Search Results

Search found 9 results on 1 pages for 'wsat'.

Page 1/1 | 1 

  • WSAT Security tab error for Custom Role provider

    - by shesb
    I have created custome Membership Role and Profile provider using INGRES db. Now I can see my IngresMembership and IngresRole provider in the Provider tab(Select a different provider for each feature (advanced) ) of WSAT but when I clik on security tab I get this error: "There is a problem with your selected data store. This can be caused by an invalid server name or credentials, or by insufficient permission. It can also be caused by the role manager feature not being enabled. Click the button below to be redirected to a page where you can choose a new data store. The following message may help in diagnosing the problem: Object reference not set to an instance of an object." What am I missing? Do I need to add code for all override methods for Role provider? I have just written code for the Initialize and GetRolesForUser functions. Thanks

    Read the article

  • Access Rules created by WSAT are not enforced

    - by rsteckly
    Hi, I'm trying to implement roles in my site. There are several projects in the solution, one of which is a web application. In that web application, I'm trying to use WSAT to create three roles. There are many folders for the application. I've used WSAT to define role based access rules for each folder. However, when I debug and navigate to those pages, they do not redirect to a login and show me the protected page. There are web.config files in each folder. Why would the system not enforce these rules? My web.config file has: I've tested the connections in WSAT and they work. Any ideas?

    Read the article

  • Error deploying web application on Weblogic 10.3 using maven 2: "Can't find wsdl /wsdls/wsat.wsdl"

    - by Marcos Carceles
    Hi, I'm using maven for deploying a web application in my Weblogic 10.3 server remotely. I created my pom file based on the indication on this previous question: Using maven as build tool for Weblogic 10.3 My pom.xml file is: <project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd"> <modelVersion>4.0.0</modelVersion> <groupId>com.balfourbeatty.horizon.maven.test</groupId> <artifactId>maven-test-webapp</artifactId> <packaging>war</packaging> <version>1.0-SNAPSHOT</version> <name>maven-test-webapp Maven Webapp</name> <url>http://maven.apache.org</url> <properties> <weblogic.version>10.3</weblogic.version> </properties> <build> <plugins> <plugin> <groupId>org.apache.myfaces.trinidadbuild</groupId> <artifactId>maven-jdev-plugin</artifactId> </plugin> <plugin> <groupId>org.codehaus.mojo</groupId> <artifactId>weblogic-maven-plugin</artifactId> <version>2.9.1</version> <configuration> <name>maven-test-webapp</name> <adminServerHostName>******************</adminServerHostName> <adminServerPort>****</adminServerPort> <adminServerProtocol>t3</adminServerProtocol> <userId>******</userId> <password>*****</password> <upload>true</upload> <remote>true</remote> <verbose>true</verbose> <debug>true</debug> <targetNames>WLS_Spaces</targetNames> <noExit>true</noExit> <projectPackaging>war</projectPackaging> </configuration> <dependencies> <dependency> <groupId>com.sun</groupId> <artifactId>tools</artifactId> <version>1.6</version> <scope>system</scope> <systemPath>${java.home}/../lib/tools.jar</systemPath> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>weblogic</artifactId> <version>${weblogic.version}</version> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>webservices</artifactId> <version>${weblogic.version}</version> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.utils.full</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.i18n</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.rmi.client</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>javax.enterprise.deploy</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>webserviceclient</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.security.wls</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.security.identity</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.security</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>wlclient</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.transaction</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.utils.classloaders</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>wljmsclient</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.management.core</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>wls-api</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.descriptor</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.logging</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.socket.api</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.security.digest</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.workmanager</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.weblogic.lifecycle</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.utils.wrapper</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>wlsafclient</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.management.jmx</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>com.bea.core.descriptor.wl</artifactId> <version>${weblogic.version}</version> <scope>provided</scope> </dependency> <dependency> <groupId>weblogic</groupId> <artifactId>javax.mail</artifactId> <version>10.3</version> </dependency> </dependencies> </plugin> </plugins> <finalName>maven-test-webapp</finalName> </build> <dependencies> <dependency> <groupId>junit</groupId> <artifactId>junit</artifactId> <version>3.8.1</version> <scope>test</scope> </dependency> <dependency> <groupId>org.codehaus.mojo</groupId> <artifactId>weblogic-maven-plugin</artifactId> <version>2.9.1</version> </dependency> </dependencies> <distributionManagement> <!-- use the following if you're not using a snapshot version. --> <repository> <id>internal</id> <name>Archiva Managed Internal Repository</name> <url>http://localhost:8180/archiva/repository/internal</url> </repository> <!-- use the following if you ARE using a snapshot version. --> <snapshotRepository> <id>snapshots</id> <name>Archiva Managed Snapshot Repository</name> <url>http://localhost:8180/archiva/repository/snapshots</url> </snapshotRepository> </distributionManagement> </project> All the dependencies are already resolved properly, as they are in the local archiva repository. The application does not contain any web-service, being just a "hello world" application. /index.jsp /WEB-INF/web.xml The error I get is: [BasicOperation.execute():423] : Initiating deploy operation for app, maven-test-webapp, on targets: [BasicOperation.execute():425] : WLS_Spaces Task 14 initiated: [Deployer:149026]deploy application maven-test-webapp on WLS_Spaces. dumping Exception stack Task 14 failed: [Deployer:149026]deploy application maven-test-webapp on WLS_Spaces. Target state: deploy failed on Server WLS_Spaces weblogic.wsee.ws.WsException: When processing WebService module 'maven-test-webapp.war'. Can't find wsdl /wsdls/wsat.wsdl at weblogic.wsee.deploy.WSEEWebModule.loadWsdlDefinitions(WSEEWebModule.java:159) at weblogic.wsee.deploy.WSEEModule.loadWsdl(WSEEModule.java:334) at weblogic.wsee.deploy.WSEEAnnotationProcessor.isWsdlHasPolicy(WSEEAnnotationProcessor.java:312) at weblogic.wsee.deploy.WSEEAnnotationProcessor.process(WSEEAnnotationProcessor.java:91) at weblogic.wsee.deploy.WSEEAnnotationProcessor.process(WSEEAnnotationProcessor.java:51) at weblogic.wsee.deploy.WSEEModule.prepare(WSEEModule.java:102) at weblogic.wsee.deploy.ServletDeployListener.contextPrepared(ServletDeployListener.java:26) at weblogic.servlet.internal.EventsManager$FireContextPreparedAction.run(EventsManager.java:503) at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321) at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121) at weblogic.servlet.internal.EventsManager.notifyContextPreparedEvent(EventsManager.java:162) at weblogic.servlet.internal.WebAppServletContext.initContextListeners(WebAppServletContext.java:1782) at weblogic.servlet.internal.WebAppServletContext.prepare(WebAppServletContext.java:1136) at weblogic.servlet.internal.HttpServer.doPostContextInit(HttpServer.java:449) at weblogic.servlet.internal.HttpServer.loadWebApp(HttpServer.java:424) at weblogic.servlet.internal.WebAppModule.registerWebApp(WebAppModule.java:924) at weblogic.servlet.internal.WebAppModule.prepare(WebAppModule.java:356) at weblogic.application.internal.flow.ScopedModuleDriver.prepare(ScopedModuleDriver.java:176) at weblogic.application.internal.flow.ModuleListenerInvoker.prepare(ModuleListenerInvoker.java:199) at weblogic.application.internal.flow.DeploymentCallbackFlow$1.next(DeploymentCallbackFlow.java:391) at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:83) at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:59) at weblogic.application.internal.flow.DeploymentCallbackFlow.prepare(DeploymentCallbackFlow.java:43) at weblogic.application.internal.BaseDeployment$1.next(BaseDeployment.java:1221) at weblogic.application.utils.StateMachineDriver.nextState(StateMachineDriver.java:83) at weblogic.application.internal.BaseDeployment.prepare(BaseDeployment.java:367) at weblogic.application.internal.SingleModuleDeployment.prepare(SingleModuleDeployment.java:39) at weblogic.application.internal.DeploymentStateChecker.prepare(DeploymentStateChecker.java:154) at weblogic.deploy.internal.targetserver.AppContainerInvoker.prepare(AppContainerInvoker.java:60) at weblogic.deploy.internal.targetserver.operations.ActivateOperation.createAndPrepareContainer(ActivateOperation.java:207) at weblogic.deploy.internal.targetserver.operations.ActivateOperation.doPrepare(ActivateOperation.java:98) at weblogic.deploy.internal.targetserver.operations.AbstractOperation.prepare(AbstractOperation.java:217) at weblogic.deploy.internal.targetserver.DeploymentManager.handleDeploymentPrepare(DeploymentManager.java:747) at weblogic.deploy.internal.targetserver.DeploymentManager.prepareDeploymentList(DeploymentManager.java:1216) at weblogic.deploy.internal.targetserver.DeploymentManager.handlePrepare(DeploymentManager.java:250) at weblogic.deploy.internal.targetserver.DeploymentServiceDispatcher.prepare(DeploymentServiceDispatcher.java:159) at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.doPrepareCallback(DeploymentReceiverCallbackDeliverer.java:157) at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer.access$000(DeploymentReceiverCallbackDeliverer.java:12) at weblogic.deploy.service.internal.targetserver.DeploymentReceiverCallbackDeliverer$1.run(DeploymentReceiverCallbackDeliverer.java:45) at weblogic.work.SelfTuningWorkManagerImpl$WorkAdapterImpl.run(SelfTuningWorkManagerImpl.java:516) at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201) at weblogic.work.ExecuteThread.run(ExecuteThread.java:173) Does anyone have any idea on what could the problem be? Many thanks!

    Read the article

  • Exception Servlets have the same pattern, how to solve?

    - by user3713766
    This is my web xml: <?xml version="1.0" encoding="UTF-8"?> <web-app version="3.1" xmlns="http://xmlns.jcp.org/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://xmlns.jcp.org/xml/ns/javaee http://xmlns.jcp.org/xml/ns/javaee/web-app_3_1.xsd"> <context-param> <param-name>primefaces.THEME</param-name> <param-value>cc</param-value> </context-param> <context-param> <param-name>javax.faces.PROJECT_STAGE</param-name> <param-value>Development</param-value> </context-param> <servlet> <servlet-name>Faces Servlet</servlet-name> <servlet-class>javax.faces.webapp.FacesServlet</servlet-class> <load-on-startup>1</load-on-startup> </servlet> <servlet-mapping> <servlet-name>Faces Servlet</servlet-name> <url-pattern>*.xhtml</url-pattern> </servlet-mapping> <session-config> <session-timeout> -1 </session-timeout> </session-config> <welcome-file-list> <welcome-file>index.xhtml</welcome-file> </welcome-file-list> </web-app> Below is my glassfish server output. So what causes that exception and what are my options? Any help would be appreciated. It seems like I posted most of code but, I've stated my problem quite clearly.So thanks in advance. Severe: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] Severe: Exception while deploying the app [ClickService] Severe: Exception during lifecycle processing java.lang.IllegalStateException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:518) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:446) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:338) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:91) at com.sun.enterprise.deployment.archivist.Archivist.readRestDeploymentDescriptors(Archivist.java:420) at com.sun.enterprise.deployment.archivist.Archivist.readDeploymentDescriptors(Archivist.java:396) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:271) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:280) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:241) at com.sun.enterprise.deployment.archivist.ApplicationFactory.openArchive(ApplicationFactory.java:161) at org.glassfish.javaee.core.deployment.DolProvider.processDOL(DolProvider.java:198) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:222) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:96) at com.sun.enterprise.v3.server.ApplicationLifecycle.loadDeployer(ApplicationLifecycle.java:878) at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:818) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:374) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:219) at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:491) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423) at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674) at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:534) at com.sun.enterprise.v3.admin.AdminAdapter.onMissingResource(AdminAdapter.java:224) at org.glassfish.grizzly.http.server.StaticHttpHandler.service(StaticHttpHandler.java:297) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:745) Caused by: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:367) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:375) at org.glassfish.apf.impl.AnnotationProcessorImpl.processAnnotations(AnnotationProcessorImpl.java:289) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:195) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:134) at com.sun.enterprise.deployment.archivist.Archivist.processAnnotations(Archivist.java:626) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:462) ... 48 more Caused by: java.lang.IllegalArgumentException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] at org.glassfish.web.deployment.descriptor.WebBundleDescriptorImpl.addWebComponentDescriptor(WebBundleDescriptorImpl.java:359) at org.glassfish.webservices.connector.annotation.handlers.WebServiceHandler.processAnnotation(WebServiceHandler.java:461) at com.sun.enterprise.deployment.annotation.factory.SJSASFactory$LazyAnnotationHandler.processAnnotation(SJSASFactory.java:148) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:344) ... 54 more Severe: Exception while deploying the app [ClickService] : Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service]. Related annotation information: annotation [@javax.jws.WebService(wsdlLocation=/wsdls/wsat11/wstx-wsat-1.1-wsdl-200702.wsdl, name=, portName=ParticipantPort, endpointInterface=com.sun.xml.ws.tx.at.v11.types.ParticipantPortType, serviceName=WSAT11Service, targetNamespace=http://docs.oasis-open.org/ws-tx/wsat/2006/06)] on annotated element [class com.sun.xml.ws.tx.at.v11.endpoint.ParticipantPortImpl] of type [TYPE] at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:367) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:375) at org.glassfish.apf.impl.AnnotationProcessorImpl.processAnnotations(AnnotationProcessorImpl.java:289) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:195) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:134) at com.sun.enterprise.deployment.archivist.Archivist.processAnnotations(Archivist.java:626) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:462) at com.sun.enterprise.deployment.archivist.Archivist.readAnnotations(Archivist.java:446) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:338) at org.glassfish.web.deployment.archivist.WebArchivist.postAnnotationProcess(WebArchivist.java:91) at com.sun.enterprise.deployment.archivist.Archivist.readRestDeploymentDescriptors(Archivist.java:420) at com.sun.enterprise.deployment.archivist.Archivist.readDeploymentDescriptors(Archivist.java:396) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:271) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:280) at com.sun.enterprise.deployment.archivist.Archivist.open(Archivist.java:241) at com.sun.enterprise.deployment.archivist.ApplicationFactory.openArchive(ApplicationFactory.java:161) at org.glassfish.javaee.core.deployment.DolProvider.processDOL(DolProvider.java:198) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:222) at org.glassfish.javaee.core.deployment.DolProvider.load(DolProvider.java:96) at com.sun.enterprise.v3.server.ApplicationLifecycle.loadDeployer(ApplicationLifecycle.java:878) at com.sun.enterprise.v3.server.ApplicationLifecycle.setupContainerInfos(ApplicationLifecycle.java:818) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:374) at com.sun.enterprise.v3.server.ApplicationLifecycle.deploy(ApplicationLifecycle.java:219) at org.glassfish.deployment.admin.DeployCommand.execute(DeployCommand.java:491) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:527) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2$1.run(CommandRunnerImpl.java:523) at java.security.AccessController.doPrivileged(Native Method) at javax.security.auth.Subject.doAs(Subject.java:360) at com.sun.enterprise.v3.admin.CommandRunnerImpl$2.execute(CommandRunnerImpl.java:522) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:546) at com.sun.enterprise.v3.admin.CommandRunnerImpl.doCommand(CommandRunnerImpl.java:1423) at com.sun.enterprise.v3.admin.CommandRunnerImpl.access$1500(CommandRunnerImpl.java:108) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1762) at com.sun.enterprise.v3.admin.CommandRunnerImpl$ExecutionContext.execute(CommandRunnerImpl.java:1674) at com.sun.enterprise.v3.admin.AdminAdapter.doCommand(AdminAdapter.java:534) at com.sun.enterprise.v3.admin.AdminAdapter.onMissingResource(AdminAdapter.java:224) at org.glassfish.grizzly.http.server.StaticHttpHandler.service(StaticHttpHandler.java:297) at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:246) at org.glassfish.grizzly.http.server.HttpHandler.runService(HttpHandler.java:191) at org.glassfish.grizzly.http.server.HttpHandler.doHandle(HttpHandler.java:168) at org.glassfish.grizzly.http.server.HttpServerFilter.handleRead(HttpServerFilter.java:189) at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:288) at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:206) at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:136) at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:114) at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:838) at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:113) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.run0(WorkerThreadIOStrategy.java:115) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy.access$100(WorkerThreadIOStrategy.java:55) at org.glassfish.grizzly.strategies.WorkerThreadIOStrategy$WorkerThreadRunnable.run(WorkerThreadIOStrategy.java:135) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:564) at org.glassfish.grizzly.threadpool.AbstractThreadPool$Worker.run(AbstractThreadPool.java:544) at java.lang.Thread.run(Thread.java:745) Caused by: java.lang.IllegalArgumentException: Servlet [CoordinatorPortImpl] and Servlet [ParticipantPortImpl] have the same url pattern: [/WSAT11Service] at org.glassfish.web.deployment.descriptor.WebBundleDescriptorImpl.addWebComponentDescriptor(WebBundleDescriptorImpl.java:359) at org.glassfish.webservices.connector.annotation.handlers.WebServiceHandler.processAnnotation(WebServiceHandler.java:461) at com.sun.enterprise.deployment.annotation.factory.SJSASFactory$LazyAnnotationHandler.processAnnotation(SJSASFactory.java:148) at org.glassfish.apf.impl.AnnotationProcessorImpl.process(AnnotationProcessorImpl.java:344) ... 54 more

    Read the article

  • MVC 4 Authentication

    - by Aligned
    First: After searching for awhile to figure out what’s new/different with MVC 4 and forms authentication, this is the best article I've found on the subject: http://weblogs.asp.net/jgalloway/archive/2012/08/29/simplemembership-membership-providers-universal-providers-and-the-new-asp-net-4-5-web-forms-and-asp-net-mvc-4-templates.aspx Some quotes from the article: “The ASP.NET Web Pages team designed SimpleMembership to (wait for it) simplify the task of dealing with membership” "WSAT is built to work with ASP.NET Membership, and is not compatible with Simple Membership. There are two main options there: Use the WebSecurity and OAuthWebSecurity API to manage the users and roles Create a web admin using the above APIs Since SimpleMembership runs on top of your database, you can update your users as you would any other data - via EF or even in direct database edits (in development, of course)" “If you want to use an existing ASP.NET Membership Provider in ASP.NET MVC 4, you can't use the new AccountController. You can do a few things:” “Universal Providers do not work with Simple Membership.” ~ this post (look for Bob.at.SBS’s answer) says Universal Providers is not needed for MVC 4 to work in Azure)   I've been trying to figure out the Forms Authentication in MVC4. It's different than the past approach (aspnet_regsql). If you do file new project -> MVC 4 -> internet application, you get a really nice template with the controller and model setup for you. However, the tables are different than using aspnet_regsql and the ASP.Net Configuration tool (WSAT) wasn’t connecting to the data I had (it was creating an App_Data/aspnet.mdf file, which I didn’t see right away). Points of Note The database tables are created in the SimpleMembershipInitializer class, when you first run your app using Entity Framework 5 migration functionality. The tables created are webpages_Membership, webpages_OAuthMembership, webpages_Roles, webpages_UsersInRoles, UserProfile. Web.config settings don’t seem to be needed.   Scott Hanselman on Universal Providers was also useful if not somewhat out dated. Universal Providers and SimpleMembership are not compatible. http://www.asp.net/web-pages/tutorials/security/16-adding-security-and-membership – walk-through

    Read the article

  • SimpleMembership, Membership Providers, Universal Providers and the new ASP.NET 4.5 Web Forms and ASP.NET MVC 4 templates

    - by Jon Galloway
    The ASP.NET MVC 4 Internet template adds some new, very useful features which are built on top of SimpleMembership. These changes add some great features, like a much simpler and extensible membership API and support for OAuth. However, the new account management features require SimpleMembership and won't work against existing ASP.NET Membership Providers. I'll start with a summary of top things you need to know, then dig into a lot more detail. Summary: SimpleMembership has been designed as a replacement for traditional the previous ASP.NET Role and Membership provider system SimpleMembership solves common problems people ran into with the Membership provider system and was designed for modern user / membership / storage needs SimpleMembership integrates with the previous membership system, but you can't use a MembershipProvider with SimpleMembership The new ASP.NET MVC 4 Internet application template AccountController requires SimpleMembership and is not compatible with previous MembershipProviders You can continue to use existing ASP.NET Role and Membership providers in ASP.NET 4.5 and ASP.NET MVC 4 - just not with the ASP.NET MVC 4 AccountController The existing ASP.NET Role and Membership provider system remains supported as is part of the ASP.NET core ASP.NET 4.5 Web Forms does not use SimpleMembership; it implements OAuth on top of ASP.NET Membership The ASP.NET Web Site Administration Tool (WSAT) is not compatible with SimpleMembership The following is the result of a few conversations with Erik Porter (PM for ASP.NET MVC) to make sure I had some the overall details straight, combined with a lot of time digging around in ILSpy and Visual Studio's assembly browsing tools. SimpleMembership: The future of membership for ASP.NET The ASP.NET Membership system was introduces with ASP.NET 2.0 back in 2005. It was designed to solve common site membership requirements at the time, which generally involved username / password based registration and profile storage in SQL Server. It was designed with a few extensibility mechanisms - notably a provider system (which allowed you override some specifics like backing storage) and the ability to store additional profile information (although the additional  profile information was packed into a single column which usually required access through the API). While it's sometimes frustrating to work with, it's held up for seven years - probably since it handles the main use case (username / password based membership in a SQL Server database) smoothly and can be adapted to most other needs (again, often frustrating, but it can work). The ASP.NET Web Pages and WebMatrix efforts allowed the team an opportunity to take a new look at a lot of things - e.g. the Razor syntax started with ASP.NET Web Pages, not ASP.NET MVC. The ASP.NET Web Pages team designed SimpleMembership to (wait for it) simplify the task of dealing with membership. As Matthew Osborn said in his post Using SimpleMembership With ASP.NET WebPages: With the introduction of ASP.NET WebPages and the WebMatrix stack our team has really be focusing on making things simpler for the developer. Based on a lot of customer feedback one of the areas that we wanted to improve was the built in security in ASP.NET. So with this release we took that time to create a new built in (and default for ASP.NET WebPages) security provider. I say provider because the new stuff is still built on the existing ASP.NET framework. So what do we call this new hotness that we have created? Well, none other than SimpleMembership. SimpleMembership is an umbrella term for both SimpleMembership and SimpleRoles. Part of simplifying membership involved fixing some common problems with ASP.NET Membership. Problems with ASP.NET Membership ASP.NET Membership was very obviously designed around a set of assumptions: Users and user information would most likely be stored in a full SQL Server database or in Active Directory User and profile information would be optimized around a set of common attributes (UserName, Password, IsApproved, CreationDate, Comment, Role membership...) and other user profile information would be accessed through a profile provider Some problems fall out of these assumptions. Requires Full SQL Server for default cases The default, and most fully featured providers ASP.NET Membership providers (SQL Membership Provider, SQL Role Provider, SQL Profile Provider) require full SQL Server. They depend on stored procedure support, and they rely on SQL Server cache dependencies, they depend on agents for clean up and maintenance. So the main SQL Server based providers don't work well on SQL Server CE, won't work out of the box on SQL Azure, etc. Note: Cory Fowler recently let me know about these Updated ASP.net scripts for use with Microsoft SQL Azure which do support membership, personalization, profile, and roles. But the fact that we need a support page with a set of separate SQL scripts underscores the underlying problem. Aha, you say! Jon's forgetting the Universal Providers, a.k.a. System.Web.Providers! Hold on a bit, we'll get to those... Custom Membership Providers have to work with a SQL-Server-centric API If you want to work with another database or other membership storage system, you need to to inherit from the provider base classes and override a bunch of methods which are tightly focused on storing a MembershipUser in a relational database. It can be done (and you can often find pretty good ones that have already been written), but it's a good amount of work and often leaves you with ugly code that has a bunch of System.NotImplementedException fun since there are a lot of methods that just don't apply. Designed around a specific view of users, roles and profiles The existing providers are focused on traditional membership - a user has a username and a password, some specific roles on the site (e.g. administrator, premium user), and may have some additional "nice to have" optional information that can be accessed via an API in your application. This doesn't fit well with some modern usage patterns: In OAuth and OpenID, the user doesn't have a password Often these kinds of scenarios map better to user claims or rights instead of monolithic user roles For many sites, profile or other non-traditional information is very important and needs to come from somewhere other than an API call that maps to a database blob What would work a lot better here is a system in which you were able to define your users, rights, and other attributes however you wanted and the membership system worked with your model - not the other way around. Requires specific schema, overflow in blob columns I've already mentioned this a few times, but it bears calling out separately - ASP.NET Membership focuses on SQL Server storage, and that storage is based on a very specific database schema. SimpleMembership as a better membership system As you might have guessed, SimpleMembership was designed to address the above problems. Works with your Schema As Matthew Osborn explains in his Using SimpleMembership With ASP.NET WebPages post, SimpleMembership is designed to integrate with your database schema: All SimpleMembership requires is that there are two columns on your users table so that we can hook up to it – an “ID” column and a “username” column. The important part here is that they can be named whatever you want. For instance username doesn't have to be an alias it could be an email column you just have to tell SimpleMembership to treat that as the “username” used to log in. Matthew's example shows using a very simple user table named Users (it could be named anything) with a UserID and Username column, then a bunch of other columns he wanted in his app. Then we point SimpleMemberhip at that table with a one-liner: WebSecurity.InitializeDatabaseFile("SecurityDemo.sdf", "Users", "UserID", "Username", true); No other tables are needed, the table can be named anything we want, and can have pretty much any schema we want as long as we've got an ID and something that we can map to a username. Broaden database support to the whole SQL Server family While SimpleMembership is not database agnostic, it works across the SQL Server family. It continues to support full SQL Server, but it also works with SQL Azure, SQL Server CE, SQL Server Express, and LocalDB. Everything's implemented as SQL calls rather than requiring stored procedures, views, agents, and change notifications. Note that SimpleMembership still requires some flavor of SQL Server - it won't work with MySQL, NoSQL databases, etc. You can take a look at the code in WebMatrix.WebData.dll using a tool like ILSpy if you'd like to see why - there places where SQL Server specific SQL statements are being executed, especially when creating and initializing tables. It seems like you might be able to work with another database if you created the tables separately, but I haven't tried it and it's not supported at this point. Note: I'm thinking it would be possible for SimpleMembership (or something compatible) to run Entity Framework so it would work with any database EF supports. That seems useful to me - thoughts? Note: SimpleMembership has the same database support - anything in the SQL Server family - that Universal Providers brings to the ASP.NET Membership system. Easy to with Entity Framework Code First The problem with with ASP.NET Membership's system for storing additional account information is that it's the gate keeper. That means you're stuck with its schema and accessing profile information through its API. SimpleMembership flips that around by allowing you to use any table as a user store. That means you're in control of the user profile information, and you can access it however you'd like - it's just data. Let's look at a practical based on the AccountModel.cs class in an ASP.NET MVC 4 Internet project. Here I'm adding a Birthday property to the UserProfile class. [Table("UserProfile")] public class UserProfile { [Key] [DatabaseGeneratedAttribute(DatabaseGeneratedOption.Identity)] public int UserId { get; set; } public string UserName { get; set; } public DateTime Birthday { get; set; } } Now if I want to access that information, I can just grab the account by username and read the value. var context = new UsersContext(); var username = User.Identity.Name; var user = context.UserProfiles.SingleOrDefault(u => u.UserName == username); var birthday = user.Birthday; So instead of thinking of SimpleMembership as a big membership API, think of it as something that handles membership based on your user database. In SimpleMembership, everything's keyed off a user row in a table you define rather than a bunch of entries in membership tables that were out of your control. How SimpleMembership integrates with ASP.NET Membership Okay, enough sales pitch (and hopefully background) on why things have changed. How does this affect you? Let's start with a diagram to show the relationship (note: I've simplified by removing a few classes to show the important relationships): So SimpleMembershipProvider is an implementaiton of an ExtendedMembershipProvider, which inherits from MembershipProvider and adds some other account / OAuth related things. Here's what ExtendedMembershipProvider adds to MembershipProvider: The important thing to take away here is that a SimpleMembershipProvider is a MembershipProvider, but a MembershipProvider is not a SimpleMembershipProvider. This distinction is important in practice: you cannot use an existing MembershipProvider (including the Universal Providers found in System.Web.Providers) with an API that requires a SimpleMembershipProvider, including any of the calls in WebMatrix.WebData.WebSecurity or Microsoft.Web.WebPages.OAuth.OAuthWebSecurity. However, that's as far as it goes. Membership Providers still work if you're accessing them through the standard Membership API, and all of the core stuff  - including the AuthorizeAttribute, role enforcement, etc. - will work just fine and without any change. Let's look at how that affects you in terms of the new templates. Membership in the ASP.NET MVC 4 project templates ASP.NET MVC 4 offers six Project Templates: Empty - Really empty, just the assemblies, folder structure and a tiny bit of basic configuration. Basic - Like Empty, but with a bit of UI preconfigured (css / images / bundling). Internet - This has both a Home and Account controller and associated views. The Account Controller supports registration and login via either local accounts and via OAuth / OpenID providers. Intranet - Like the Internet template, but it's preconfigured for Windows Authentication. Mobile - This is preconfigured using jQuery Mobile and is intended for mobile-only sites. Web API - This is preconfigured for a service backend built on ASP.NET Web API. Out of these templates, only one (the Internet template) uses SimpleMembership. ASP.NET MVC 4 Basic template The Basic template has configuration in place to use ASP.NET Membership with the Universal Providers. You can see that configuration in the ASP.NET MVC 4 Basic template's web.config: <profile defaultProvider="DefaultProfileProvider"> <providers> <add name="DefaultProfileProvider" type="System.Web.Providers.DefaultProfileProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" /> </providers> </profile> <membership defaultProvider="DefaultMembershipProvider"> <providers> <add name="DefaultMembershipProvider" type="System.Web.Providers.DefaultMembershipProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" enablePasswordRetrieval="false" enablePasswordReset="true" requiresQuestionAndAnswer="false" requiresUniqueEmail="false" maxInvalidPasswordAttempts="5" minRequiredPasswordLength="6" minRequiredNonalphanumericCharacters="0" passwordAttemptWindow="10" applicationName="/" /> </providers> </membership> <roleManager defaultProvider="DefaultRoleProvider"> <providers> <add name="DefaultRoleProvider" type="System.Web.Providers.DefaultRoleProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" applicationName="/" /> </providers> </roleManager> <sessionState mode="InProc" customProvider="DefaultSessionProvider"> <providers> <add name="DefaultSessionProvider" type="System.Web.Providers.DefaultSessionStateProvider, System.Web.Providers, Version=1.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" connectionStringName="DefaultConnection" /> </providers> </sessionState> This means that it's business as usual for the Basic template as far as ASP.NET Membership works. ASP.NET MVC 4 Internet template The Internet template has a few things set up to bootstrap SimpleMembership: \Models\AccountModels.cs defines a basic user account and includes data annotations to define keys and such \Filters\InitializeSimpleMembershipAttribute.cs creates the membership database using the above model, then calls WebSecurity.InitializeDatabaseConnection which verifies that the underlying tables are in place and marks initialization as complete (for the application's lifetime) \Controllers\AccountController.cs makes heavy use of OAuthWebSecurity (for OAuth account registration / login / management) and WebSecurity. WebSecurity provides account management services for ASP.NET MVC (and Web Pages) WebSecurity can work with any ExtendedMembershipProvider. There's one in the box (SimpleMembershipProvider) but you can write your own. Since a standard MembershipProvider is not an ExtendedMembershipProvider, WebSecurity will throw exceptions if the default membership provider is a MembershipProvider rather than an ExtendedMembershipProvider. Practical example: Create a new ASP.NET MVC 4 application using the Internet application template Install the Microsoft ASP.NET Universal Providers for LocalDB NuGet package Run the application, click on Register, add a username and password, and click submit You'll get the following execption in AccountController.cs::Register: To call this method, the "Membership.Provider" property must be an instance of "ExtendedMembershipProvider". This occurs because the ASP.NET Universal Providers packages include a web.config transform that will update your web.config to add the Universal Provider configuration I showed in the Basic template example above. When WebSecurity tries to use the configured ASP.NET Membership Provider, it checks if it can be cast to an ExtendedMembershipProvider before doing anything else. So, what do you do? Options: If you want to use the new AccountController, you'll either need to use the SimpleMembershipProvider or another valid ExtendedMembershipProvider. This is pretty straightforward. If you want to use an existing ASP.NET Membership Provider in ASP.NET MVC 4, you can't use the new AccountController. You can do a few things: Replace  the AccountController.cs and AccountModels.cs in an ASP.NET MVC 4 Internet project with one from an ASP.NET MVC 3 application (you of course won't have OAuth support). Then, if you want, you can go through and remove other things that were built around SimpleMembership - the OAuth partial view, the NuGet packages (e.g. the DotNetOpenAuthAuth package, etc.) Use an ASP.NET MVC 4 Internet application template and add in a Universal Providers NuGet package. Then copy in the AccountController and AccountModel classes. Create an ASP.NET MVC 3 project and upgrade it to ASP.NET MVC 4 using the steps shown in the ASP.NET MVC 4 release notes. None of these are particularly elegant or simple. Maybe we (or just me?) can do something to make this simpler - perhaps a NuGet package. However, this should be an edge case - hopefully the cases where you'd need to create a new ASP.NET but use legacy ASP.NET Membership Providers should be pretty rare. Please let me (or, preferably the team) know if that's an incorrect assumption. Membership in the ASP.NET 4.5 project template ASP.NET 4.5 Web Forms took a different approach which builds off ASP.NET Membership. Instead of using the WebMatrix security assemblies, Web Forms uses Microsoft.AspNet.Membership.OpenAuth assembly. I'm no expert on this, but from a bit of time in ILSpy and Visual Studio's (very pretty) dependency graphs, this uses a Membership Adapter to save OAuth data into an EF managed database while still running on top of ASP.NET Membership. Note: There may be a way to use this in ASP.NET MVC 4, although it would probably take some plumbing work to hook it up. How does this fit in with Universal Providers (System.Web.Providers)? Just to summarize: Universal Providers are intended for cases where you have an existing ASP.NET Membership Provider and you want to use it with another SQL Server database backend (other than SQL Server). It doesn't require agents to handle expired session cleanup and other background tasks, it piggybacks these tasks on other calls. Universal Providers are not really, strictly speaking, universal - at least to my way of thinking. They only work with databases in the SQL Server family. Universal Providers do not work with Simple Membership. The Universal Providers packages include some web config transforms which you would normally want when you're using them. What about the Web Site Administration Tool? Visual Studio includes tooling to launch the Web Site Administration Tool (WSAT) to configure users and roles in your application. WSAT is built to work with ASP.NET Membership, and is not compatible with Simple Membership. There are two main options there: Use the WebSecurity and OAuthWebSecurity API to manage the users and roles Create a web admin using the above APIs Since SimpleMembership runs on top of your database, you can update your users as you would any other data - via EF or even in direct database edits (in development, of course)

    Read the article

  • 2 way SSL between SOA and OSB

    - by Johnny Shum
    If you have a need to use 2 way SSL between SOA composite and external partner links, you can follow these steps. Create the identity keystores, trust keystores, and server certificates. Setup keystores and SSL on WebLogic Setup server to use 2 way SSL Configure your SOA composite's partner link to use 2 way SSL Configure SOA engine two ways SSL In this case,  I use SOA and OSB for the test.  I started with a separate OSB and SOA domains.  I deployed two soap based proxies on OSB and two composites on SOA.  In SOA, one composite invokes a OSB proxy service, the other is invoked by the OSB.  Similarly,  in OSB,  one proxy invokes a SOA composite and the other is invoked by SOA. 1. Create the identity keystores, trust keystores and the server certificates Since this is a development environment, I use JDK's keytool to create the stores and use self signing certificate.  For production environment, you should use certificates from a trusted certificate authority like Verisign.    I created a script below to show what is needed in this step.  The only requirement is when creating the SOA identity certificate, you MUST use the alias mykey. STOREPASS=welcome1KEYPASS=welcome1# generate identity keystore for soa and osb.  Note: For SOA, you MUST use alias mykeyecho "creating stores"keytool -genkey -alias mykey -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=soa, C=US" -keystore soa-default-keystore.jks -storepass $STOREPASS -keypass $KEYPASS keytool -genkey -alias osbkey -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=osb, C=US" -keystore osb-default-keystore.jks -storepass $STOREPASS -keypass $KEYPASS# listing keystore contentsecho "listing stores contents"keytool -list -alias mykey -keystore soa-default-keystore.jks -storepass $STOREPASSkeytool -list -alias osbkey -keystore osb-default-keystore.jks -storepass $STOREPASS# exporting certs from storesecho "export certs from  stores"keytool -exportcert -alias mykey -keystore soa-default-keystore.jks -storepass $STOREPASS -file soacert.derkeytool -exportcert -alias osbkey -keystore osb-default-keystore.jks -storepass $STOREPASS -file osbcert.der # import certs to trust storesecho "import certs"keytool -importcert -alias osbkey -keystore soa-trust-keystore.jks -storepass $STOREPASS -file osbcert.der -keypass $KEYPASSkeytool -importcert -alias mykey -keystore osb-trust-keystore.jks -storepass $STOREPASS -file soacert.der  -keypass $KEYPASS SOA suite uses the JDK's SSL implementation for outbound traffic instead of the WebLogic's implementation.  You will need to import the partner's public cert into the trusted keystore used by SOA.  The default trusted keystore for SOA is DemoTrust.jks and it is located in $MW_HOME/wlserver_10.3/server/lib.   (This is set in the startup script -Djavax.net.ssl.trustStore).   If you use your own trusted keystore, then you will need to import it into your own trusted keystore. keytool -importcert -alias osbkey -keystore $MW_HOME/wlserver_10.3/server/lib/DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase  -file osbcert.der -keypass $KEYPASS If you do not perform this step, you will encounter this exception in runtime when SOA invokes OSB service using 2 way SSL Message send failed: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target  2.  Setup keystores and SSL on WebLogic First, you will need to login to the WebLogic console, navigate to the server's configuration->Keystore's tab.   Change the Keystores type to Custom Identity and Custom Trust and enter the rest of the fields. Then you navigate to the SSL tab, enter the fields in the identity section and expand the Advanced section.  Since I am using self signing cert on my VM enviornment, I disabled Hostname verification.  In real production system, this should not be the case.   I also enabled the option "Use Server Certs", so that the application uses the server cert to initiate https traffic (it is important to enable this in OSB). Last, you enable SSL listening port in the Server's configuration->General tab. 3.  Setup server to use 2 way SSL If you follow the screen shot in previous step, you can see in the Server->Configuration->SSL->Advanced section, there is an option for Two Way Client Cert Behavior,  you should set this to Client Certs Requested and Enforced. Repeat step 2 and 3 done on OSB.  After all these configurations,  you have to restart all the servers. 4.  Configure your SOA composite's partner link to use 2 way SSL You do this by modifying the composite.xml in your project, locate the partner's link reference and add the property oracle.soa.two.way.ssl.enabled.   <reference name="callosb" ui:wsdlLocation="helloword.wsdl">    <interface.wsdl interface="http://www.examples.com/wsdl/HelloService.wsdl#wsdl.interface(Hello_PortType)"/>    <binding.ws port="http://www.examples.com/wsdl/HelloService.wsdl#wsdl.endpoint(Hello_Service/Hello_Port)"                location="helloword.wsdl" soapVersion="1.1">      <property name="weblogic.wsee.wsat.transaction.flowOption"                type="xs:string" many="false">WSDLDriven</property>   <property name="oracle.soa.two.way.ssl.enabled">true</property>    </binding.ws>  </reference> In OSB, you should have checked the HTTPS required flag in the proxy's transport configuration.  After this,  rebuilt the composite jar file and ready to deploy in the EM console later. 5.  Configure SOA engine two ways SSL Oracle SOA Suite uses both Oracle WebLogic Server and Sun Secure Socket Layer (SSL) stacks for two-way SSL configurations. For the inbound web service bindings, Oracle SOA Suite uses the Oracle WebLogic Server infrastructure and, therefore, the Oracle WebLogic Server libraries for SSL.  This is already done by step 2 and 3 in the previous section. For the outbound web service bindings, Oracle SOA Suite uses JRF HttpClient and, therefore, the Sun JDK libraries for SSL.  You do this by configuring the SOA Engine in the Enterprise Manager Console, select soa-infra->SOA Administration->Common Properties Then click at the link at the bottom of the page:  "More SOA Infra Advances Infrastructure Configuration Properties" and then enter the full path of soa identity keystore in the value field of the KeyStoreLocation attribute.  Click Apply and Return then navigate to the domain->security->credential. Here, you provide the password to the keystore.  Note: the alias of the certficate must be mykey as described in step 1, so you only need to provide the password to the identity keystore.   You accomplish this by: Click Create Map In the Map Name field, enter SOA, and click OK Click Create Key Enter the following details where the password is the password for the SOA identity keystore. 6.  Test and Trouble Shooting Once the setup is complete and server restarted, you can deploy the composite in the EM console and test it.  In case of error,  you can read the server log file to determine the cause of the error.  For example, If you have not setup step 5 and test 2 way SSL, you will see this in the log when invoking OSB from BPEL: java.lang.Exception: oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: oracle.fabric.common.FabricInvocationException: Unable to access the following endpoint(s): https://localhost.localdomain:7002/default/helloword ####<Sep 22, 2012 2:07:37 PM CDT> <Error> <oracle.soa.bpel.engine.ws> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <BEA1-0AFDAEF20610F8FD89C5> ............ <11d1def534ea1be0:-4034173:139ef56d9f0:-8000-00000000000002ec> <1348340857956> <BEA-000000> <got FabricInvocationException sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target If you have not enable WebLogic SSL to use server certificate in the console and invoke SOA composite from OSB using two ways SSL, you will see this error: ####<Sep 22, 2012 2:07:37 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-00000000000000e2> <1348340857776> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from localhost.localdomain - 127.0.0.1. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.> ####<Sep 22, 2012 2:07:37 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-00000000000000e4> <1348340857786> <BEA-090485> <CERTIFICATE_UNKNOWN alert was received from localhost.localdomain - 127.0.0.1. The peer has an unspecified issue with the certificate. SSL debug tracing should be enabled on the peer to determine what the issue is.> ####<Sep 22, 2012 2:27:21 PM CDT> <Warning> <Security> <rhel55> <AdminServer> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <11d1def534ea1be0:-51f5c76a:139ef5e1e1a:-8000-0000000000000124> <1348342041926> <BEA-090497> <HANDSHAKE_FAILURE alert received from localhost - 127.0.0.1. Check both sides of the SSL configuration for mismatches in supported ciphers, supported protocol versions, trusted CAs, and hostname verification settings.> References http://docs.oracle.com/cd/E23943_01/admin.1111/e10226/soacompapp_secure.htm#CHDCFABB   Section 5.6.4 http://docs.oracle.com/cd/E23943_01/web.1111/e13707/ssl.htm#i1200848

    Read the article

  • CodePlex Daily Summary for Tuesday, April 20, 2010

    CodePlex Daily Summary for Tuesday, April 20, 2010New ProjectsASP.NET MVC Extensibility: ASP.NET MVC Extensibility.ASP.NET MVC Starter: Tekpub's ASP.NET MVC 2.0 Starter Site, as put together by Rob Conery in Episode 15 of Mastering ASP.NET MVC (http://tekpub.com/production/starter)AzureDemo: An internal Azure demo and test bed for some projects. After demo is complete this project will be closed.Basic Sprite Sheet Creator: A basic c# program to create sprite sheets. CodeDefender: Protect your .Net codes easily with this smart obfuscator!Crawlr: Tema 2 projectDocument Session Manager - Visual Studio addin: Document Session Manager is a Visual Studio 2008 addin for saving and restoring the list of opened documents (xml files, source files, winforms, et...Esferatec.Text.RegularExpressions: assembly to build regular expression patternsFIFA World Cup 2010 Mobile Sticker Checklist: FIFA World Cup 2010 Mobile Sticker Checklist is a small application for Windows Mobile developed in CF 3.5 to keep tracking of your sticker album. ...Finia.net: 追忆 游乐网·幻之大地FusspawnsAI: Fusspawns UT AI is a small test engine for a classic ut remote bot api. intending to improve ut's ai to a god like level without cheating bots(bots...G.A.E.T.: This is a Graphical Asymmetric Encryption Tool based on R.S.A. algorithm with the help of Java Language.Even though, this may be a small applicatio...ItzyBitzySpider: Webcrawler project from computer science at UCN.JingQiao.Ads: My DDD NTier Architecture example project.Managed Meizu SDK Demo: In this project we are sharing the source code to demonstrate the usage of managed SDK for Meizu cell phones, currently for M8. With the help of th...MaxxUtils.MaxxTagger: MaxxTagger: An Mp3 Tag Editor.. Add /Edit/Remove MP3 ID3 V1 and 2.3 Tags like Title, Artist, Album, Album Art, Genre. Besides tag editing, it also ...Maya Project Management: The Maya Project Management is a clone of RedMine with all its functions and plug-in support, using the following technologies: Microsoft .net Fra...MessageBoxLib: A simple, robust library for Xbox 360 and Windows development using the XNA Game Studio that makes using the Guide class's message box functionalit...MyWSAT - ASP.NET Membership Administration Tool: MyWSAT aka ASP.NET WSAT is a WebForms based website Starter Kit for the ASP.NET Membership Provider. It is a feature rich application that takes ca...OntologyCreator: this is my thesis and it is not finished yetPOS for .Net Handheld Products Service Object: POS for .Net Service Object Handheld Products Bar Code ScannerPostBinder: PostBinder is a small helper library that deserializes ASP.NET requests into C# classes. This eliminates having to write repeated hand wiring co...PostSharp for ASP.NET Web Sites: Adds support for PostSharp 2.0 on ASP.NET Web Sites.Rapid Dictionary: * Rapid Dictionary is a Translation Dictionary initialized by language learning network http://wordsteps.com. * Dictionary developed in C# and Co...ROrganizer: If you feel your movie files are kept in messy way, try out the ROrganizer which helps you rearrange them.RoRoWoBlog: 萝萝窝个人博客开源项目SPGroupDeflector - Explicitly deny groups to webs within your Site Collection: Secure webs within your MOSS or WSS Portal by explicitly denying access to specific users in SharePoint groups.SSIS ShapeFileSource: SSIS ShapeFileSource imports ESRI Shapefiles, and the associated attribute file (.dbf). The component based on the free Shapefile C Library.StoreManagement: University assignment. The task is to build an application that can perform basic CRUD operations on a property and use an arbitrary database. ...Surfium: TODO ;-)TaskCleaner: This is a Windows Forms project created to kill some running process in order to enhace the performance of Windows execution. Sometimes it is desi...The Expert Calendar: The Expert Calendar is a MOSS 2007 webpart which allows to connect to a Event Item List and display event items in a small design customizable cale...Visual Studio Find Results Window Tweak: This is a Visual Studio 2010 add-in which enables you to adjust the format of the Find Results Window. It is written in C#, .NET 4.0 and requires ...Weightlifting Sinclair coeficient calculator: Weightlifting Sinclair coeficient calculator for competitors (for Windows Mobile platform)Windows Azure Web Storage Explorer: Windows Azure Web Storage Explorer makes it easier for developers to browse and manage Blobs, Queues and Tables from Windows Azure Storage account....New Releases#SNMP - C# Based Open Source SNMP for .NET and Mono: CatPaw (5.0) Beta 1: SNMP v3 support in snmpd is complete.ASP.Net MVC Crud with JqGrid: Mvc Crud with JqGrid 0.3.0: Fairly major reworking of the GenericDataGrid (with alot of work from James). Most noticeable is the replacing of Edit and Delete with action butt...Basic Sprite Sheet Creator: Sprite Tool v1.1: Fixed the progress bar, it now correctly displays text and progress. Also download will now come with an installer and an executable so you don't h...Basic Sprite Sheet Creator: Sprite Tool Version 1.0: Program used to make basic sprite sheets. please visit http://coderplex.blogspot.com for more infoBraintree Client Library: Braintree-1.2.1: Escape all XMLCodeDefender: CodeDefender v0.1: Protect your .Net exe and dll files with this smart tool.ColinTesting: test: testColinTesting: test2: test2ColinTesting: test3: test3ColinTesting: test4: test4ColinTesting: test6: test6CycleMania Starter Kit EAP - ASP.NET 4 Problem - Design - Solution: Cyclemania 0.08.63: See Source Code tab for recent change history.Document Session Manager - Visual Studio addin: Release v0.45948: Release v0.45948DotNetNuke® Community Edition: 05.04.00: Major Highlights Fixed issue where portal settings were not saved per portal. Fixed issue with importing page templates. Fixed issue with...DotNetNuke® Postgres Data Provider: DNN PG Provider 01.00.00 Beta2: Fixes problems with deprecated datatype money in Postgres. Upgrades DotnetNuke code base to 04.09.05 It comes with a patch for the DotNetNuke insta...FIFA World Cup 2010 Mobile Sticker Checklist: FIFA World Cup 2010 Mobile Sticker Checklist v0.1b: FIFA World Cup 2010 Mobile Sticker Checklist v0.1b First beta release. Requires Microsoft Compact Framework 3.5. It was tested on an HTC Touch Viva...FIFA World Cup 2010 Mobile Sticker Checklist: FIFA World Cup 2010 Mobile Sticker Checklist v0.2b: FIFA World Cup 2010 Mobile Sticker Checklist v0.2b Second beta release. Requires Microsoft Compact Framework 3.5. It was tested on an HTC Touch Viv...Fluent Ribbon Control Suite: Fluent Ribbon Control Suite 1.2: Fluent Ribbon Control Suite 1.2(supports .NET 3.5 and .NET 4 RTM) Includes: Fluent.dll (with .pdb and .xml) Showcase Application Samples Found...G.A.E.T.: Graphical Asymmetric Encryption Tool: User Interface The GAET User Interface is a window with five buttons. Each button is explained the following sections. Each button has a functional...HTML Ruby: 6.21.7: As long as I don't find anything else that I can improve, this will be submitted to Mozilla for review tomorrow. Added back process inserted conten...IBCSharp: IBCSharp 1.03: What IBCSharp 1.03.zip unzips to: http://i43.tinypic.com/24ffbqr.png Note: The above solution has MSTest, Typemock Isolator, and Microsoft CHESS c...LogikBug's IoC Container: Second Release: This project is dependent upon Microsoft.Practices.ServiceLocation and must be referenced when referencing LogikBug.Injection. Click here to view d...Managed Meizu SDK Demo: Library and Demo: Library and DemoMaxxUtils.MaxxTagger: MaxxUtils.MaxxTagger: Version: 1.0.0 (Beta) Instructions: Unzip the files to a folder and then dbl click on the exe. Known Issues: 1. When u copy or move a folde...OrthoLab: Cellule: Compile with Autodesk Maya 2008 32bit and 2010 64bit.OWASP Code Crawler: OWASP Code Crawler 2.7: Code Crawler 2.7 DescriptionIn terms of functionality there is not much new stuff in this release. We transplanted the new engine. Code Crawler is ...PerceptiveMCAPI - A .NET wrapper for the MailChimp Api: V1.2.3 PerceptiveMCAPI .Net Wrapper [Beta 2]: PerceptiveMCAPI – v 1.2.3 Change logFunctionality through MailChimp API announce v1.2.5 on 15-Feb-2010 .NET Wrapper New wrapper directives; api_Me...POS for .Net Handheld Products Service Object: POS for .Net Handhelp Products Service Object: The Service Object contained herein is a work in progress. This Service Object's is written as VS 2008 C# Project. The Target Platform is x86. ...PostSharp for ASP.NET Web Sites: R1: First release.Rich Ajax empowered Web/Cloud Applications: 6.4 beta 2c: A revisiov to the first fully featured version of Visual webGui offering web/cloud development tool that puts all ASP.NET Ajax limits behind with e...Should: Beta - 1.0: This is the initial release of the Should assertions extensions.Shrinkr: v1.0: First public release.Site Directory for SharePoint 2010 (from Microsoft Consulting Services, UK): v1.2: Address a bug found in v1.1 relating to the Delete Site Listings job not incrementing the 'Site Missing Count' for some SharePoint sites.Software Localization Tool: SharpSLT 1.0: New functions Backup before saving Delete entries Undo deletion Added more comments in the codeSPGroupDeflector - Explicitly deny groups to webs within your Site Collection: SPGroupDeflector: Download the source code, the wsp solution package, and Setup.docSSIS ShapeFileSource: Version 0.1: Short Preview of SSIS ShapeFileSource ComponentStarter Kit Mytrip.Mvc.Entity: Mytrip.Mvc.Entity 1.0: Warning Install MySql Connector/Net 6.3 MySQL Membership MSSQL Membership XML Membership UserManager FileManager Localization Captcha ...Surfium: Linux Expo Prebuild: First public releaseTaskCleaner: Initial Working Version: In this version we have all the features listed in the project description working fine. Built under Framework 3.5.Text to HTML: 0.4.5.0: CambiosSustitución de los siguientes caracteres: Anteriores: " < > ¡ © º ¿ Á Ä É Í Ñ Ó Ö Ú Ü ß á ä é í ñ ó ö ú ü € Nuevos: & ´ ≈ ¦ • ¸ ˆ ↓ ð … ∫ ...TS3QueryLib.Net: TS3QueryLib.Net Version 0.21.16.0: This release contains a bugfix for a bug that caused connection problems when connecting using an IP for some cases. So it's strongly recommended t...Tweety - Twitter Client: Tweety - 0.96: Form activation from system tray improved. General fixes. General code refactor.Web/Cloud Applications Development Framework | Visual WebGui: 6.4 Beta 2c: A revision to the first fully featured version of Visual webGui offering unique developer/designer interface and enhanced extensibility and customi...Windows Azure - PHP contributions: PhpAzureExtensions (Azure Drives) - 0.2.0: Extension for use with Windows Azure SDK 1.1! Breaking changes! Documentation can be found at http://phpazurecontrib.codeplex.com/wikipage?title=A...WoW Character Viewer: Viewer (40545): New setup build for 40545.Xrns2XMod: Xrns2XMod 0.0.5.3: Major Source code optimization: >> Separated logical code of xm/mod conversion from renoiseSong xml. Now all necessary renoise song data code is st...XsltDb - DotNetNuke XSLT module: 01.00.99: callable tag is introduced - create javascript ajax functions more easy import/export bug is fixed mdo:ajax checkbox processing is now the same...Most Popular ProjectsRawrWBFS ManagerSilverlight ToolkitAJAX Control ToolkitMicrosoft SQL Server Product Samples: DatabaseWindows Presentation Foundation (WPF)ASP.NETpatterns & practices – Enterprise LibraryPHPExcelMicrosoft SQL Server Community & SamplesMost Active ProjectsRawrpatterns & practices – Enterprise LibraryIndustrial DashboardIonics Isapi Rewrite FilterFarseer Physics EngineBlogEngine.NETPHPExcelCaliburn: An Application Framework for WPF and SilverlightNB_Store - Free DotNetNuke Ecommerce Catalog ModuleTweetSharp

    Read the article

  • Handling HumanTask attachments in Oracle BPM 11g PS4FP+ (II)

    - by ccasares
    Retrieving uploaded attachments -UCM- As stated in my previous blog entry, Oracle BPM 11g 11.1.1.5.1 (aka PS4FP) introduced a new cool feature whereby you can use Oracle WebCenter Content (previously known as Oracle UCM) as the repository for the human task attached documents. For more information about how to use or enable this feature, have a look here. The attachment scope (either TASK or PROCESS) also applies to UCM-attachments. But even with this other feature, one question might arise when using UCM attachments. How can I get them from within the process? The first answer would be to use the same getTaskAttachmentContents() XPath function already explained in my previous blog entry. In fact, that's the way it should be. But in Oracle BPM 11g 11.1.1.5.1 (PS4FP) and 11.1.1.6.0 (PS5) there's a bug that prevents you to do that. If you invoke such function against a UCM-attachment, you'll get a null content response (bug#13907552). Even if the attachment was correctly uploaded. While this bug gets fixed, next I will show a workaround that lets me to retrieve the UCM-attached documents from within a BPM process. Besides, the sample will show how to interact with WCC API from within a BPM process.Aside note: I suggest you to read my previous blog entry about Human Task attachments where I briefly describe some concepts that are used next, such as the execData/attachment[] structure. Sample Process I will be using the following sample process: A dummy UserTask using "HumanTask2" Human Task, followed by an Embedded Subprocess that will retrieve the attachments payload. In this case, and here's the key point of the sample, we will retrieve such payload using WebCenter Content WebService API (IDC): and once retrieved, we will write each of them back to a file in the server using a File Adapter service: In detail:  We will use the same attachmentCollection XSD structure and same BusinessObject definition as in the previous blog entry. However we create a separate variable, named attachmentUCM, based on such BusinessObject. We will still need to keep a copy of the HumanTask output's execData structure. Therefore we need to create a new variable of type TaskExecutionData (different one than the other used for non-UCM attachments): As in the non-UCM attachments flow, in the output tab of the UserTask mapping, we'll keep a copy of the execData structure: Now we get into the embedded subprocess that will retrieve the attachments' payload. First, and using an XSLT transformation, we feed the attachmentUCM variable with the following information: The name of each attachment (from execData/attachment/name element) The WebCenter Content ID of the uploaded attachment. This info is stored in execData/attachment/URI element with the format ecm://<id>. As we just want the numeric <id>, we need to get rid of the protocol prefix ("ecm://"). We do so with some XPath functions as detailed below: with these two functions being invoked, respectively: We, again, set the target payload element with an empty string, to get the <payload></payload> tag created. The complete XSLT transformation is shown below. Remember that we're using the XSLT for-each node to create as many target structures as necessary.  Once we have fed the attachmentsUCM structure and so it now contains the name of each of the attachments along with each WCC unique id (dID), it is time to iterate through it and get the payload. Therefore we will use a new embedded subprocess of type MultiInstance, that will iterate over the attachmentsUCM/attachment[] element: In each iteration we will use a Service activity that invokes WCC API through a WebService. Follow these steps to create and configure the Partner Link needed: Login to WCC console with an administrator user (i.e. weblogic). Go to Administration menu and click on "Soap Wsdls" link. We will use the GetFile service to retrieve a file based on its dID. Thus we'll need such service WSDL definition that can be downloaded by clicking the GetFile link. Save the WSDL file in your JDev project folder. In the BPM project's composite view, drag & drop a WebService adapter to create a new External Reference, based on the just added GetFile.wsdl. Name it UCM_GetFile. WCC services are secured through basic HTTP authentication. Therefore we need to enable the just created reference for that: Right-click the reference and click on Configure WS Policies. Under the Security section, click "+" to add the "oracle/wss_username_token_client_policy" policy The last step is to set the credentials for the security policy. For the sample we will use the admin user for WCC (weblogic/welcome1). Open the composite.xml file and select the Source view. Search for the UCM_GetFile entry and add the following highlighted elements into it:   <reference name="UCM_GetFile" ui:wsdlLocation="GetFile.wsdl">     <interface.wsdl interface="http://www.stellent.com/GetFile/#wsdl.interface(GetFileSoap)"/>     <binding.ws port="http://www.stellent.com/GetFile/#wsdl.endpoint(GetFile/GetFileSoap)"                 location="GetFile.wsdl" soapVersion="1.1">       <wsp:PolicyReference URI="oracle/wss_username_token_client_policy"                            orawsp:category="security" orawsp:status="enabled"/>       <property name="weblogic.wsee.wsat.transaction.flowOption"                 type="xs:string" many="false">WSDLDriven</property>       <property name="oracle.webservices.auth.username"                 type="xs:string">weblogic</property>       <property name="oracle.webservices.auth.password"                 type="xs:string">welcome1</property>     </binding.ws>   </reference> Now the new external reference is ready: Once the reference has just been created, we should be able now to use it from our BPM process. However we find here a problem. The WCC GetFile service operation that we will use, GetFileByID, accepts as input a structure similar to this one, where all element tags are optional: <get:GetFileByID xmlns:get="http://www.stellent.com/GetFile/">    <get:dID>?</get:dID>   <get:rendition>?</get:rendition>   <get:extraProps>      <get:property>         <get:name>?</get:name>         <get:value>?</get:value>      </get:property>   </get:extraProps></get:GetFileByID> and we need to fill up just the <get:dID> tag element. Due to some kind of restriction or bug on WCC, the rest of the tag elements must NOT be sent, not even empty (i.e.: <get:rendition></get:rendition> or <get:rendition/>). A sample request that performs the query just by the dID, must be in the following format: <get:GetFileByID xmlns:get="http://www.stellent.com/GetFile/">   <get:dID>12345</get:dID></get:GetFileByID> The issue here is that the simple mapping in BPM does create empty tags being a sample result as follows: <get:GetFileByID xmlns:get="http://www.stellent.com/GetFile/"> <get:dID>12345</get:dID> <get:rendition/> <get:extraProps/> </get:GetFileByID> Although the above structure is perfectly valid, it is not accepted by WCC. Therefore, we need to bypass the problem. The workaround we use (many others are available) is to add a Mediator component between the BPM process and the Service that simply copies the input structure from BPM but getting rid of the empty tags. Follow these steps to configure the Mediator: Drag & drop a new Mediator component into the composite. Uncheck the creation of the SOAP bindings and use the Interface Definition from WSDL template and select the existing GetFile.wsdl Double click in the mediator to edit it. Add a static routing rule to the GetFileByID operation, of type Service and select References/UCM_GetFile/GetFileByID target service: Create the request and reply XSLT mappers: Make sure you map only the dID element in the request: And do an Auto-mapper for the whole response: Finally, we can now add and configure the Service activity in the BPM process. Drag & drop it to the embedded subprocess and select the NormalizedGetFile service and getFileByID operation: Map both the input: ...and the output: Once this embedded subprocess ends, we will have all attachments (name + payload) in the attachmentsUCM variable, which is the main goal of this sample. But in order to test everything runs fine, we finish the sample writing each attachment to a file. To that end we include a final embedded subprocess to concurrently iterate through each attachmentsUCM/attachment[] element: On each iteration we will use a Service activity that invokes a File Adapter write service. In here we have two important parameters to set. First, the payload itself. The file adapter awaits binary data in base64 format (string). We have to map it using XPath (Simple mapping doesn't recognize a String as a base64-binary valid target): Second, we must set the target filename using the Service Properties dialog box: Again, note how we're making use of the loopCounter index variable to get the right element within the embedded subprocess iteration. Final blog entry about attachments will handle how to inject documents to Human Tasks from the BPM process and how to share attachments between different User Tasks. Will come soon. Again, once I finish will all posts on this matter, I will upload the whole sample project to java.net.

    Read the article

1