Tag Archives: weblogic

JAX-WS: Container level security on Weblogic

Sunday, 8 August, 2010 by Juan Lebrijo about SoapUI, Web Services, weblogic

In this post we are going to see how to secure a Web Service with basic HTTP Auth, in weblogic. We will base in a previous project where we created a very basic WS: Hello World.

In the Security Realm > MyRealm we have to create:

An user: user/12345678
A group: TutorialUser
Add the user to the group

In the Weblogic console as we see on the picture:

In web.xml we have to add the security confs needed (path, basic type,….):

   <!--
    SECURITY
    -->
    <security-constraint>
        <display-name>Regla01</display-name>
        <web-resource-collection>
            <web-resource-name>WSPOST</web-resource-name>
            <description>
            <url-pattern>/*</url-pattern>
            <http-method>POST</http-method>
        </description>
        <auth-constraint>
            <description>
            <role-name>TutorialUser</role-name>
        </description>
    </auth-constraint>
    <session-config>
        <session-timeout>5</session-timeout>
    </session-config>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myrealm</realm-name>
    </login-config>
    <security-role>
        <description>
        <role-name>TutorialUser</role-name>
    </description>
</security-role>
</web-resource-collection>
</security-constraint>

In weblogic.xml map the application role with server role (it is mandatory):

    <wls:security-role-assignment>
        <wls:role-name>TutorialUser</wls:role-name>
        <wls:principal-name>TutorialUser</wls:principal-name>
    </wls:security-role-assignment>

We can test with SoapUI creating a new WS project, with WSDL address (http://localhost:7001/wsc/HelloService?WSDL) and previous Weblogic credentials created:

JAX-WS: Seguridad a nivel de contenedor en Weblogic

Sunday, 8 August, 2010 by Juan Lebrijo about SoapUI, Web Services, weblogic

Para el post de hoy vamos a ver como se asegura un Servicio Web con HTTP Auth, básica, en Weblogic. Para ello nos podemos basar en un proyecto anterior en el que creamos un WS muy básico: Hello World.

En el Security Realm > MyRealm tenemos que crear:

Usuario: user/12345678
Grupo: TutorialUser
Añadir el usuario al grupo

En la consola de Weblogic, como vemos en la figura:

En el web.xml hay que añadir la configuración de seguridad pertinente (path, tipo básico,….):

   <!--
    SECURITY
    -->
    <security-constraint>
        <display-name>Regla01</display-name>
        <web-resource-collection>
            <web-resource-name>WSPOST</web-resource-name>
            <description />
            <url-pattern>/*</url-pattern>
            <http-method>POST</http-method>
        </web-resource-collection>
        <auth-constraint>
            <description/>
            <role-name>TutorialUser</role-name>
        </auth-constraint>
    </security-constraint>
    <session-config>
        <session-timeout>5</session-timeout>
    </session-config>
    <login-config>
        <auth-method>BASIC</auth-method>
        <realm-name>myrealm</realm-name>
    </login-config>
    <security-role>
        <description />
        <role-name>TutorialUser</role-name>
    </security-role>

Y en el weblogic.xml mapeamos con el rol (si no hacemos esto no funcionará):

    <wls:security-role-assignment>
        <wls:role-name>TutorialUser</wls:role-name>
        <wls:principal-name>TutorialUser</wls:principal-name>
    </wls:security-role-assignment>

Podemos probarlo con SoapUI creando un nuevo proyecto de WS, con la dirección del WSDL (http://localhost:7001/wsc/HelloService?WSDL) y las credenciales creadas en WebLogic anteriormente:

JAX-WS: Serving Web Services SOAP

Wednesday, 4 August, 2010 by Juan Lebrijo about Eclipse, spring, Web Services, weblogic

Today we will create a SOAP Web Service, based on LebrijoSchool project which we were making in early weeks over Oracle-Weblogic Architechture.

First of all is to add the Web Services facet. Right button > Properties … :

After, we will create the class from a Spring Service class. Right button > New > WebLogic Web Service for Spring Beans:

Choose the Service, and the methods that we want to publish as Web Service.

Finally put it in the logical package: lebrijo.school.webservices. And name it as “SchoolCertificatesWS”.

This is the code:

	@Autowired
	@Qualifier("RegistryService")
	private IRegistryService springServ;
 
	@WebMethod
	public Registry findRegistryById(java.lang.String id) throws Exception {
		return springServ.findRegistryById( id );
	}

We have a Weblogic client to test the WS, we can acces thru the URL http://localhost:7001/wls_utc/.