6 Web Services
It includes the following topics:
Note:
To resolve WebLogic Web Services issues, see Web Services and XML Issues and Workarounds in Oracle Fusion Middleware Release Notes for Oracle WebLogic Server.
- Upgrade Fails When OWSM Data Source Is Configured as a Multi Data Source
- Using a Repository Backed by a Hardened Oracle Database
- Using Multibyte User Credentials with the wss_http_token_* Policy
- Performing a Bulk Upload of Policies
- Removing Post-Deployment Customizations
- Reviewing Localization Limitations
- Fusion Middleware Control Does Not List Policies When Two Servers Are SSL Enabled (Two-way SSL)
- Web Service Test Page Cannot Test Input Arguments Bound to SOAP Headers
- Possible Limitation When Using Custom Exactly-one Policies
- Security Policies Do Not Work on Subscriber Mediator Component
- Policy Table Might Not Show Attached Policies for Some Locales
- Restart Applications to Get an Accurate Policy Usage Count
- Performance Improvements In Web Services Policy Pages
- Bulk Attachment of Policies Is not Supported In the Current Release
- Fusion Middleware Control Returns You to the OWSM Policies Page After You Edit a Client Policy
- Domain Configuration Is Not Supported in Classpath Mode
- Avoiding XML Encryption Attacks
- USERNAME_ID_PROPAGATION Policies Deprecated
- Deprecated Commands for Oracle Infrastructure Web Services
- A Test Web Service Page Does Not Generate the Correct Date or Date Time Patterns When Importing a Locally Saved Payload
- A Test Web Service Page Does Not Save Loaded Payloads in the Correct Format
- Using the Automatic Policy Configuration for STS May Not Result in a Compatible Policy for a Web Service Client
- Incompatible Policies Are Listed for Web Services and Clients Using SOAP Over JMS Transport
- NoSuchObjectException When the Server Hosting WSM-PM is Shut Down
- NullPointerException After Stopping the WebCenter Portal Managed Server
- ConnectException when the Server Hosting WSM-PM is Down
- The Repository Write Timestamp Cannot Be Retrieved When the Server Hosting WSM-PM Is Shut Down
- Harmless Warning Message When You Create Policy Sets
- About Difference between Installed and Upgraded Configuration Files
- Oracle Infrastructure Web Service Applications Built in 11g Containing WebServiceRef Annotation Fails
- WADL for OPSS and OWSM REST API Is Not Generated from the Browser
- Disable XML External Entity Expansion (XXE) When Using MDDS API
- java.security.NoSuchAlgorithmException When Using the FIPS 140 Algorithms
Upgrade Fails When OWSM Data Source Is Configured as a Multi Data Source
When you attempt to upgrade Oracle Weblogic and Oracle SOA Suite from 11g to 12c Release 12.13 and later, if the 11g instance uses a mds-owsm datasource that is configured to be a multi data source, the Upgrade Assistant fails with the following error:
WSM] [INCIDENT_ERROR] [] [upgrade.WSM.WSMPLUGIN] [tid: 63] [ecid: 235be93f-e646-47fb-b960-34947fed8f86-00000001,0] [[ oracle.ias.update.exception.UpgradeException: WSMERROR-00015: Failed to read the Oracle WSM datasource connection details. at oracle.wsm.lifecycle.upgrade.impl.WSMUpgradePlugin.initializePluginData(WSMUpgradePlugin.java:227) at oracle.wsm.lifecycle.upgrade.impl.WSMUpgradePlugin.upgrade(WSMUpgradePlugin.java:263) at oracle.ias.update.plugin.Plugin.upgrade(Plugin.java:576) at oracle.ias.update.plan.PlanStep.upgrade(PlanStep.java:377) at oracle.ias.update.UpgradeDriver.doUpgrades(UpgradeDriver.java:947) at oracle.ias.update.gui.UAUpgradeThread.run(UAUpgradeThread.java:41)
Note:
This error occurs even after you apply patch 19865550 to prevent a message warning you of an unsupported multi data source.
To work around this issue, perform the following steps:
- Modify the mds-owsm data source, changing it from a multi data source to a generic data source.
- Run the Upgrade Assistant.
- Once the upgrade completes successfully, if necessary, modify the data source back to its original configuration.
Parent topic: Web Services
Using a Repository Backed by a Hardened Oracle Database
Oracle Web Services Manager uses an MDS repository to store metadata such as policies, assertion templates, and policy usage data.
Oracle Web Services Manager 12c (12.2.1) is certified to work with a repository backed by a hardened Oracle Database.
See Managing the OWSM Repository in Securing Web Services and Managing Policies with Oracle Web Services Manager
Parent topic: Web Services
Using Multibyte User Credentials with the wss_http_token_* Policy
In this release, multibyte user credentials are not supported for the wss_http_token_*
policies. If multibyte user credentials are required, use a different policy, such as wss_username_token_*
policy. For more information about the available policies, see Predefined Policies in Securing Web Services and Managing
Policies with Oracle Web Services Manager.
Parent topic: Web Services
Performing a Bulk Upload of Policies
When you perform a bulk import of policies to the MDS repository, if the operation does not succeed initially, retry the operation until the bulk import succeeds.
For the most part, this can occur for an Oracle RAC database when the database is switched during the metadata upload. If there are n databases in the Oracle RAC database, then you may need to retry this operation n times.
For more information about bulk import of policies, see Migrating Policies in the Administering Web Services.
Parent topic: Web Services
Removing Post-Deployment Customizations
When the connections.xml
file is changed after deployment by using the AdfConnection
MBean, the complete connection is saved as a customization. This means that changes to the connection in a redeployed application are overwritten by the customization.
When you use Fusion Middleware Control to make changes to an application's connections.xml
file after deployment, a new connections.xml
file is created as a customization and stored in the MDS repository. This customization persists for the life of the application. Therefore, if you redeploy the application, the customized connections.xml
file continues to be applied as a customization on the application.
To allow the redeployed application's connections.xml
file to be applied without the prior customization (from Fusion Middleware Control), you must explicitly remove the connections.xml
customizations from the MDS repository.
For example, if you deploy an application with a Web services data control, then use Fusion Middleware Control to attach the username_token_client_policy
, and subsequently detach the policy. Then, you return to JDeveloper to edit the application and attach the http_token_client_policy
, and redeploy the application. When you view the application using Fusion Middleware Control, you see that it is not using the http_token_client_policy
that you attached. That is because it is using the customized connections.xml file that you previously created using Fusion Middleware Control.
If you remove the connections.xml customizations from the MDS repository, the application will use the its own connections.xml
file.
Parent topic: Web Services
Reviewing Localization Limitations
The following information is supported in English only in this release of Oracle Enterprise Manager:
-
All fields in the policy and assertion template except the
orawsp:displayName
field. -
If using the
?orawsdl
browser address, theorawsp:description
field.
Parent topic: Web Services
Fusion Middleware Control Does Not List Policies When Two Servers Are SSL Enabled (Two-way SSL)
When a Managed Server is Two-way enabled SSL (for example, a SOA server hosting OWSM Policy Manager over Two-way SSL) and the Administration Server hosting Fusion Middleware Control is correctly configured to access the Two-way SSL-enabled Managed Server, Fusion Middleware Control still does not list the OWSM policies.
Parent topic: Web Services
Web Service Test Page Cannot Test Input Arguments Bound to SOAP Headers
For Web services that have any input arguments bound to SOAP headers, the Test Web Service page in the Fusion Middleware Control console cannot show the message. Therefore, such operations cannot be tested with the Test Web Service page.
For example, if the input for a multi-part WSDL is viewed through Fusion Middleware Control, and one input argument is bound to a SOAP header, the composite instance fails with the following exception because the other part of the message was missing in the input:
ORAMED-01203:[No Part]No part exist with name "request1" in source message
To resolve such an issue, select XML View for Input Arguments and edit the payload to pass input for both parts of the WSDL.
Parent topic: Web Services
Possible Limitation When Using Custom Exactly-one Policies
In some cases, there can be a limitation when using custom Exactly-one policies. For a set of assertions within the exactly-one policy, if a request message satisfies the first assertion, then the first assertion gets executed and a response is sent accordingly. However, this may not be the desired behavior in some cases because the request may be intended for the subsequent assertions.
For example, you may have a client policy that has Timestamp=ON
and a service exactly-one policy that has a wss11 username token
with message protection assertions: the first has Timestamp=OFF
; the second has Timestamp=ON
. Therefore, the first assertion in the service exactly-one policy is not expecting the Timestamp in the request, yet the second assertion does expect it. In this case, the first assertion gets executed and the response is sent with no Timestamp. However, the client-side processing then fails because it expects the Timestamp that was sent in the request.
This limitation can exist with any cases where a client policy expects a greater number of elements to be signed and a service policy does not.
Parent topic: Web Services
Security Policies Do Not Work on Subscriber Mediator Component
Component Authorization denyall
policy does not work at subscriber mediator component. Authorization policy works for other normal mediator component cases.
Parent topic: Web Services
Policy Table Might Not Show Attached Policies for Some Locales
The Directly Attached Polices table may not display the attached policies for the following locales: zh-cn
, zh-tw
, ja
, pt-br
, es
, fr
, ko
.
This issue may occur when you attach a policy to the Web service endpoint in the Web service application in Fusion Middleware Control.
As a workaround, enlarge the columns.
Parent topic: Web Services
Restart Applications to Get an Accurate Policy Usage Count
If a policy that is being referred to by a Web Service is deleted and then reimported, then its usage count is not correct and applications must be restarted to obtain an accurate usage count.
Parent topic: Web Services
Performance Improvements In Web Services Policy Pages
Performance improvements have been made to the Web Services Policy pages in Fusion Middleware Control by removing the unnecessary role query.
Parent topic: Web Services
Bulk Attachment of Policies Is not Supported In the Current Release
Attaching one or more policies to one or more Web services by using the bulk attachment feature is not supported in the current release. Use the Policy Set feature instead. For more information on Policy Sets, see Attaching Policies Globally Using Policy Sets Using WLST and Schema Reference for Policy Sets in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Parent topic: Web Services
Fusion Middleware Control Returns You to the OWSM Policies Page After You Edit a Client Policy
When you generate client policies in Enterprise Manager, the Generate Client Policies page appears and the generated policies are shown as not saved. After you save the policies, and then edit one of them, you are returned to the OWSM Policies page. This is an error in Enterprise Manager. You should be returned to the Generate Client Policies page.
To edit additional policies, use the search feature in the OWSM Policies page to locate the client policy that you wish to edit.
For more information, see Generating Client Policies from a WSDL in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Parent topic: Web Services
Domain Configuration Is Not Supported in Classpath Mode
If the Policy Manager URL is configured as a classpath, then domain-level configuration is not supported. All domain-level configuration information is stored in the OWSM repository, and not in the JAR file that is included in the classpath. For information about configuring the Policy Manager URL, see the following sections in Securing Web Services and Managing Policies with Oracle Web Services Manager:
If you wish to manage domain-level configuration, configure the Policy Manager URL to specify a remote domain or use auto
mode. After you have configured the new Policy Manager URL mode, you must restart the server for it to take effect.
Parent topic: Web Services
Avoiding XML Encryption Attacks
In past releases, OWSM sent different fault codes (for example, FailedAuthentication
, InvalidSecurityToken
, andFailedCheck
) for different error cases In the current release, this default behavior has been changed. OWSM now sends the InvalidSecurity
fault code for all error cases. This has been done to avoid XML encryption attacks. An encryption attack is possible if the service sends different fault codes for different types of errors (for example, FailedAuthentication
, InvalidSecurityToken
, FailedCheck
, and so on).This default behavior can be changed by setting the domain-wide agent property use.unified.fault.code
to false
. However, this is not recommended, because it might allow XML encryption attacks. The default value for this property, "true
", will cause OWSM to send the InvalidSecurity
fault code for all error cases. For more information on the use.unified.fault.code
property, see Configuring Security Policy Enforcement Using WLST in Securing Web Services and Managing
Policies with Oracle Web Services Manager.
Parent topic: Web Services
USERNAME_ID_PROPAGATION Policies Deprecated
The following USERNAME_ID_PROPAGATION
policies are deprecated in Release 12c (12.2.1):
wss10_username_id_propagation_with_msg_protection_client_policy wss10_username_id_propagation_with_msg_protection_service_policy
For details about these policies, see "Oracle Web Services Manager Predefined Policies" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Parent topic: Web Services
Deprecated Commands for Oracle Infrastructure Web Services
Table 6-1 lists the WLST commands for Oracle Infrastructure Web Services (or clients) that were available in Oracle Fusion Middleware 11g release and which have been deprecated in 12c (12.1.2). In addition, the table lists the new WLST command equivalent and provides an example of how you can update your code to use the new command.
For more information about the WLST commands, see Web Services Custom WLST Commands in WLST Command Reference for Infrastructure Components.
Table 6-1 Deprecated Commands for Oracle Infrastructure Web Services
Deprecated Command (11g) | Recommended Command (12c) | Updating Your Code |
---|---|---|
|
|
11g Release (for Repository operations): wls:/jrfServer_domain/serverConfig> abortRepositorySession()
12c Release (for both Repository and PolicySubject operations): wls:/jrfServer_domain/serverConfig> abortWSMSession() |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> attachPolicySet ('Domain("base_domain")')
12c Release: wls:/jrfServer_domain/serverConfig> setWSMPolicySetScope ('Domain("base_domain")') |
|
|
11g Release (for both Repository and PolicySubject operation on policy set): wls:/jrfServer_domain/serverConfig> attachPolicySetPolicy ('oracle/wss_username_token_service_policy')
12c Release: wls:/jrfServer_domain/serverConfig> attachWSMPolicy('oracle/wss_username_token_service_policy')
wls:/wls-domain/serverConfig> |
|
|
11g Release (for Repository operations): wls:/jrfServer_domain/serverConfig> beginRepositorySession()
12c Release (for both Repository and PolicySubject operations): wls:/jrfServer_domain/serverConfig> beginWSMSession() |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> clonePolicySet ('myNewPolicySet', 'myPolicySet')
12c Release: wls:/jrfServer_domain/serverConfig> cloneWSMPolicySet ('myNewPolicySet', 'myPolicySet') |
|
|
11g Release (for Repository operations): wls:/jrfServer_domain/serverConfig> commitRepositorySession()
12c Release (for both Repository and PolicySubject operations): wls:/jrfServer_domain/serverConfig> commitWSMSession() |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> createPolicySet('myPolicySet', 'ws-service', 'Domain("base_domain")')
12c Release: wls:/jrfServer_domain/serverConfig> createWSMPolicySet ('myPolicySet', 'ws-service', 'Domain("base_domain")') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> deletePolicySet('myPolicySet')
12c Release: wls:/jrfServer_domain/serverConfig> deleteWSMPolicySet ('myPolicySet')
|
|
|
11g Release (for Repository operations): wls:/jrfServer_domain/serverConfig> describeRepositorySession()
11g Release (for PolicySubject operations): N/A 12c Release (for both Repository and PolicySubject operations): wls:/jrfServer_domain/serverConfig> describeWSMSession() |
|
|
11g Release (for both Repository and PolicySubject operation on policy set): wls:/jrfServer_domain/serverConfig> detachPolicySet ('oracle/wss_username_token_service_policy')
12c Release: wls:/jrfServer_domain/serverConfig> detachWSMPolicy('oracle/wss_username_token_service_policy')
wls:/wls-domain/serverConfig> |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> displayPolicySet('myPolicySet')
12c Release: wls:/jrfServer_domain/serverConfig> displayWSMPolicySet ('myPolicySet') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> enablePolicySet(true)
12c Release: wls:/jrfServer_domain/serverConfig> enableWSMPolicySet(true) |
|
|
11g Release: wls:/wls-domain/serverConfig>enablePolicySetPolicy('/oracle/log_policy',false)
12c Release: wls:/wls-domain/serverConfig>enableWSMPolicy('/oracle/log_policy',false)
wls:/wls-domain/serverConfig> |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> exportRepository ("/tmp/repo.zip")
12c Release: wls:/jrfServer_domain/serverConfig> exportWSMRepository ("/tmp/repo.zip") |
|
|
11g Release (for repository documents): wls:/jrfServer_domain/serverConfig> importRepository ("/tmp/repo.zip")
12c Release (for repository documents): wls:/jrfServer_domain/serverConfig> importWSMArchive ("/tmp/repo.zip")
|
|
|
11g Release: wls:/wls-domain/serverConfig>listPolicySets('sca-reference')
12c Release: wls:/wls-domain/serverConfig>listWSMPolicySets('sca-reference') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> migrateAttachments()
12c Release: wls:/jrfServer_domain/serverConfig> migrateWSMAttachments() |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> modifyPolicySet('myPolicySet')
12c Release: wls:/jrfServer_domain/serverConfig> selectWSMPolicySet ('myPolicySet') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> resetWSMPolicyRepository()
12c Release: wls:/jrfServer_domain/serverConfig> resetWSMRepository() |
|
|
11g Release wls:/jrfServer_domain/serverConfig> setConfiguration('/WLS/myDomain')
12c Release wls:/jrfServer_domain/serverConfig> displayWSMConfiguration('WLS/base_domain') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> setPolicySetConstraint ('HTTPHeader("VIRTUAL_HOST_TYPE","external")')
12c Release: wls:/jrfServer_domain/serverConfig> setWSMPolicySetConstraint ('HTTPHeader("VIRTUAL_HOST_TYPE","external")') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> setPolicySetDescription ('Global policy set for web service endpoint.')
12c Release: wls:/jrfServer_domain/serverConfig> setWSMPolicySetDescription ('Global policy set for web service endpoint.') |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> setWebServicePolicyOverride ('/base_domain/server1/HelloWorld#1_0','j2wbasicPolicy', 'web', '{http://namespace/}WssUsernameService','JRFWssUsernamePort', 'oracle/wss_username_token_service_policy', 'reference.priority', '10')
12c Release: wls:/jrfServer_domain/serverConfig> setWSMPolicyOverride ('oracle/wss_username_token_service_policy', 'reference.priority', '10')
|
|
|
11g Release (for both Repository and PolicySubject operation on policy set): wls:/jrfServer_domain/serverConfig> setPolicySetPolicyOverride ('oracle/wss_username_token_service_policy', 'reference.priority', '10')
12c Release: wls:/jrfServer_domain/serverConfig> setWSMPolicyOverride ('oracle/wss_username_token_service_policy', 'reference.priority', '10')
|
|
|
11g Release: wls:/jrfServer_domain/serverConfig> upgradeWSMPolicyRepository()
12c Release: wls:/jrfServer_domain/serverConfig> upgradeWSMRepository() |
|
|
11g Release: wls:/jrfServer_domain/serverConfig> validatePolicySet ('myPolicySet')
12c Release: wls:/jrfServer_domain/serverConfig> validateWSMPolicySet ('myPolicySet') |
Parent topic: Web Services
A Test Web Service Page Does Not Generate the Correct Date or Date Time Patterns When Importing a Locally Saved Payload
In Fusion Middleware Control, when you test a SOAP web service on the Test Web Service page, the Import Payload option does not generate the correct date/date time type patterns when importing a payload XML file, as follows:
-
Tree View – The date time value is always formatted to a US pattern, such as
Tue Dec 30 00:00:00 PST 2014
, when the correct pattern should beYYYY-MM-ddTHH:mm:ss
orYYYY-MM-dd
. -
XML View – The server time zone is always incorrectly appended to the date, such as
2014-12-30-08:00
, which is not part of the imported value.
Workaround:
Clear the imported date and date time values, and then manually enter the correct values before you submit the payload.
Parent topic: Web Services
A Test Web Service Page Does Not Save Loaded Payloads in the Correct Format
In Fusion Middleware Control, when you test a SOAP web service on the Test Web Service page, the Save Payload option incorrectly saves the loaded payload in Server Locale format (ISO-8859-1) instead of in UTF-8 format.
Parent topic: Web Services
Using the Automatic Policy Configuration for STS May Not Result in a Compatible Policy for a Web Service Client
Using the automatic policy configuration for STS (Security Token Service) in OWSM may not result in a compatible policy.
Workaround:
Manually configure the STS config policy from a web service client, as described in "Manually Configuring the STS Config Policy From the Web Service Client: Main Steps" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Parent topic: Web Services
Incompatible Policies Are Listed for Web Services and Clients Using SOAP Over JMS Transport
In Fusion Middleware Control, when you attach OWSM policies to web services and clients that use SOAP over JMS transport, the list of available policies includes policies that are not compatible.
See, "Which OWSM Policies Are Supported for Web Services and Clients That Use SOAP Over JMS Transport" in Securing Web Services and Managing Policies with Oracle Web Services Manager.
Parent topic: Web Services
NoSuchObjectException When the Server Hosting WSM-PM is Shut Down
When the server on which the wsm-pm application is running in a WebLogic domain is shut down before servers on other domains are shut down, you will see an exception as follows:
<Error> <oracle.wsm.resources.policymanager> <WSM-02313> <The documents used by a policy subject cannot be recorded due to underlying error "Exception during invoke." java.rmi.NoSuchObjectException: Exception during invoke.
This error occurs when agents on other domains try to continue to talk to wsm-pm and are unable to do so.
This is expected behavior when wsm-pm is not available due to shutdown of the WebLogic server where it is deployed. No user action is needed.
Parent topic: Web Services
NullPointerException After Stopping the WebCenter Portal Managed Server
After you stop the WebCenter Portal Managed Server, the following error message may appear:
Failed while destroying filter: OWSM Security Filter. java.lang.NullPointerException
There is no impact to functionality, and no user action is needed.
Parent topic: Web Services
ConnectException when the Server Hosting WSM-PM is Down
When the server on which the wsm-pm application is running in a WebLogic domain is shut down before servers on other domains are shut down, you see an exception as follows:
java.rmi.ConnectException
This error occurs if the wsm-pm application is unreachable.
This is expected behavior when wsm-pm is not available due to shutdown of the WebLogic server where it is deployed. No user action is needed.
Parent topic: Web Services
The Repository Write Timestamp Cannot Be Retrieved When the Server Hosting WSM-PM Is Shut Down
When you shut down the server on which the wsm-pm application is deployed before you shut down the Administration Server, you see the following exception:
The repository write timestamp cannot be retrieved due to underlying error
This is expected behavior. No user action is needed.
Parent topic: Web Services
Harmless Warning Message When You Create Policy Sets
When you create policy sets for resource type of SOAP Web Service
or SOAP Web Service Client
" with non-security policy references attached, you will see a warning message:
"Non-Security policies do not apply to Java EE Web Services."
This warning message can be ignored.
Parent topic: Web Services
About Difference between Installed and Upgraded Configuration Files
The following domain configuration files appear different in a new 12.2.1 install compared to an upgraded WebCenter Portal:
config/fmwconfig/audit-store.xml config/fmwconfig/jps-config.xml config/fmwconfig/jps-config-jse.xml
This occurs because, during upgrade, the configuration is moved to wsm-config.xml
but not removed from the original files including jps-config.xml
. There is no impact to functionality and the variation can be safely ignored.
Parent topic: Web Services
Oracle Infrastructure Web Service Applications Built in 11g Containing WebServiceRef Annotation Fails
Oracle Infrastructure Web Services do not support the WebServiceRef
annotation. In Release 11g, generated example code included this annotation. If you included this generated example code in your applications, they built and ran successfully because the annotation was ignored. In the CDI implementation in Java EE 7 in 12c (12.2.1), all annotations are processed. As a result, any applications built in Release 11g that contain these generated example classes ([Service]PortClient.java
) fails.
Note that Oracle Infrastructure Web Service applications built in 12c do not contain this annotation and do not exhibit this problem.
Workaround
Use one of the following solutions:
-
Remove the
WebServiceRef
annotation from the generated source code in the application or library.In the 11g Oracle Infrastructure Web Service WSA generated example client classes, the class name is always
<Port Name>Client.java
. You can remove the annotation by:-
Searching within your source code to find terms such as "*Client.java", or
-
Writing a helper class to search the JAR/WAR/EAR code. For example:
private final static Class DefaultAnnotationTypeClass = javax.xml.ws.WebServiceRef.class; private void findAnnotation(Class targetClass, Class annotationTypeClass) throws Exception { if (targetClass == null || annotationTypeClass == null) { return; } if (targetClass.getAnnotation(annotationTypeClass) != null) { throw new Exception("Found " + annotationTypeClass + " in class " + targetClass.getName()); } for (Field field : targetClass.getDeclaredFields()) { if (field != null && field.getAnnotation(annotationTypeClass) != null) { throw new Exception("Found " + annotationTypeClass + " in class " + targetClass.getName()); } } } ... findAnnotation( userPortClientClass , DefaultAnnotationTypeClass ); .
-
-
For each WAR /JAR file, providing a
beans.xml
that disables CDI annotation scanning for the application. The necessarybeans.xml
snippet to turn off CDI annotation scanning is as follows:<beans xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/beans_1_1.xsd" bean-discovery-mode="none"> </beans>
Parent topic: Web Services
WADL for OPSS and OWSM REST API Is Not Generated from the Browser
WADL for OPSS REST APIs and OWSM REST APIs is not generated from the browser because of the loading of the XSL stylesheet.
Workaround
Instead of generating WADL from the browser by visiting URLs such as the following, use the Mozilla REST client to visit these URLs:
http://myhost.mydomain.com:7001/idaas/platform/admin/v1/application.wadl http://myhost.mydomain.com:7001/idaas/webservice/admin/v1/application.wadl
The response will give the XML contents of WADL.
Parent topic: Web Services
Disable XML External Entity Expansion (XXE) When Using MDDS API
If you are using the MDDS API, disable XXE in the WSDL by setting the oracle.j2ee.ws.mdds.preventXXE
option to Boolean.TRUE
as shown in the following example:
modelFactory.setOption("oracle.j2ee.ws.mdds.preventXXE", Boolean.TRUE);
Parent topic: Web Services