagra precio espana viagra costo viagra

Anonymous said...

cilias generic generic cialis 20 mg cialis generique cialis moins cher cialis tadalafil comprare cialis generico precio cialis

Anonymous said...

generic cialis 20 mg generic cialis cialis vente prix cialis 20 mg cialis senza ricetta generico cialis cialis cialis precio espana