4 Replies Latest reply: Dec 25, 2012 8:19 PM by 689442 RSS

    How to add web service security

    689442
      I create web services using cxf framework and deploy it to weblogic 12c. IOS enquipment can send and get data from these web services.
      Now, I need to add security to these web services, such as policy, username token, and etc.
      Is there any sample code about how to add web service security?
      I need sample codes which include how to create wsdl with security from java code, or java interfaces created by wsdl.

      If cxf is not suitable for weblogic 12c , is there any other famework that I can use?

      Thanks a lot!
        • 1. Re: How to add web service security
          User696-Oracle
          If your developing web service and deploy it in wls server it is better go with weblogic web service, since you might end up with classloading issues if your using CXF.

          Here is sample for wls web service security.
          http://kingsfleet.blogspot.com/2008/12/simple-custom-policy-example-using-jax.html

          WLS Documentation
          http://docs.oracle.com/cd/E24329_01/web.1211/e24488/message.htm#i252293

          Regards,
          Sunil P
          • 2. Re: How to add web service security
            689442
            Thank you again. I will read these documents.
            However, I cannot deloy my application today. Error showing in weblogic console is java.lang.ClassCastException: weblogic.j2ee.descriptor.wl.WeblogicApplicationBeanImpl cannot be cast to weblogic.j2ee.descriptor.wl.WeblogicWebAppBean
            Do you know how to fix it?
            • 3. Re: How to add web service security
              User696-Oracle
              The issue seems to be with classloading. try filter class loading.

              Create META-INF/weblogic-application.xml

              $ cat>META-INF/weblogic-application.xml
              <?xml version="1.0" encoding="UTF-8"?>
              <weblogic-application xmlns="http://www.bea.com/ns/weblogic/90">
              <application-param>
              <param-name>webapp.encoding.default</param-name>
              <param-value>UTF-8</param-value>
              </application-param>
              <prefer-application-packages>
              <package-name>javax.jws.*</package-name>
              </prefer-application-packages>
              </weblogic-application>

              Regards,
              Sunil P
              • 4. Re: How to add web service security
                689442
                Thank you. But I still get error: java.lang.ClassCastException: weblogic.j2ee.descriptor.wl.WeblogicApplicationBeanImpl cannot be cast to weblogic.j2ee.descriptor.wl.WeblogicWebAppBean if I deploy this web application from a folder.

                I export this web application as a war file using MyEclipse. However, after deploying this war file to weblogic 12c, I get error:

                Root cause of ServletException.
                weblogic.servlet.jsp.CompilationException: Failed to compile JSP /BZWeb/index1.jsp
                index1.jsp:2:18: The include file was not found.
                <%@ include file="/common/taglibs.jsp"%>
                ^-------------------^
                index1.jsp:2:18: The include file was not found.
                <%@ include file="/common/taglibs.jsp"%>
                ^-------------------^
                However, taglibs.jsp is in the common folder.

                How to modify the context root?

                Thanks.