Izaak de Hullu
(0 comments, 10 posts)
Izaak de Hullu is an architect SOA and Integration. Experience in mostly Java integration projects with products like OSB, Weblogic but also BPM/BPEL products like Oracle BPM en Cordys.
Posts by Izaak de Hullu
This blog will explain how you could abstract technology behind a service so your main process will be kept clean of all kind of technology pollution like exception handling, technology adapters and correlation. (more…)
In the previous post I explained how you can access the credential store and keystore using the configurations stored in the jsp-config.xml file. I also explained how you canÂ read assertion properties. I put this code inside my base class
CustomAssertion.java. This class has been repeated here below
[sourcecode language="java" collapse="true" autolinks="false"]
import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Properties;
import javax.xml.namespace.NamespaceContext; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory;
import oracle.wsm.common.sdk.IContext; import oracle.wsm.common.sdk.IMessageContext; import oracle.wsm.common.sdk.WSMException; import oracle.wsm.policy.model.IAssertion; import oracle.wsm.policy.model.IAssertionBindings; import oracle.wsm.policy.model.IProperty; import oracle.wsm.policy.model.impl.Config; import More >
With custom assertions you can create your own specific policies. There are a number of out-of-the box policy implementations already available implementing most of the common WS Security profiles and other non-security related policies like logging. If you want to create your own security policy one of the things you need is access to the credential store and keystore. There is some sample code on how to access the credential store. Unfortunately I could not find any sample code on how to access the keystore. In this blog I will show you how I implemented this using some of the available but not well documented Oracle utility classes. (more…)
In my last post I talked about using an out-of-the-box policy to sign your outgoing SOAP Message. Although it is not very well documented when you figure out how to configure the keystore and credential store it is quite simple to use. The problem is that the out-of-the-box policies need some tailoring before they can be used in the real world situations. Unfortunately I was only able to sign the entire body and not a specific element. What I needed was a more basic policy that only signs a specific element. So I needed to create a custom policy to do this. According to the documentation there is an API I can use, extend some classes and you can create your own policies. Simple, well in theory…
Image is copyrighted. Used with permission from DuraLabel.com
Since 11GR1 Oracle Web Service Manager (OWSM) has been integrated with the SOA Suite. This means you can easily attach web service policies for security and management to your SOA Suite artifacts. In this post I will explain how to attach a x509 client policy and do the configurationsÂ to get it actually working. This policy is the implementation of the OASIS Web Services Security X.509 Certificate Token Profile 1.1. (more…)
In my current project we just started creating BPEL 1.1 processes. Then SOA Suite 11gR1PS3 came along and gave use BPEL 2.0. As we are just in the early stages of development we decided to have a look at the impact of upgrading our already build BPEL 1.1 processes to version 2.0.
As there are no BPEL 2.0 upgrade tools we had basically two options. The first was to complete rebuild all our processes. Not a very good option to redo all the work. The second options was to manually upgrade the BPEL 1.1 definitions to 2.0. Expecting this to be less work we choose the second option.
The first step was to fool Jdeveloper into thinking a BPEL 1.1 process is actually BPEL 2.0.
1.Â Â Â Â Â Â In the BPEL source file I changed two namespaces: xmlns =â€http://schemas.xmlsoap.org/ws/2003/03/business-process/â€ into xmlns=â€http://docs.oasis-open.org/wsbpel/2.0/process/executableâ€ xmlns:xxx=â€http://docs.oasis-open.org/wsbpel/2.0/process/executableâ€Â into xmlns:bpel=”http://docs.oasis-open.org/wsbpel/2.0/process/executable”
2.Â Â Â Â Â Â In the composite.xmlÂ I added the version=â€2.0â€ attribute to the bpel component Â <component name=â€name bpel processâ€ More >