2-110 Securing WebLogic Web Services for Oracle WebLogic Server
2.23.4 Revised ReliableEchoServiceImpl.java
The ReliableEchoServiceImpl.java JWS file is the same as that in WL_ HOME
\samples\server\examples\src\examples\webservices\wsrm_ security\ReliableEchoServiceImpl.java, with the revised Policy annotation
shown in bold.
Example 2–30 ReliableEchoServiceImpl.java
WebServicename = ReliableEchoPort, serviceName = ReliableEchoService
WLHttpTransportcontextPath = WsrmSecurity, serviceUri = ReliableEchoService Policies{
Policyuri=policy:Wssp1.2-2007-Wssc1.3-Bootstrap-Wss1.0.xml,
Policyuri=policy:Reliability1.1_SequenceSTR} You can specify the Policy annotation at both the class- and method- level. In this
example, the annotation is used at the class-level to specify the predefined WS-Policy files, which means all public operations of the Web service are associated with the
specified WS-Policy files.
2.23.5 Revised configWss.py
The ReliableEchoServiceImpl Web service does not explicitly invoke any WebLogic Server API to handle the requirements imposed by any associated policy files, nor
does this Web service have to understand which, if any, security providers, tokens, or other such mechanisms are involved.
The script file configWss.py uses WLST to create and configure the default Web service security configuration, default_wss, for the active security realm. The
default Web service security configuration is used by all Web services in the domain unless they have been explicitly programmed to use a different configuration. Further,
this script makes sure that x509 tokens are supported, creates the needed security providers, and so forth.
The configWss.py file is the same as that in WL_ HOME
\samples\server\examples\src\examples\webservices\wsrm_ security\configWss.py, with the changes shown in bold. The build.xml file
provides the command input.
Example 2–31 configWss.py
: Create credential provider for SCT
cpName=default_sct_cp wtm=defaultWss.lookupWebserviceCredentialProvidercpName
if wtm == None: print creating new webservice credential provider : + cpName
wtm = defaultWss.createWebserviceCredentialProvidercpName wtm.setClassNameweblogic.wsee.security.wssc.v13.sct.
ServerSCCredentialProvider wtm.setTokenTypesct
cpm = wtm.createConfigurationPropertyTokenLifeTime cpm.setValue43200000
else:
Note: Long lines in this script have been formatted for readability.
Configuring Message-Level Security 2-111
print found exsiting bean for: + cpName Create credential provider for DK
cpName=default_dk_cp wtm=defaultWss.lookupWebserviceCredentialProvidercpName
if wtm == None: wtm = defaultWss.createWebserviceCredentialProvidercpName
wtm.setClassNameweblogic.wsee.security.wssc.v13.
dk.DKCredentialProvider
wtm.setTokenTypedk cpm = wtm.createConfigurationPropertyLabel
cpm.setValueWS-SecureConversationWS-SecureConversation cpm = wtm.createConfigurationPropertyLength
cpm.setValue16 else:
print found exsiting bean for: DK + cpName :
2.23.6 Revised configWss_Service.py