Aug 29, 2008

ESB : Error Hospital

Its time to handle errors occured in Oracle ESB.
I would like to describe Error Hospital using a simple

RS - Routing Service
WS - Web Service

Suppose while invoking callWebService some error occured,
as we are calling web service asynchronously it can be retried.

To automate the process of retring the web service, we need to implement
Error Hospital, which is nothing but a BPEL process.

Aug 25, 2008

OWSM : Using Keystores

Today I'm going to talk about the creation of the keystore
for client side and server side, using java keytool.

As in earlier post, I talked about the policies to be applied
to secure web service, now I'll show you the creation of keystore
to sign and encrypt your channel between client and server.

> Create Keystores
Here I'm going to use java keytool to generate keystores.
This tool can be found at location
Create two keystores to be used by client and server as :
Go to cmd prompt
keytool -genkey -alias server -keyalg RSA -keysize 1024 -keystore server.jks -storepass oracle_server -keypass server_key -dname "cn=Lalit Jolania, ou=oracle, o=lntinfotech, c=IN"

Above command will create a keystore file called : server.jks
private key alias : server
private key password : server_key
keystore password : oracle_server

Aug 22, 2008

Words from OSHO

"Without meditation, energy remains passion; with meditation, the same energy becomes compassion. Passion and compassion are not two energies, they are one and the same energy. Once it passes through meditation, it is transformed, transfigured; it becomes qualitatively different. Passion moves downwards, compassion moves upwards; passion moves through desire, compassion moves through desirelessness; passion is an occupation to forget the miseries in which you live, compassion is a celebration, it is a dance of attainment, of are so fulfilled that you can share."

Aug 18, 2008

OWSM : Applying Policies

To make message flows between client and server secure,
we need to maintain following Policies
1> Authentication - Check whether the user is authenticated
2> Integrity - Check whether message is being altered
3> Confidentiality - Check whether message is being encrypted

Using OWSM you can apply all of the above policies.

Use any one step below to apply authentication :
1> Active Directory Authenticate
2> File Authenticate
3> Ldap Authenticate and others...

Here there are two things to be considered,
one is authenication and other is authorization.
Authentication is simply checking whether the user is providing the right username and password or not...but second thing that is Authorization, meaning whether the person has permission to access particular operation or not.

OWSM allows you to manage authorization also using:
1> Active Directory Authorize
2> File Authorize
3> Ldap Authorize
4> Oracle Access Manager Authenticate Authorize and others...

Everything is happening at OWSM, dont need to worry about...

Next comes Integrity
Sign the message, so nobody can alter it...forcing integrity..
OWSM provides option to sign the message...
SIGN it with your private key on one side...
on the other side VERIFY SIGNATURE with your public key

Next is Confidentiality
The message should not be spy can see what are you sending....
Encrypt it using XML Encryption in OWSM...
Decrypt it on other side using XML Decryption....

Applying above policies makes your transaction highly secure...

Just do it...