Hi ,

Let me give you the back ground of the issue.
We have some web services running on Weblogic 10.3.1. All the client services are routed through OSB(Oracle Service Bus 10.3.1), it uses native Auth.xml as policy file and plain username/password authenticating.
The problem is that client side systems are upgraded to to Weblogic 10.3.2 and now when they are trying to access the web services through OSB they are getting the below exception. weblogic.wsee.ws.init.WsDeploymentException: The WebLogic Server 9.x-style policy is not supported in JAX-WS web services

The Limitations:
1. Services proxy can't be movied to 10.3.2 (OSB) as it might take lot of time and effort.
2. We can't mute the authentication
3. Oracle-Weblogic doen't have straightforward fix, they want us to move to 10.3.2.

Work Around Provided By Oracle:

They have given us the below solution which will work fine with pure java web services but not for Spring based web services. It is like uploading server side policy file on to client side programatically so that it will overwrite the latest policies on the client side.

You can use Wssp1.2-2007-Https-UsernameToken-Plain.xml or
Wssp1.2-2007-Https-UsernameToken-Digest.xml. Https is required for plain
password. For digest, you can remove the TransportBinding.



ClientPolicyFeature feature = new ClientPolicyFeature();
InputStream [] inputPolicies = new InputStream[1];
inputPolicies[0] = this.getClass().getResourceAsStream("policy.xml");
feature.setEffectivePolicyForInputMessage( new
InputStreamPolicySource(inputPolicies));
port = service.getXXXPort(feature);

<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
>
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken

sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:HashPassword/>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>
=============================

Now, I am trying to load the policy using the below Interceptor, but I am getting the below error message

cvc-elt.1: Cannot find the declaration of element 'wsp:Policy'

The configuration is as below.



<bean id="wsSecurityInterceptor"
class="org.springframework.ws.soap.security.xwss.XwsSecur ityInterceptor">
<property name="policyConfiguration" value="classpath:com/..../policies/Wssp1.2-2007-Https-UsernameToken-Plain.xml"/>
<property name="callbackHandler">
<bean class="org.springframework.ws.soap.security.xwss.callback .MockValidationCallbackHandler" />
</property>
</bean>

The policy file is as below.


<?xml version="1.0"?>
<wsp:Policy
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>

could any one help us where is could be the problem. Thanks.

I think you may have posted this to the wrong forum. This is for Grails-specific questions.

Thanks for the reply.

ok, could you suggest me if I am loading the policy file using spring interceptor correctly.

Thanks for the reply.

ok, could you suggest me if I am loading the policy file using spring interceptor correctly.

Hi,

Though it is Oracle Service Bus And Web Logic Versioning Issue. There is work around , if it is pure Java implementation of web services.

But when we have spring framework we have some limitations. There below example will give us the how to apply the work around with Spring framework.

Overwrite public void prepare() JaxWsPortClientInterceptor, because Spring with this version didn't directly exposed a method for setting web services features. There is JIRA on this and same is been available in the latest versions.



package com.xxxxx.wssecurity;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;

import org.springframework.context.support.ClassPathXmlAp plicationContext;
import org.springframework.core.io.Resource;

import weblogic.jws.jaxws.ClientPolicyFeature;
import weblogic.jws.jaxws.policy.InputStreamPolicySource;
import weblogic.wsee.security.unt.ClientUNTCredentialProv ider;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvide r;


public class WsSecurityJaxWsPortProxyFactoryBean extends
JaxWsPortClientInterceptor {
private static final GseLog logger = GseLogFactory
.getLog(WsSecurityJaxWsPortProxyFactoryBean.class) ;

private QName portQName;

/**
* @return the portStub
*/
public Object getPortStub() {
return portStub;
}

private Object portStub;

@SuppressWarnings("unchecked")
public void prepare() {

ClientPolicyFeature clientPolicyFeature = new ClientPolicyFeature();
ClassPathXmlApplicationContext classPathXmlApplicationContext = new ClassPathXmlApplicationContext();
Resource res = classPathXmlApplicationContext
.getResource("/customPolicy.xml");

InputStreamPolicySource policySource = null;
try {
policySource = new InputStreamPolicySource(res.getInputStream());
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
clientPolicyFeature.setEffectivePolicyForInputMess age(policySource);
if (getServiceInterface() == null) {
throw new IllegalArgumentException(
"Property 'serviceInterface' is required");
}
Service serviceToUse = getJaxWsService();
if (serviceToUse == null) {
serviceToUse = createJaxWsService();
}
this.portQName = getQName(getPortName() != null ? getPortName()
: getServiceInterface().getName());
Object stub = (getPortName() != null ? serviceToUse.getPort(
this.portQName, getServiceInterface(), clientPolicyFeature)
: serviceToUse.getPort(getServiceInterface(),
clientPolicyFeature));

preparePortStub(stub);

List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();
String username = "eceeadmin2";
String password = "welcome1";

try {
// For Authenticated services pass in login username and password
Map<?, ?> credentialMap = (Map<?, ?>) ExternalSpringApplicationContext
.getBean("xxxx-service-credentials");
username = (String) credentialMap.get("xxx-username");
password = (String) credentialMap.get("xxx-password");
} catch (Exception e) {
logger.error("Ignore this error if thrown during server restart or deployment ", e);
}
CredentialProvider cp = new ClientUNTCredentialProvider(username
.getBytes(), password.getBytes());
credProviders.add(cp);
Map<String, Object> rc = ((BindingProvider) stub).getRequestContext();
rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
this.portStub = stub;
}

}



User the below Custom policy file.



<?xml version="1.0"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" >
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>

Got the work around to make it work with Spring framework

here the details.

We have to overwrite prepare() method of JaxWsPortClientInterceptor and a custom file will solve this versioning issue.

Basically the problem is between Oracle Service Bus & Web Logic but we found a work around for the pure webservices with java projects. Since our work environment is with Spring framework we were bent to find a work around here also.


package com.xxxxx.wssecurity;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;
import java.util.Map;

import javax.xml.namespace.QName;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.Service;

import org.springframework.context.support.ClassPathXmlAp plicationContext;
import org.springframework.core.io.Resource;

import weblogic.jws.jaxws.ClientPolicyFeature;
import weblogic.jws.jaxws.policy.InputStreamPolicySource;
import weblogic.wsee.security.unt.ClientUNTCredentialProv ider;
import weblogic.xml.crypto.wss.WSSecurityContext;
import weblogic.xml.crypto.wss.provider.CredentialProvide r;


public class WsSecurityJaxWsPortProxyFactoryBean extends
JaxWsPortClientInterceptor {
private static final GseLog logger = GseLogFactory
.getLog(WsSecurityJaxWsPortProxyFactoryBean.class) ;

private QName portQName;

/**
* @return the portStub
*/
public Object getPortStub() {
return portStub;
}

private Object portStub;

@SuppressWarnings("unchecked")
public void prepare() {

ClientPolicyFeature clientPolicyFeature = new ClientPolicyFeature();
ClassPathXmlApplicationContext classPathXmlApplicationContext = new ClassPathXmlApplicationContext();
Resource res = classPathXmlApplicationContext
.getResource("/customPolicy.xml");

InputStreamPolicySource policySource = null;
try {
policySource = new InputStreamPolicySource(res.getInputStream());
} catch (FileNotFoundException e) {
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
clientPolicyFeature.setEffectivePolicyForInputMess age(policySource);
if (getServiceInterface() == null) {
throw new IllegalArgumentException(
"Property 'serviceInterface' is required");
}
Service serviceToUse = getJaxWsService();
if (serviceToUse == null) {
serviceToUse = createJaxWsService();
}
this.portQName = getQName(getPortName() != null ? getPortName()
: getServiceInterface().getName());
Object stub = (getPortName() != null ? serviceToUse.getPort(
this.portQName, getServiceInterface(), clientPolicyFeature)
: serviceToUse.getPort(getServiceInterface(),
clientPolicyFeature));

preparePortStub(stub);

List<CredentialProvider> credProviders = new ArrayList<CredentialProvider>();
String username = "eceeadmin2";
String password = "welcome1";

try {
// For Authenticated services pass in login username and password
Map<?, ?> credentialMap = (Map<?, ?>) ExternalSpringApplicationContext
.getBean("xxxx-service-credentials");
username = (String) credentialMap.get("xxx-username");
password = (String) credentialMap.get("xxx-password");
} catch (Exception e) {
logger.error("Ignore this error if thrown during server restart or deployment ", e);
}
CredentialProvider cp = new ClientUNTCredentialProvider(username
.getBytes(), password.getBytes());
credProviders.add(cp);
Map<String, Object> rc = ((BindingProvider) stub).getRequestContext();
rc.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
this.portStub = stub;
}

}



policy file



<?xml version="1.0"?>
<wsp:Policy xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" >
<sp:SupportingTokens>
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:Policy>

Hello

Why you guys are not publishing the solution ? You don't know and when we found ourselves, you guys don't allow to publish.

As Peter said, this is a Grails forum and you don't appear to be using Grails. If you post your question at a forum that has something to do with what you're trying to work on, you'll probably get assistance there.

Sorry for the confusion, I will post it on the right place. Thanks.

Hi Peter,

I have posted this information at right place. If you want you can remove this thread. Thanks.