This article provides sample Webservice and Webservice Client for two way SSL. It also demonstrates the use of WLSSSLAdapter class to send certificates to the server. 1. Create a JWS with the following policy : Wssp1.2-2007-Https-ClientCertReq.xml package examples.webservices.security_jws; import weblogic.jws.WLHttpTransport; import
Continue readingCategory: Webservice
this category contains posts related to Webservice
Using RolesAllowed and SecurityRole annotations to secure Webservices on Weblogic
1. Write a JWS that uses the RolesAllowed and SecurityRole annotation package examples.webservices.security_jws; import weblogic.jws.WLHttpTransport; import weblogic.jws.Policies; import weblogic.jws.Policy; import javax.jws.WebService; import javax.jws.WebMethod; import javax.jws.soap.SOAPBinding; import weblogic.jws.security.RolesAllowed; import weblogic.jws.security.SecurityRole; @WebService(name="SecureHelloWorldPortType", serviceName="SecureHelloWorldService", targetNamespace="http://www.bea.com") @SOAPBinding(style=SOAPBinding.Style.DOCUMENT, use=SOAPBinding.Use.LITERAL, parameterStyle=SOAPBinding.ParameterStyle.WRAPPED) @WLHttpTransport(contextPath="SecureHelloWorldService", serviceUri="SecureHelloWorldService", portName="SecureHelloWorldServicePort") @RolesAllowed (
Continue readingHow to load webservices security policy from classpath
1) Add the following JAVA OPTION to the classpath -Dweblogic.wsee.policy.LoadFromClassPathEnabled=true 2) Write a simple policy. Encrypt.xml <?xml version="1.0"?> <wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wssp="http://www.bea.com/wls90/security/policy" > <wssp:Confidentiality> <wssp:KeyWrappingAlgorithm URI="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> <wssp:Target> <wssp:EncryptionAlgorithm URI="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> <wssp:MessageParts Dialect="http://schemas.xmlsoap.org/2002/12/wsse#part"> wsp:Body() </wssp:MessageParts> </wssp:Target> <wssp:KeyInfo/> </wssp:Confidentiality> </wsp:Policy> 3) Write a
Continue readingTesting secure webservice on Weblogic using SOAP UI
Create the certificates for the client using keytool and store it at a location. You can refer our articles on SSL to get more details on how to create keystores. Once the client keystore is created you need to do
Continue readingWebservice Security – WS-Trust and WS-SecureConversation an overview
Webservices “A Web Service is a system designed to support interoperable communication from machine to machine over a network. It includes an interface described in a machine-processable format (WSDL), and is typically conveyed using HTTP with XML serialization.” Webservices exist
Continue readingSecuring WebServices using Username / Password mechanism
Security is an important aspect of your application design. When the web services are deployed and accessed, you might like to restrict its accesses to particular set of users/ groups or any users of a particular role. Hence we specify
Continue readingCreating stand alone WebService Client from WSDL
The below post provides an implementation of a Java stand alone client for a sample Java WebService. All you need to know is the URL to its public contract file, or WSDL. Per-Requisites: A WSDL file, describing the WebService deployed
Continue readingWebService by Bottom Up approach using ant script
The JAX-WS allows you to implement a simple java class as a webservice by exposing its public methods as webservice operations. There are two programming approaches to develop a WebService. 1. Code-First This is a bottom-up, implementation-first strategy where
Continue readingWebServices in WebLogic
Web services are de facto standards in today’s internet world. They use XML-based standards and transport protocols to exchange data with clients. The below post gives a brief understanding of the webservices in WebLogic Service. Before moving on with a
Continue readingJMS Based Webservice on Weblogic Server
By default, client applications use HTTP/S as the connection protocol when invoking a WebLogic Web Service. You can, however, configure a WebLogic Web Service so that client applications can also use JMS as the transport when invoking the Web Service.When
Continue reading