2 Replies Latest reply: Sep 18, 2012 8:57 AM by 959832 RSS

    Auditing in BPEL/webservices


      I need to implement auditing in BPEL and webservices.
      Steps Followed:-
      I have followed steps as per below reference guide:-

      http://docs.oracle.com/cd/E23943_01/core.1111/e10043.pdf(chapter 12 and 13)

      Summary of the steps followed:-
      1. Created Audit schema using RCU utility.
      2. Created a data-source via weblogic console.
      3. Added the same in Application server em and pointed it to Audit database.
      4. Modified the audit policies via em and set it to custom.
      5. Restarted the server

      Scenario: Post restart of the server, when I invoke BPEL via soap ui then it creates a log file under below path:-
      D:\Middleware\SOASuite11gR1PS4\user_projects\domains\SOADevDomain\servers\AdminServer\logs\auditlogs\WebServices file name: audit.log
      and D:\Middleware\SOASuite11gR1PS4\user_projects\domains\SOADevDomain\servers\AdminServer\logs\auditlogs\OWSM-AGENT file-name : audit.log
      Now as per the guide, data from these logging files should be loaded in audit tables under IAU schema. But its not working as expected.
      Checking the AdminServer-diagnostic.log I could see below exception:-

      [2012-09-12T15:34:17.817+05:30] [AdminServer] [ERROR] [OWS-04115] [oracle.webservices.service] [tid: [ACTIVE].ExecuteThread: '4' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 193111123952ad67:-6d8e555e:139b9dbd38e:-8000-0000000000000639,0] [APP: soa-infra] [composite_name: SamlTokenTestService] An error occurred for port: FabricProvider: oracle.fabric.common.PolicyEnforcementException: FailedCheck : failure in security check.
      [2012-09-12T15:34:18.137+05:30] [AdminServer] [ERROR] [] [oracle.security.audit.ajl.loader.AuditLoaderManager] [tid: AuditLoaderRunner] [userId: <WLS Kernel>] [ecid: 0000JatqyYq17iM_MLCCye1GK5^B000002,1:19284] IAU:IAU-5046: Stopping AuditLoader, caught exception: java.lang.NumberFormatException: For input string: ""[[
           at java.lang.NumberFormatException.forInputString(NumberFormatException.java:48)
           at java.lang.Long.parseLong(Long.java:419)
           at java.lang.Long.parseLong(Long.java:468)
           at oracle.security.audit.config.Attribute$DataType.parseXMLValue(Attribute.java:112)
           at oracle.security.audit.ajl.reader.FileSetLogReader.setAttribute(FileSetLogReader.java:981)
           at oracle.security.audit.ajl.reader.BusStopTxtLogReader.parseRecord(BusStopTxtLogReader.java:367)
           at oracle.security.audit.ajl.reader.FileSetLogReader.read(FileSetLogReader.java:956)
           at oracle.security.audit.ajl.loader.AuditLoader$SingleLookaheadBusStopLogReader.gotoNextRecord(AuditLoader.java:355)
           at oracle.security.audit.ajl.loader.AuditLoader.readMessages(AuditLoader.java:456)
           at oracle.security.audit.service.AuditLoaderManager.readMessages(AuditLoaderManager.java:209)
           at oracle.security.audit.service.AuditLoaderManager$Runner.run(AuditLoaderManager.java:284)
      Further debugging log files generated as audit.log there is one row having data as below:-

      #Remark Values:ComponentType="OWSM-AGENT" Version="". When I update the value of version manually as "11" and restart the server the audit loader loads the data in audit tables.

      This work around is ok for dev env but not feasible in test and prod env.
      Can someone please help me with the reason behind this and acceptable work around for test and prod env.

      Please let me know if more information is required on this.

        • 1. Re: Auditing in BPEL/webservices
          Kalyan Pasupuleti-Oracle

          Complete all required post installation steps, especially the following two.

          Oracle Fusion Middleware Patching Guide 11g Release 1 (11.1.1) Part Number E16793-06

          3.8 Post-Patching Tasks

          3.8.9 Adding New OWSM Pre-Defined Policies:

          "Each new patchset of Oracle Web Services Manager (OWSM) can contain new pre-defined web services policies. If your existing domain was created or extended with the Oracle WSM Policy Manager template in the Configuration Wizard, you must do the following to take advantage of these new policies for your domain:

          Use connect() to connect to the server running the owsm-pm application.
          Run the upgradeWSMPolicyRepository() WLST command as described in "Upgrading the Oracle WSM Policies in the MDS Repository" in the Oracle Fusion Middleware Security and Administrator's Guide for Web Services.

          • 2. Re: Auditing in BPEL/webservices
            Hi Kalyan,

            This error is because of the value of "Version="" which is there in both the file as below:-
            D:\Middleware\SOASuite11gR1PS4\user_projects\domains\SOADevDomain\servers\AdminServer\logs\auditlogs\WebServices *file name: audit.log*and D:\Middleware\SOASuite11gR1PS4\user_projects\domains\SOADevDomain\servers\AdminServer\logs\auditlogs\OWSM-AGENT *file-name : audit.log*

            The link of patching guide explains the patching of soa server, but I am using, not sure if this patching will be required.
            What I need is to identify the way to update the value in both the files. as post updating the file and restart of the soa server this error get resolved.

            Hope I am able to explain my query.