Configuring Authentication for Secure Outbound Web Service Requests

While connecting to the edge applications that use the HTTPS protocol, before executing the Oracle Utilities Testing Accelerator scripts, the security certificate should be saved in the system from where the Oracle Utilities Testing Accelerator test cases are executed. Register the certificate in the Java security certificates repository.

Define the following properties in the configuration file.

System Property	Comments
javax.net.ssl.keyStore	Keystore location
javax.net.ssl.keyStoreType	Default keystore type
javax.net.ssl.keyStorePassword	Default keystore password

To import the security key store into Java key store:

1. Enter the URL (HTTPS) of the application in the browser.

Example: Internet Explorer

2. Click Continue to this Website (not recommended) link on the Security Certificate page.

3. Click Certificate Error in the address bar.

4. Click the View Certificates link on the Certificate Invalid pop-up window.

5. On the Details tab, click Copy to File.

6. Click Browse and select the file to export. Click Next.

7. Review the settings and click Finish.

8. Login to the machine where this certificate should be imported into the Java key store and open the command prompt.

9. If the Java path is not set in the environment variables, navigate to the Java/jdk/bin directory and execute the following command.

keytool -import -alias <Alias Name> -file <path of the file exported in Step 7> -keystore <Java keystore path>

10. Enter “changeit” as the Password.

11. Click Yes to import the certificate. The property file attributes for HTTPS requests are as follows:

##Handling Https WSDL - Java key Store

gStrJavaKeyStorePath=C:\\jdk8\\jre\\lib\\security\\

gStrJavaKeyStorePwd=changeit

Based on the version of the Oracle Utilities application (and Oracle Utilities Application Framework), the web service requests are also expected to include additional information other than the user credentials. To support this, two new properties are introduced in the configuration.properties file using which users can specify the authentication used by the environment.

For the latest versions of Oracle Utilities applications, a timestamp is expected in the web service requests. For these environments, specify the header type as TIMESTAMP, the other property gStrTimeToLive specifies the validity of the request in seconds.

#Header Type

gStrApplicationHeaderType=TIMESTAMP

#Timestamp interval

gStrTimeToLive=120

In cases where the configuration.properties contains details of more than one environment, prefix the header property with the application string.

#Header Type

gStrUAT_gStrApplicationHeaderType=TIMESTAMP

#Timestamp interval

gStrUAT_gStrTimeToLive=120

For the older versions of Oracle Utilities applications, only the user credentials are expected. So specify the header as USERTOKEN.

#Header Type

gStrApplicationHeaderType=USERTOKEN

In cases where there is a mix of environments that use the new header type and old header type in the same configuration.properties file, specify the properties for individual environments as follows.

#Header Type

gStrUAT_gStrApplicationHeaderType=TIMESTAMP

#Timestamp interval

gStrUAT_gStrTimeToLive=120

#Header TypegStrINT_gStrApplicationHeaderType=USERTOKEN

Note: The user credentials are sent as digest by default. To send them as plain text, set the property mentioned needs to 'true'.

gStrSendPasswordAsText = true