In order to do this you need to first set up a Java Keystore. Here are the steps to do this.
Step 1 : Creating the Java Keystore
Go to the domain_home
/config/fmwconfig
directory, where domain_home
is the name and location of the domain for which the keystore is to be used.
Enter a keytool command such as the following to generate the key pair, and to create the keystore if it does not already exist:
1 |
keytool -genkeypair -keyalg RSA -alias orakey -keypass welcome1 -keystore default-keystore.jks -storepass welcome1 -validity 3600 |
You may need to add the jdk/bin directory to your PATH variable definition to invoke the keytool command.
In this command:
genkeypair
creates a new public/private key pair that is stored in an entry specified by thealias
parameterkeyalg
specifies the algorithm to be used to generate the key pair, in this exampleRSA
1Note: The default key pair generation algorithm is Digital Signature Algorithm (DSA). DSA keys can only be used for signing, whereas RSA keys can be used for both signing and encryption. Therefore, if you are using the same key for encryption and signing (which is a typical scenario), make sure you explicitly specify <code>-keyalg RSA</code>, otherwise keytool will default to DSA.alias
specifies the alias nameorakey
to use when referring to the keypairkeypass
specifies that the passwordwelcome1
be used to protect the private key of the generated key pairkeystore
creates a keystore nameddefault-keystore.jks
. If the keystore already exists, the key pair will be added to the keystore.storepass
specifieswelcome1
as the password used to protect the integrity of the keystore.validity
indicates that the keypair is valid for 3600 days.
The keytool utility prompts for the name, organizational unit and organization, locality (city, state, country) to be used to create the key:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 |
What is your first and last name? [Unknown]: weblogic What is the name of your organizational unit? [Unknown]: Fusion Applied Engineering What is the name of your organization? [Unknown]: Fusion Applied What is the name of your City or Locality? [Unknown]: US What is the name of your State or Province? [Unknown]: US What is the two-letter country code for this unit? [Unknown]: US Is CN=orcladmin, OU=Doc, O=Oracle, L=US, ST=US, C=US correct? [no]: y |
Now , log into Fusion Middleware Control (EM Console), click on your domain ->Security->Security Provider Configuration.
Go to the ‘Keystore’ section and click configure.
Provide the same values as you provided when you used the Keytool to create the keystore and save it.
Step 2 : Adding a Credential to the Credential Store Framework
I’m describing this here using Fusion Middleware Control ( EM Console). You can also do this using WLST. Navigate to your domain->Security-> Credentials
click on ‘Create Key’ in the oracle.wsm.security map that should exist there.
Create a key called ‘basic.credentials’, select type as password, and set a username and password that would be used to authenticate to the WebService you intend to call.
Step 3 Java code that uses the key defined in the Credential Store Framework for authentication to the Webservice.
Refer to this post to see how to generate the Java Web Service Proxy.
Here’s the code you can use in your Webservice Java proxy to authenticate using the Credential Store Framework key we just set up.
1 2 3 4 5 6 7 8 9 10 11 12 |
userNamePasswordStartService = new UserNamePasswordStartService(); SecurityPoliciesFeature securityFeatures = new SecurityPoliciesFeature( new String[] { "oracle/wss_username_token_client_policy" }); UserNamePasswordStartPortType userNamePasswordStartPortType = userNamePasswordStartService.getUserNamePasswordStartPort(securityFeatures); // Add your code to call the desired methods. ((BindingProvider)userNamePasswordStartPortType). getRequestContext().put (oracle.wsm.security.util.SecurityConstants.ClientConstants.WSS_CSF_KEY, "basic.credentials"); userNamePasswordStartPortType.start(); |
References
Oracle Fusion Middleware Security and Administrator’s Guide for Webservices
- Oracle Business Rules: Sums and Averages in Test Conditions - April 2, 2016
- Rolling Up a BPM KPI into Business Architecture Models - January 28, 2016
- The BPM 12c Process Monitor Dashboard in 5 Minutes - January 6, 2016