Posts tagged owsm
Review of Oracle Service Bus 11g Development Cookbook (Packt Publishing) by Edwin Biemond, Guido Schmutz, Eric Elzinga et. al.
3Recently I gained access to an electronic copy of the just released Oracle Service Bus 11g Development Cookbook, written by five authors – all experts on OSB and three personal acquaintances of mine. I was very interested in learning about the final result after hearing many intermediate comments during the writing process as well as reading the occasional remark on Twitter. Knowing Guido, Eric and Edwin and assuming the same expert level for the other two authors, I anticipated a very interesting read.
Below I will share my impressions from browsing through this solid 500+ page volume. Note: the homepage for the book can be found here: http://www.packtpub.com/oracle-service-bus-11g-development-cookbook/book .
OWSM Custom x509 Assertion – Part 2 – Creating outgoing client assertion
0In the previous post I explained how you can access the credential store and keystore using the configurations stored in the jsp-config.xml file. I also explained how you can read assertion properties. I put this code inside my base class CustomAssertion.java. This class has been repeated here below
[sourcecode language="java" collapse="true" autolinks="false"]
package nl.amis.custompolicy.simplex509;
import java.security.cert.X509Certificate;
import java.util.HashMap; import java.util.Iterator; import java.util.List; import java.util.Map; import java.util.Properties;
import javax.xml.namespace.NamespaceContext; import javax.xml.xpath.XPath; import javax.xml.xpath.XPathConstants; import javax.xml.xpath.XPathExpressionException; import javax.xml.xpath.XPathFactory;
import oracle.security.jps.service.credstore.CredentialStore;
import oracle.wsm.common.sdk.IContext; import oracle.wsm.common.sdk.IMessageContext; import oracle.wsm.common.sdk.WSMException; import oracle.wsm.policy.model.IAssertion; import oracle.wsm.policy.model.IAssertionBindings; import oracle.wsm.policy.model.IProperty; import oracle.wsm.policy.model.impl.Config; import More >
OWSM Custom Assertion – Part 1 – Setting up the basic structure
2With custom assertions you can create your own specific policies. There are a number of out-of-the box policy implementations already available implementing most of the common WS Security profiles and other non-security related policies like logging. If you want to create your own security policy one of the things you need is access to the credential store and keystore. There is some sample code on how to access the credential store. Unfortunately I could not find any sample code on how to access the keystore. In this blog I will show you how I implemented this using some of the available but not well documented Oracle utility classes. (more…)
OWSM Custom Policies – Still some sharp edges, so beware! don't cut yourself.
0In my last post I talked about using an out-of-the-box policy to sign your outgoing SOAP Message. Although it is not very well documented when you figure out how to configure the keystore and credential store it is quite simple to use. The problem is that the out-of-the-box policies need some tailoring before they can be used in the real world situations. Unfortunately I was only able to sign the entire body and not a specific element. What I needed was a more basic policy that only signs a specific element. So I needed to create a custom policy to do this. According to the documentation there is an API I can use, extend some classes and you can create your own policies. Simple, well in theory…
Â
Image is copyrighted. Used with permission from DuraLabel.com
Using OWSM x509 token client policy with OSB 11gR1 PS3
3Since 11GR1 Oracle Web Service Manager (OWSM) has been integrated with the SOA Suite. This means you can easily attach web service policies for security and management to your SOA Suite artifacts. In this post I will explain how to attach a x509 client policy and do the configurations to get it actually working. This policy is the implementation of the OASIS Web Services Security X.509 Certificate Token Profile 1.1. (more…)
Recent Comments