Revised ReliableEchoServiceImpl.java Revised configWss.py

2-110 Securing WebLogic Web Services for Oracle WebLogic Server

2.23.4 Revised ReliableEchoServiceImpl.java

The ReliableEchoServiceImpl.java JWS file is the same as that in WL_ HOME \samples\server\examples\src\examples\webservices\wsrm_ security\ReliableEchoServiceImpl.java, with the revised Policy annotation shown in bold. Example 2–30 ReliableEchoServiceImpl.java WebServicename = ReliableEchoPort, serviceName = ReliableEchoService WLHttpTransportcontextPath = WsrmSecurity, serviceUri = ReliableEchoService Policies{ Policyuri=policy:Wssp1.2-2007-Wssc1.3-Bootstrap-Wss1.0.xml, Policyuri=policy:Reliability1.1_SequenceSTR} You can specify the Policy annotation at both the class- and method- level. In this example, the annotation is used at the class-level to specify the predefined WS-Policy files, which means all public operations of the Web service are associated with the specified WS-Policy files.

2.23.5 Revised configWss.py

The ReliableEchoServiceImpl Web service does not explicitly invoke any WebLogic Server API to handle the requirements imposed by any associated policy files, nor does this Web service have to understand which, if any, security providers, tokens, or other such mechanisms are involved. The script file configWss.py uses WLST to create and configure the default Web service security configuration, default_wss, for the active security realm. The default Web service security configuration is used by all Web services in the domain unless they have been explicitly programmed to use a different configuration. Further, this script makes sure that x509 tokens are supported, creates the needed security providers, and so forth. The configWss.py file is the same as that in WL_ HOME \samples\server\examples\src\examples\webservices\wsrm_ security\configWss.py, with the changes shown in bold. The build.xml file provides the command input. Example 2–31 configWss.py : Create credential provider for SCT cpName=default_sct_cp wtm=defaultWss.lookupWebserviceCredentialProvidercpName if wtm == None: print creating new webservice credential provider : + cpName wtm = defaultWss.createWebserviceCredentialProvidercpName wtm.setClassNameweblogic.wsee.security.wssc.v13.sct. ServerSCCredentialProvider wtm.setTokenTypesct cpm = wtm.createConfigurationPropertyTokenLifeTime cpm.setValue43200000 else: Note: Long lines in this script have been formatted for readability. Configuring Message-Level Security 2-111 print found exsiting bean for: + cpName Create credential provider for DK cpName=default_dk_cp wtm=defaultWss.lookupWebserviceCredentialProvidercpName if wtm == None: wtm = defaultWss.createWebserviceCredentialProvidercpName wtm.setClassNameweblogic.wsee.security.wssc.v13. dk.DKCredentialProvider wtm.setTokenTypedk cpm = wtm.createConfigurationPropertyLabel cpm.setValueWS-SecureConversationWS-SecureConversation cpm = wtm.createConfigurationPropertyLength cpm.setValue16 else: print found exsiting bean for: DK + cpName :

2.23.6 Revised configWss_Service.py