Tuesday, July 21, 2020

12c SOA - BPEL dynamic XSLT

Here we will see how to do dynamic XSLT that means to dynamically choose an xslt to execute on runtime.

Logical steps:
  • Create a DVM for instance that contains a column on which you want to select, and a second column that lists the particular xslt to be executed.
  • Then create string variable 'varXSLT' and an assign before the transformation, in which you do an assign using the LookupDVM() to translate the selection code to the actual xslt file with the varXSLT variable as target.
  • From the source view move the copy rule of the transformation to the assign with the LookupDVM() function or in a different assign, remove the transformation activity. In the expression builder replace the reference to the xslt with the varXSLT variable. 
  • Use ora:processXSLT() function instead of using ora:doXSLTransformForDoc(). If you use ora:doXSLTransformForDoc() function, it will not allow you to map/use this varXSLT variable as it needs a string literal as input value.
  • Later, you can move the xsl files to MDS and use the oramds xpath to use the MDS reference xsl files dynamically. This way if you need to change anything in the xsl file , just change in MDS and no need to change in composite itself.

Note: If you create a transformation activity in BPEL, choose the sources and targets, create the xslt etc. then if you go to the source view, you will discover that it is actually an assign activity. The execution of the xslt is done through an xpath expression that references the particular xslt file.

 Implementation steps:

Create a SOA project.




Create a XSD



<?xml version="1.0" encoding="windows-1252" ?>

<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://www.example.org"

            targetNamespace="http://www.example.org" elementFormDefault="qualified">

  <xsd:element name="OrderRequest">

    <xsd:complexType>

      <xsd:sequence>

        <xsd:element name="OrderId" type="xsd:string"/>

        <xsd:element name="OrderType" type="xsd:string"/>

      </xsd:sequence>

    </xsd:complexType>

  </xsd:element>

    <xsd:element name="OrderResponse">

    <xsd:complexType>

      <xsd:sequence>

        <xsd:element name="Status" type="xsd:string"/>

      </xsd:sequence>

    </xsd:complexType>

  </xsd:element>

</xsd:schema>

Use this schema and create a Syn BPEL



Create a DVM

here i added two rows containing 2 xsl files.

Create a Variable varXSLT
Take a assign and Use dvm:lookupValue() function to fetch teh xsl names based on the orderType.
Take a Transformation activity and create 2 xslt files as defined in the dvm.


XSLT1
XSLT2

Use ora:processXSLT() instead of using ora:doXSLTransformForDoc() functions.


Testing:



We can push the xsl files to MDS and use them dynamically from MDS too.
First i have kept the xsl files in the SOA design time repository local files,
Publish the files to MDS



Use the oramds path to the ora:processXSLT() function like this and it works.

Monday, July 6, 2020

Web Services Security at Transport Level and Message Level

There are two ways with which we can ensure security with Web Services:

Transport level security, such as HTTP Basic/Digest and SSL/TLS, is the usual "first line of defence", as securing the transport mechanism itself makes Web services inherently secure.  The trade-off is transport dependency (Web services are more tightly coupled to the network transport layer).

Authentication
The basic authentication scheme is by passing the credentials (userid & password) in the http header. This can be improved using password digest: the credentials are hashed (so that the attacker can not read the password) & using nonce (to prevent reply attack)

SSL
Certificates can be used for authentication, encryption and signature (non repudiation)

How
by setting in the web server (e.g. Weblogic, Apache, Tomcat): basically enabling the https listening port and register the location of keystore/certificates.

Message level security, such as WS-Security, SAML, XML Digital Signatures, and XML Encrypttion,  can be more effective and has the added flexibility that the message can be sent over any transport.
Message standard for SOAP web services security e.g. WS-Security (WSS), WS-Policy.

How:
Java: using handler/adapter to insert WSS header in the request and remove the WSS header in the received response. The handler also encrypt/decrypt the data.
Java using Rampart/Axis2 framework: set security context (e.g. keystore) in the request, define security policy in the wsdl. Futher info: read book by Tong.
OSB: using OWSM by defining policy. 

Why message-level security (e.g. WS-Security) is better than transport-level security (e.g. TLS/SSL):
  • End-to-end security: message-level XML-Encryption protects sensitive data also in the intermediaries / external proxies. The point-to-point security TLS/SSL doesn't prevent the intermediaries to read the sensitive data.
  • With WS-Encryption it's also possible to encrypt only a part of the messages for flexibility (e.g. in case the intermediary proxy need to peek the unencrypted part) or performance (it's cheaper to encrypt/decrypt only portions of the messages).
  • The message-level security (e.g. WSS Authentication, XML-Encryption, XML-Signature) is independent to the protocols thus it offers more flexibility to send SOAP messages across different protocols (e.g. http, jms, ftp).
On the other hand, message-level security has also disadvantages:
  • Performance (encrypt/decrypt, validate): processing time & increased message size
  • Configuration & Maintenance (but can be easier using declarative policy)
  • Can not peek the message values during development & debug
  • More complex, more difficult to find developers who master
For more details, you can traverse to Web Services Security

12c SOA - Weblogic - Oracle apps adapter connection factory creation

In this blog we will see how we can create an oracle apps adapter connection factory.

Deployments⇾OracleAppsAdapter
Configuration
Outbound Connection Pools
Click New

select Outbound Connection Groups and Next
Provide the JNDI Name.
Apps Connection factory created. Open it
Give the XADataSourceName
Save
Go to the deployment again and select OracleAppsAdapter
Update
Select Update option to update the changes in plan.xml file.
Finish
Activate Changes

If it is a clustered environment then using putty, we need to copy the updated new apps plan.xml file under the deployment plan path for all the nodes.

Monday, June 29, 2020

12c SOA - BPEL - Exposed service issue - Showing multiple services or operations including the external called service.

Problem description:
Suppose we have a SOA BPEL service named "LoginTrackingService" which calls an external service named "ABCD" and gets the result and exposes the results. When we are trying to test from em console or open the WSDL in browser . We can see that this service exposes multiple operations and multiple services . In this case, It shows 2 services/operations. one for this BPEL service exposed and 2nd for the called external service but it should have the one exposed service or operation.

Solution:
This is generally happened due to the design mistakes. When we create a BPEL exposed service . It has a exposed WSDL and when we call the external service . It also has a WSDL. This external WSDL reference somehow gets included in the exposed WSDL file. We have to open the exposed WSDL and delete the external WSDL reference from this.

Featured Post

11g to 12c OSB projects migration points

1. Export 11g OSB code and import in 12c Jdeveloper. Steps to import OSB project in Jdeveloper:   File⇾Import⇾Service Bus Resources⇾ Se...