This section contains the following topics:
Prevent WebLogic 10 from Loading Incompatible Version of XML Security
Configure Web Services to Invoke the SiteMinder WSS Agent JAX-RPC Handler
Configure Policies for the SiteMinder WSS Agent
Troubleshoot Issues Related to Protected Web Services Making Use of Apache Commons Logging and Log4j
By default, Weblogic Server 10 loads an older version of XML security (1.3.0) that is incompatible with the version used by the SiteMinder WSS Agent (1.4.1).
To prevent WebLogic 10 from loading the 1.3.0 XML security JAR, rename WLS_HOME\modules\com.bea.core.apache.xml.security_1.3.0.jar to some other name. For example, com.bea.core.apache.xml.security_1.3.0_backup.jar.
After completing WebLogic-side configuration of the SiteMinder WSS Agent, you must restart the WebLogic server.
To protect a JAX-RPC web service using the SiteMinder WSS Agent, you must configure it to invoke the SiteMinder WSS Agent JAX-RPC Handler. To do this, you must add the SiteMinder WSS Agent JAX-RPC Handler class (com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandlerProxy) to the web service deployment descriptor in the webservices.xml file.
You can do this manually by editing the webservices.xml file for each JAX-RPC web service module. However, if your web services are implemented as JWS files and you have set up an Ant-based development environment, it is more efficient to update your web services to use handler chains.
To configure JAX-RPC web services not implemented as JWS files to invoke the SiteMinder WSS Agent, you must manually edit their deployment descriptors to add the SiteMinder WSS Agent JAX-RPC Handler.
Follow these steps:
<handler> <handler-name>WSS Agent Handler<handler-name> <handler-class> com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandlerProxy </handler-class> </handler>
Note: The WSS Agent JAX-RPC handler must always be invoked first; If other handler elements are already present or subsequently added to the webservices.xml file, the WSS Agent JAX-RPC Handler element must be placed before them.
The most efficient way to configure services implemented as JWS files to invoke the SiteMinder WSS Agent is to define the SiteMinder WSS Agent JAX-RPC Handler class in a handler chain configuration file which can then be referenced from the JWS files of all web services in your enterprise that you need to protect.
Note: The following procedures assume that you have set up an Ant-based development environment and have a working build.xml file that includes a target for running the jwsc Ant task.
To configure services implemented as JWS files to invoke the SiteMinder WSS Agent for requests received over HTTP transport, define the SiteMinder WSS Agent JAX-RPC Handler class in a handler chain configuration file.
Follow these steps:
Example HandlerConfig.xml:
<jwshc:handler-config xmlns:jwshc="http://www.bea.com/xml/ns/jws" xmlns:soap1="http://HandlerInfo.org/Server1" xmlns:soap2="http://HandlerInfo.org/Server2" xmlns="http://java.sun.com/xml/ns/j2ee" > <jwshc:handler-chain> <jwshc:handler-chain-name>HandlerChainName</jwshc:handler-chain-name> <jwshc:handler> <handler-name>handlerOne</handler-name> <handler-class>com.ca.soa.agent.appserver.jaxrpc.XMLAgentJaxrpcHandlerProxy </handler-class> </jwshc:handler> </jwshc:handler-chain> </jwshc:handler-config>
Specifies the name of handler chain.
WebLogic server will invoke SiteMinder WSS Agent JAX-RPC handler.
Note: For more information on SOAP message handlers and handler chains, see the WebLogic documentation.
To configure services implemented as JWS files to invoke the SiteMinder WSS Agent for requests received over JMS transport, define the SiteMinder WSS Agent JAX-RPC Handler class in a handler chain configuration file.
Follow these steps:
Example HandlerConfig.xml:
<jwshc:handler-config xmlns:jwshc="http://www.bea.com/xml/ns/jws" xmlns:soap1="http://HandlerInfo.org/Server1" xmlns:soap2="http://HandlerInfo.org/Server2" xmlns="http://java.sun.com/xml/ns/j2ee" > <jwshc:handler-chain> <jwshc:handler-chain-name>HandlerChainName</jwshc:handler-chain-name> <jwshc:handler> <handler-name>handlerOne</handler-name> <handler-class> com.ca.soa.agent.appserver.jaxrpc.jms.XMLAgentJMSJaxrpcHandlerProxy </handler-class> </jwshc:handler> </jwshc:handler-chain> </jwshc:handler-config>
Specifies the name of handler chain.
WebLogic server will invoke SiteMinder WSS Agent JAX-RPC handler for JMS requests.
Note: For more information on SOAP message handlers and handler chains, see the WebLogic documentation.
You create authentication and authorization policies to protect web service resources hosted on WebLogic from their associated WSDL files using the Administrative UI. For more information, see the CA SiteMinder® Web Services Security Policy Configuration Guide.
Copyright © 2013 CA.
All rights reserved.
|
|