Monoj Roy

Ranch Hand
+ Follow
since Oct 10, 2007
Merit badge: grant badges
For More
Cows and Likes
Cows
Total received
In last 30 days
0
Forums and Threads

Recent posts by Monoj Roy

Hi ,
We are trying to comsume a JMS queue residing on a remote web sphere server from a local websphere server (7.0). It is working fine while the JMS queue and the MDB reside on the same server .In that case we have to mention the activation spec name of JMS queue in the Websphere binding properties of deployment descriptor of MDB but we are not sure how to configure the JNDI name (IP/host,port etc) for remote server in which JMS queue resides .
Can you please help us here .

Thanks
Monoj


I am getting following error .

A required message (body) part is not signed .

I have configured encription , Username and signature .Encription is working fine but signing is not working .



I took some time to go through some internet docs to configure WS-Security , I am trying to apply the security in Web Sphere application server and using RAD .Now I am getting following issue .


Business Need:
In our development project we have a mechanism to expose some master data as web service. We have to make this web service secure from following three points –

1. This service should be password protected. Username /password authentication.
2. The request and response XML need to be encrypted.
3. When this XML will travel through network no one could change it.

Our Approach:

We are trying to implement WS-Security here to get the above business need. I am getting following fault from soap UI




Environment
1. Tool- RAD -8.0.4
2. App Server- Web Sphere Application Server 7.0.0.13
3. WSDL-Java code generation -JAX-WS
4. Security Token formats –X.509
12 years ago
Thanks for your response and guidance .

In our Web service we have used JAX-WS and using RAD and Web sphere application server .Our Web service is in Top Down approach .

After I googled on WS-Security and specially after going through the URL
webpage I understand
We can implement this using WSS4J but still I need two more input to implement this .
1.I need to know what are the component I need to incorporate in my code to make it run for example we have to write handler,update deployment descriptor in server and may be something in client side as well .
2.How it is ensureing my web service will not be hacked if somebody get access to the request soap xml which actually contain password in its header .

12 years ago
We have developed a webservice and some of the third party out side our client network want to access those .We have to make sure that our Web service should invoked by the correct party .
We thought to create one encription function to encript the password provided by the consumer, now when even the correct party hit our service the password will be encripted send through header of the soap message . When the request comes to server end we decript the password and validate it .

For example lets say the password is p123 . Now client will incorporate some extra text with it lets say XYZ so it will send the password as p123XYZ ,we will make sure that no one know how to convert it to correct password p123 from p123XYZ because decription logic is known to server only . So once the password reaches at server we can apply the correct decription logic and take out the password .

Till now everything was fine . Now question is if somebody in the middle hacked the encripted password .Let say the client application wrongly send the soap XML to some third party and the third party just copied the encripted password and send to actual server .We are not able to understand wheather it is comming from the correct party or a party predending as actual client .

How we ensure that if this encripted password is send to any body but still that party will not be able to hit the web service .
12 years ago
Can we conclude this way that when we are looking up for the JNDI it calls a remote machine and when we call the home.create of the home object it also gives a remote call ?

I was trying to improve the performance of an EJB call . I want to understand how many remote call ejb client makes to get the actual object .
If following are a general steps then is it true that client call two time remote call at the time of look up and at the time of create ? Can any body explain this steps

InformerHome home= (InformerHome)ctx.lookup( "ejb/informer" );
Informer informer = home.create();



// get handle into the EJB naming directory
InitialContext ctx = new InitialContext();

// get hold of the object you want by name
InformerHome home= (InformerHome)ctx.lookup( "ejb/informer" );

// get reference to business interface from home interface
Informer informer = home.create();

// use the business interface
informer.getTheTime() ;

I tried with putting the file in WEB-INF/classes but no luck .
Can any help me where exactly I need to put this file so that the handler class that is secified in the xml will be get called .
@HandlerChain (file=http://localhost//../soapHandler.xml)
@HandlerChain (file=C:\..\WEBINF\classes\soapHandler.xml)
are above systex correct I tried both of them .



12 years ago
Thanks Jim for your response . I actually wanted to learn this concept of SOAPHandler using a simple step POC application .
By the way I googled a lot and find I need to create a xml file and need to give a reference of it in the Webservice using
@HandlerChain (file=http://localhost///soapHandler.xml)

I am using JAX-WS to generate the stubs but no luck ..My handler is not invoking ..
Please help .


12 years ago
Okay here is the problem in more detail .

I want to secure my web service using a userid and password .I do not want to pass the user id and password each time with the method .So I decided to pass this credential through soap header .
Now I have learned that I need to do it by some SOAPHandler and I need to explore here . Please help .
12 years ago
I have created one soap handler and a web service .


Now I want to understand how this will handler methods will be called , I mean what I have to do to call this handler so that header will be populated in the SOAP i/o XML?

At least I want to print the sysout .
Please help.
12 years ago

I have installed RAD 8.0.4 ,now I want to use Axis2 for web service . Ususally in ecllipse we get Axix2 preference in Windows-Preference -Web service-Axix2 preference
I am not able to see the same when I am opening the work bench in RAD .

Can anybody please suggest if I have to install anything (Please provide a link as well) or I need some configuration change to get the same.
I need to upload the Axis2 runtime and want to use it as we use it in the ecllipse .

Thanks in advance .
12 years ago
Can anybody please share me a dirrect link of any version of RAD that has inbuild WAS version 7.0.0.13 ?
I need any version of RAD but only constraints is I have to use WAS version 7.0.0.13 .

Thanks in advance .
12 years ago
I need to fetch the persion data along with all of its address and all of its contacts ,and this information is required for all the persion .

If I join all the tables then how do I separate all the address and contact information for all the persion ?

because at the end I need to create persion object and array of persion Object will be returned to consuming application .
14 years ago