Wednesday, April 20, 2011

Web Services Interoperability between Oracle WebLogic Server 11g and Microsoft.NET WCF 4.0

Recently I was asked to demonstrate the interoperability in a real life scenario between Oracle WebLogic Server 11g and Microsoft.NET Windows Communication Foundation 4.0 using secure web services. 

After a bit of research, I have found this very helpful article by Juan Carlos.

I will try to extend the above article and provide full step by step instructions on how to create a secure web service, deploy it on your integrated WebLogic Server and use Microsoft.NET WCF 4.0 and C# to consume it.

So let's start with developing the web service.

1. In the Applications Navigator, click New Application. Give your application a name (for example HelloWorldApp) and select Generic Application from the application templates. Click next.

2. Specify a project name (for example HelloWorldPrj) and click finish.

3. Create a new Java class in the newly created project by specifying a class name (HelloWorld), a package name (demo) and uncheck "Constructors from Superclass" and "Implement Abstract Methods" and click OK.

4. Copy and paste the following code below in your HelloWorld class.

public String sayHello(String name){
return "Hello " + name;

5. Once you have done this, click save all and right-click the class. From the menu, select "Create Web Service ...".

6. Select "Java EE 1.5, with support for JAX-WS Annotations" for the deployment platform and click next.

7. In the "Generation Options" step leave the defaults and click next.

8. In step 4 of the wizard, select SOAP 1.2 Binding and click next.

9. In steps 5 and 6 click next. In step 7, "Configure Policies", select "OWSM Policies" and "oracle/wss_username_token_service_policy" check box in the security policies and click finish.

10. Right-click the class and choose run. By doing so, the integrated WebLogic Server will start and the HelloWorld web service will be deployed to the server.

11. If you have followed my naming suggestions for the project and class name, you should see in the log window of the WebLogic Server a target url, http://localhost:7101/HelloWorldApp-HelloWorldPrj-context-root/HelloWorldSoap12. This is the actual web service url and JDeveloper provides you with a web service test client utility. Click on the link to test the web service.

12. In the HTTP Analyzer window, specify an input value. Make sure that you expand SOAP Headers, WS-Security:Header and check the include check box. In the username and password specify weblogic and weblogic1 respectively. If you do not include the security header, then you will get "InvalidSecurity : error in processing the WS-Security security header". Click Send Request.

13. You should see the reply back from the web service that we have developed and deployed on our WebLogic Server.

14. Before proceeding with creating a client to consume the web service, please copy the wsdl url (http://localhost:7101/HelloWorldApp-HelloWorldPrj-context-root/HelloWorldSoap12HttpPort?WSDL), as we will need it to create the proxy class from Visual Studio.

15. For creating the proxy class from our wsdl file, we will beusing the ServiceModel Metadata Utitlity Tool, called scvutil.exe.The ServiceModel Metadata Utility tool is used to generate service model code from metadata documents and metadata documents from service model code. So navigate to "C:\Program Files\Microsoft SDKs\Windows" and you should see one or more version folders. Open the latest folder (in my case i only have one, v7.0A) and then bin (the complete path is "C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin") and copy the path.

16. Right-click "Computer" and select "Properties". Click "Advanced System Settings" and select the "Advanced" tab. Then click "Environment variables".

17. Under "System variables", select the "Path" variable. Go to the end of the variable value and after including a semicolon (;), paste the ServiceModel Metadata Utility tool full path (C:\Program Files\Microsoft SDKs\Windows\v7.0A\bin)

18. Click "OK" on the "Edit System Variable", "Environment Variables" and "System Properties" to save and dismiss all three windows. Open a command prompt and navigate to your desired location (in my case I have created a folder called demo on my desktop). Write the following command, "svcutil , to create the proxy class from the wsdl file. Please note to replace the with your wsdl url location. In my case it is "http://localhost:7101/HelloWorldApp-HelloWorldPrj-context-root/HelloWorldSoap12HttpPort?WSDL". If you run this command as it is, it will create a C# proxy class for the web service specified in the wsdl and a configuration file. if you want to generate the class in another language, svcutil provides you with a parameter called "language" where you can specify the language code to be generated (for example, you can append after the url location /language:VB to generate the class in visual basic). 

19. The svcutil utility will generate two files, HelloWorldService.cs which is the C# proxy class and the output.config file, which is the configuration file. If you see warnings about policy assertions not being imported, don't worry, we will handle the security headers later.

20. Open Microsoft Visual Studio and create a new project.

21. From the Installed Templates, expand Visual C# and select Windows.Select Console Application, give your project a name (for example, HelloWorldVS) and click Ok.

22. Before proceeding and importing the two files generated (HelloWorldService.cs and output.config), we need to add to our project references to two assemblies for our solution to work. So right-click References and click "Add Reference".

23. From the "Add Reference" window, select the .NET tab and select "System.Runtime.Serialization" and "System.Service.Model" and click OK.

24. Next, right-click your project name (HelloWorldVS) and select Add -> Existing Item from the menu.

25. Navigate to the folder where your proxy and configuration file is (generated by svcutil) and make sure that the file filter is set to "All files (*.*)" so that both files (HelloWorldService.cs and output.config) are visible. Select both files and click "Add".

26. You should see the two files now in your project. Open the Program.cs file and in the main method, copy and paste the following code:

HelloWorldClient client = new HelloWorldClient();
String response = client.sayHello("Antonis Antoniou");

27. If you attempt to run the application (F5), you should see "Could not find default endpoint element that references contract 'HelloWorld' in the ServiceModel client configuration section.". This is because it is missing an application configuration file. Although we have imported the configuration file generated by svcutil, it is not recognized.

28. A simple trick to overcome this issue is to rename the output.config file to app.config. So if you rename the configuraiton file to app.config and run the application, the above error should disappear. However, a new error arises, "The CustomBinding on the ServiceEndpoint with contract 'HelloWorld' lacks a TransportBindingElement. Every binding must have at least one binding element that derives from TransportBindingElement.".

29. What this basically means is that because in our configuration file, a custom binding is specified, we need to define a transport protocol (for example, http, https). To do so, open the app.config file and just after the closing textMessageEncoding element, add the following:

30. If you run the application again, the TransportBindingElement error should be resolved. However now we have a new error, "InvalidSecurity : error in processing the WS-Security security header". As the error indicates, a security header is expected by our HelloWorld web service and we have not provided one.

31. The easiest way to provide this security header along with the username and password required to run the web service is again though the app.config configuration file. So open the app.config file and within the endpoint element add the security headers xml tags as shown in the image below.

32. Run the application again (Ctrl + F5). You should see the return statement from the HelloWorld web service


  1. Hello,

    I am the lead developer of the web service functionality in JDeveloper and I thought it work mentioning that you can make testing the secured web service far less complicated by using the Credential option. Here you can specify the connection details that can be reused across different messages rather than having understand soap headers and such like.

    Would it be possible to revised this blog using this feature as it scales to more complex security policies?



  2. Nice Blog..!! Application Software is developed to perform in any task that edges from computation. It's a collection of programs that enables the PC to perform a selected information processing job for the user. Thanks for Sharing..

    Secure Web Development