Disable the path resolver by un-checking the Enable... box
Test via Service explorer
Access Denied
Thursday, April 26, 2012
Oracle Enterprise Gateway(OEG) Policy Center
To quote from the
whitepaper
"OEG Policy Center is intended for managing policy deployments across multiple Oracle Enterprise Gateways (multiple-gateway policy management). OEG Policy Center manages policy migration between development, staging, and production."
It is essentially a process you start ala the gateway itself and you then connect to it via Policy Studio. Here I have 2 OEG instances and policy center started.
I can then start Policy Studio and connect to Policy Center -
Note the default policy center port is 8060
As you can see, I have added the 2 OEG instances to the "process" list
For this scenario - OEG running on management port 8090 is my Test instance OEG running on management port 8093 is my Production instance
I added a new user and a couple of Alerts to the Test instance. Now I export the configuration, saving to file exportUsers.xml
Return to the main Policy Center screen
I select the "production" instance
and import...
"OEG Policy Center is intended for managing policy deployments across multiple Oracle Enterprise Gateways (multiple-gateway policy management). OEG Policy Center manages policy migration between development, staging, and production."
It is essentially a process you start ala the gateway itself and you then connect to it via Policy Studio. Here I have 2 OEG instances and policy center started.
I can then start Policy Studio and connect to Policy Center -
Note the default policy center port is 8060
As you can see, I have added the 2 OEG instances to the "process" list
For this scenario - OEG running on management port 8090 is my Test instance OEG running on management port 8093 is my Production instance
I added a new user and a couple of Alerts to the Test instance. Now I export the configuration, saving to file exportUsers.xml
Return to the main Policy Center screen
I select the "production" instance
and import...
Tuesday, April 24, 2012
OEG Service Manager part 2
I can of course apply policies to my registered service using service manager.
In this case, I just dragged and dropped the XML Threat policy to the Request icon.
Ergo, in Service Manager - I can register service and apply existing policies to them.
I can also create new policies within this tool.
The new Policy - testPolicy - has been created.
Now we can add sub policies to this. Here I dragged and dropped in the HealthCheck policy.
In other words, we can create new policies from existing ones.
We cannot create policies from scratch in this tool.
Monday, April 23, 2012
OEG Service Manager
Service Manager is an interesting part of the OEG component stack.
Use it to register and manage the web services OEG is protecting.
Simple example - the FraudChecker web service has been deployed to WLS
I create a new Web Services Group in Service Manager
Now I register the service
The url is http://localhost:7001/FraudCheckService/FraudCheckerPort?WSDL
Deploy
Start Policy Studio
Thursday, April 19, 2012
OEG OSB/OWSM Username token/Message Protection example
Create a new OSB project/process that consumes the FraudChecker web service –
This is based on the following Java Class
-------------------------------------------------
package fraudcheckservice;
public class FraudChecker {
public FraudChecker() {
super();
}
public String checkCard4Fraud(String cctype, String ccnr){
String status = "VALID:";
if (ccnr.equalsIgnoreCase("12345678")){
status = "FRAUDULENT:";
}
status = status.concat("Card Type " + cctype + " Card Nr " + ccnr);
return status;
}
}
-------------------------------------------------
The WSDL is similar to the following -
http://localhost:7001/FraudCheckService/FraudCheckerPort?WSDL
In OSB -
Create a business service based on this web service
Create a proxy based on the business service
Test the proxy
Now apply OWSM policies to the OSB proxy
re-test specifying the key we created (joe-key) in the previous-1 blog post.
Now, in the OSB console, export the proxy service wsdl to a file.
Minre is simply called FraudChecker.wsdl
Back in OEG Policy Studio, we need to import the orakey certificate and register the web service –
Back in Policy Studio, we need to import the orakey certificate and register the web service –
This is the key we created in the previous-1 lab. We then stored it at /OSBHome/myDomain/config/fmwconfig
Click keystore
Click Import to Trusted...
Now register the OSB proxy process web service
select the operation -
The security configuration begins
Set Expires in to –
Click Next
Set Signing Key to orakey
Click Next
Configure Encryption Settings
Set Certificate Store to orakey
Click Next
Click Next
Configure Username Token settings
User name = joe
Password = welcome1
Create a relative path /SecureFraudChecker
Deploy & test
This is based on the following Java Class
-------------------------------------------------
package fraudcheckservice;
public class FraudChecker {
public FraudChecker() {
super();
}
public String checkCard4Fraud(String cctype, String ccnr){
String status = "VALID:";
if (ccnr.equalsIgnoreCase("12345678")){
status = "FRAUDULENT:";
}
status = status.concat("Card Type " + cctype + " Card Nr " + ccnr);
return status;
}
}
-------------------------------------------------
The WSDL is similar to the following -
http://localhost:7001/FraudCheckService/FraudCheckerPort?WSDL
In OSB -
Create a business service based on this web service
Create a proxy based on the business service
Test the proxy
Now apply OWSM policies to the OSB proxy
re-test specifying the key we created (joe-key) in the previous-1 blog post.
Now, in the OSB console, export the proxy service wsdl to a file.
Minre is simply called FraudChecker.wsdl
Back in OEG Policy Studio, we need to import the orakey certificate and register the web service –
Back in Policy Studio, we need to import the orakey certificate and register the web service –
This is the key we created in the previous-1 lab. We then stored it at /OSBHome/myDomain/config/fmwconfig
Click keystore
Click Import to Trusted...
Now register the OSB proxy process web service
select the operation -
The security configuration begins
Set Expires in to –
Click Next
Set Signing Key to orakey
Click Next
Configure Encryption Settings
Set Certificate Store to orakey
Click Next
Click Next
Configure Username Token settings
User name = joe
Password = welcome1
Create a relative path /SecureFraudChecker
Deploy & test
Subscribe to:
Posts (Atom)