Remove all empty nodes from xml using xslt

Empty nodes in xml payload increase the size of the xml and may cause in parser errros.

For big XML payloads you can use a separate XSLT transformation to handle all the empty nodes.

XSLT transformation –>

<xsl:template match=”node()”>
<xsl:if test=”count(descendant::text()[string-length(normalize-space(.))>0]|@*)”>
<xsl:copy>
<xsl:apply-templates select=”@*|node()”/>
</xsl:copy>
</xsl:if>
</xsl:template>

<xsl:template match=”@*”>
<xsl:copy/>
</xsl:template>

<xsl:template match=”text()”>
<xsl:value-of select=”normalize-space(.)”/>
</xsl:template>

  • Drag and drop a Transform activity and select the XML payload, from which you want to remove empty nodes. Select same XML document for source and target.
  • Create an empty transformation and replace the XSLT fragment given below with the above.

<xsl:template match=”/”>

</xsl:template>

[Security:090477]Certificate chain received from – (servername here ) was not trusted causing SSL handshake failure

Issue –> When calling a HTTPS web service from oracle service bus you will get the below error even after importing the certificates in to your server.

Error –>  [Security:090477]Certificate chain received from – (servername here ) was not trusted causing SSL handshake failure

Solution –> you have to change the keystore setting in Admin console to <OSB Server> –> keystore tab. Set Keystores to Custom Identity and Java Standard Trust.

Webservice invocation failed , unable to access ENDPOINT URI errors

ISSUE –> When we are invoking external webservices some times we use to get the below errors.

Webservice invocation failed , unable to access the end point url.

SOLUTIONS –> 

## First we need to check if the host is accessible from your server or not .

For this you need to ping the external host from your server .

Ex:- ping hostname.com

  1. If you have not received any response then your external host is not accessible.

In these cases you have to check with external system if their server is up or not.

Some times may be your server firewall is blocking the call , in those cases you have to open the firewall on particular host.

2.  If you have received unknown host error , then you need to check if the host entry exist in the server host file or not .

 Location :- /etc/hosts

## Second we need to check if the external webservice has security assigned to it.

In those cases you have to check if you are passing the correct credentials to access the service.

If the service is using any wss security types then you need to go and check if the token configured in your EM is working or not  .

How to invoke secured webservices(https) from oracle SOA Composite

In this post i will explain you to how to import secured web services from oracle SOA composite.

For invoking the secured webservices (https) from oracle BPEL you need to import the certificates in to your server.

  • Open the endpoint URL of the webservice in internet explorer After connecting to the server, a pop-up window displays the security alert and asks whether you trust this certificate or not?
  • Click on “yes” to accept the certificate.
  • Once the page gets loaded double click on the lock displays in the status bar in the bottom right corner of the browser window.
  • A new popup window titled “Certificate” would be displayed click on the details tab and press “copy the file” button to save the certificate in a file.
  • When you press the “Copy to File” button a wizard would guide to save the certificate in “(.cer)” format.
  • Click on next and finish the wizard by pressing the “Finish” button.

Now let’s import the certificate  in to our local server location .

ssl6

Now we have “myIdentitystore.jks” containing your own host specific certificate and private key, and “trust.jks” containing the trusted certificates.

Now we can list ‘mytrust.jks”to check if the export was successful or not.

We are using the below command to do that .

ssl7

Restart Oracle SOA suite .

  • Create a new BPEL process project named “InvokeHTTPS“ with the Synchronous BPEL Process.
  • Click on next and accept all the defaults and finish the wizard.
  • Right click on the services area and choose “Create Partner Link” from the context menu.
  • Name this partner link “MySecSer”.
  • Browse the WSDL file from the file system. JDeveloper would ask to make a local copy of the external WSDL file and ask to add partner link in the WSDL. Click on “Yes” on both the dialog boxes.
  • Select Partner Link Type and Partner Role and click on “OK” button.
  • Add “invoke” activity named “InvokeMySecSer” and link it with the partner link. Select the operation “New” and create input and output variables.
  • Add 2 assign activities to assign the input and out variables. Final BPEL process will look like the following image:
  • Deploy the BPEL process using EM or jdeveloper.

Now you canable to invoke web services exposed over https from Oracle BPEL Process Manager.

Another session operation is in progress, please try later

In OSB some times when we are going to activate a session we will get this error.

Error –> Another session operation is in progress , please try later.

Solution –> For resolving this issue we need to go to view sessions of change center and discard all changes .

If this does not resolve the issue , please try the below option .

Shutdown the Admin and OSB servers.

Clear all the session folders in “$domain-home/osb/config/sessions

And then restart the servers .

Installing SOA 12.2.1.0.0 – Oracle Managed File transfer (MFT)

This post shows the installation steps for Oracle MFT .

Oracle Managed File Transfer(MFT) is a new product, released in Oracle SOA 12c which enables end-to-end transfer of files with in organization and outside of organization.

To start the installation program, perform the following steps.

  1. MFT installer requires a certified JDK already installed on your system.
  2. Set theJAVA_HOME environment variable to the location of a certified JDK on your system.
  3. The location should be up to but not including thebin  For example, if your JDK is located in /home/Oracle/JDK/jdk1.8.0_65

On UNIX operating systems:

setenv JAVA_HOME /home/Oracle/JDK/jdk1.8.0_65

On Windows operating systems:

set JAVA_HOME=C:\home\Oracle\JDK\jdk1.8.0_65

  1. Go to the directory in which you downloaded the installation program.
  2. Launch the installation program by invoking thejava executable from the JDK directory on your system, as shown in the examples below.

On UNIX operating systems:

$JAVA_HOME/bin/java -jar fmw_12.2.1.0.0_mft.jar

On Windows operating systems:

$JAVA_HOME/bin/java –jar E:\SOA_OSB_Installers\FMW12C_Installers\fmw_12.2.1.0.0_mft.jar

It will extract the required files and launch the welcome page of MFT installation.

mft1

Click Next and select “skip auto updates” and then click Next. it will take you to “installation location” page.

mft2.jpg

Select your Oracle SOA12.2.1.0.0 home location as your MFT location and click on Next.

mft3.jpg

Click on Next on “Prerequisite Checks” page .

mft4.jpg

Check for Oracle home location and then click on Install.

mft5

Once you are done with installation then click on Next.

Click Finish.

How to use SFTP adapter in Oracle SOA

Common requirement in integration projects is to transfer files in/out of a system in a secured manner. FTP is the usual protocol for transferring files and if additional security is required then SFTP (Secured FTP) is the way to go. In this post I would cover some of the ways FTP adapter can be configured in SOA to make use of SFTP.

SFTP supports couple of authentication mechanisms to ensure additional security on top of the FTP protocol.

  • Password authentication
  • Public Key authentication

In password authentication, the external site/vendor which hosts the FTP server shares a username/password combination which has to be configured on the SOA server. At runtime when a SFTP connection is attempted, the username/password is made use of for establishing the connection.

Similarly in Public key authentication, a private-public key pair is generated. The public key is shared with the external site/vendor which hosts the FTP server. At runtime when a SFTP connection is attempted, Fusion process will try to match the private key stored locally on SOA server with the public key on Remote FTP Server and do the authorization first before sending/posting the files.

The configuration information  is stored in  MW_HOME/Oracle_SOA1/soa/connectors/FtpAdapter.rar/weblogic-ra.xml .

Setting up the ssh between the client and sever.

1. Navigate to home folder on SOA servers with user oracle SOA server is running.

2. Execute the below command  “ ssh-keygen” . This will generate the pair of public and private keys

3. Copy the public key of the SOA host to remote SFTP server’s authorized_keys file. This file is located in “/home/<user>/.ssh”  directory. Public key of the SOA host is in the file id_rsa.pub  file. We need to copy the content of the file and place in authorized_keys on the SFTP server.

4.  Test the SFTP setup by login to SOA server and ssh to remote SFTP server. One time you have to establish the authenticity of the remote server SFTP server for that when it prompts enter YES  .

$ ssh <<user2>>@ SFTPHOST
The authenticity of host IPADDRESS (IPADDRESS)’ can’t be established.
RSA key fingerprint isXXXXXXXXXXXXXXXXXXXX
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added IPADDRESS (RSA) to the list of known hosts.
[<<user2>>@f14 ~]$

Now we have successfully set-up the public key based secure FTP connection from SOA host to Remote SFTP server.

We will setup the FTP Adapter configuration  in SOA weblogic domain.

1. Note down the JNDI name of the FTP server that we need to configure from Developers/jdeveloper.

2. Login to the SOA domain console and navigate to Deployment->FtpAdapter->Configurations->Outbound connection pool .  Injavax.rescources.cci.ConnectionFactory connection pool. Create the instance with the name of JNDI.

image

3. Select the “eis/test/FtpAdapter”  and update the below properties values with environment specific.

    • Authentication Type – > publickey
    • host                             –> <Remote SFTP server host >
    • port                             –> 22
    • privateKeyFile           –> /home/<user1>/.ssh/id_rsa
    • username                   –> <user2>
    • useSftp                        —> true

4. Once we have updated the values, we need to update the deployment FTP Adapter. And activate the changes.

image

5. FTP Adapter Service is ready to used by other SOA composites