OracleBPMWebServices

BestPracticesDocument

LastUpdated:April14,2009

OracleProprietaryandConfidential


TableofContents

OracleBPMWebServicesBestPracticesdocument ..................................................................3
ConsumingExternalWebServicesfromOracleBPM ................................................................4
IntrospectingWebServices..............................................................................................................4
ChangingtheWSDLURLatruntime.............................................................................................8

DiscoveringWebServicesoverHTTPSusingcertificates...................................................8
WebServiceAuthentication .......................................................................................................... 11
WSSecurity:UserNameTokenProfilesecuredWebServices.................................. 11

HTTPBasicAuthentication(Transportsecurity) ........................................................... 13
SpecifyingadifferentUser/PasswordwheninvokingtheWebServiceusing
PBL....................................................................................................................................................... 14

ExposingOBPMassetsasWebServicesforexternalconsumption.................................. 16
SpecifyingSecurityforProcessesexposedasWebServices........................................... 16
SpecifyingSecurityforPAPIWS ................................................................................................. 17

ClientFrameworkstoconnecttoProcessasaWebServiceandPAPIWS .............. 18
ClientAuthentication........................................................................................................................ 18
SessionIdbasedClientAuthentication ............................................................................... 18
WSSecurityUserNameTokenProfileauthentication.................................................. 19

PAPIWSSingleSignOn................................................................................................................... 20
GeneralBestPractices .......................................................................................................................... 22
WebServiceVersioning................................................................................................................... 22

WebServiceExceptionHandling ................................................................................................ 22

OracleProprietaryandConfidential


OracleBPMWebServicesBestPracticesdocument

Thefollowingdocumentwillconcentrateonprovidinggeneralinformation
abouthowtouseWebServiceswithOracleBPM.

Thedocumentwillbedividedinthefollowingsections:
a) ConsumingExternalWebServicesfromOracleBPM
b) ExposingOBPMassetsasWebServicesforexternalconsumption

c) BestPractices
d) Troubleshooting

OracleProprietaryandConfidential


ConsumingExternalWebServicesfromOracleBPM

Thissectionofthedocumentwillconcentrateondescribingthedifferent
proceduresanddetailsabouthowtoconsumeanddiscoveraWebServicethatcan
beintrospectedandtheninvokedfromanOracleBPMbusinessprocess.

IntrospectingWebServices

OracleBPMhasthecapabilityofdiscoveringorintrospectingaWebService
WSDLDefinitionusingaURL.Typically,theWSDLsareexposedthroughanHTTP(S)
accessibleURLandinthecaseofthePayPalWebServices,thesearetheavailable
URLs:

http://www.paypal.com/wsdl/PayPalSvc.wsdl
https://www.paypal.com/wsdl/PayPalSvc.wsdl

IfweusetheOracleBPMStudioWebServiceIntrospectorWizardwecan
discovereitheroneoftheseserviceswiththefollowingwizardsequence:

OracleProprietaryandConfidential


WecanrightclickontheStudioCatalogModuleandselectCatalogue
Component>WebServiceasshowninthefigureabove.
ThenextstepwouldbetoprovidetheWSDLURLasshowninthefigure
below.

OralternativelyusetheWSDLURLusingtheHTTPStransportprotocolas
shownbelow:

OracleProprietaryandConfidential


ClickNexttocontinueandyouwillseetheprogressoftheintrospection
goingonasshowninthefigurebelow.

ClickFinishtocompletetheintrospection.Afterthisstep,youarereadyto
usethediscoveredandintrospectedWebServicecomponents.

TheresultofdiscoveringorinstrospectingaWebServicealsodefines2new
entriesintheprojectExternalResourcessectionasshowninthefollowing2
figuresbelow.

OracleProprietaryandConfidential


Inthiscase,weareselectingtheWebServiceonespecificallyanditpointing
totheWebServiceEndPoint/2.0/.ItisalsomakingreferencetoaspecificServer
Configurationthathasthemachinelocationasshowninthefigurebelow.

Inthisfigure,youwillseetheURLtextfieldcontainingtheaddressorURLto
theWebServiceEndPointextractedfromtheintrospectedordiscoveredWSDL.

OracleProprietaryandConfidential


ChangingtheWSDLURLatruntime

Onceaprojecthasbeenpublishedanddeployed,itispossibletochangethe
valuesforthepreviouslymentionedExternalresources:WebServiceEndPointHost
andPortaswellastheEndPointURLinthatEndPointmachinelocation.

ThiscanbedonethroughtheProcessAdministratorWebInterfaceasshown
below.

DiscoveringWebServicesoverHTTPSusingcertificates

WhentryingtodiscoveraWebServiceWSDLoverHTTPSthatuses
certificates,iftheclientdoesnothavethecertificateinstalledontheclient
application(inthiscaseOracleBPMStudio),therewillbeproblemsinreachingout
toitandproperlyaddressingtheintrospectionprocedure.
Thetypicalerrormessagewiththiscasewhenthecertificateisnotinstalled
intheOracleBPMStudiowouldbesomethinglikethis:

Introspecting...
downloading /stockquote.wsdl
[Error] I/O error: sun.security.validator.ValidatorException: PKIX
path building failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target..
[Error] Instrospection exception:
javax.net.ssl.SSLHandshakeException:
sun.security.validator.ValidatorException: PKIX path building failed:

OracleProprietaryandConfidential


sun.security.provider.certpath.SunCertPathBuilderException: unable
to find valid certification path to requested target.

ThismeanstheOracleBPMStudioapplicationisreceivingacertificatefrom
theWebServerhostingtheWSDLthatitcannottrust.Assuch,weneedtoinstallthe
certificateontheJavaVirtualMachineusedbyOracleBPMStudio.Belowwewill
describethesesteps.
1.Copytheclientcertificate(filewith.cerextension)tothemachinewhere
OracleBPMStudioisinstalled.Forexamplec:\CitiCertificate.cer.
2.Install/ImportthecertificateonakeystorethatisbeingusedbytheOracle
BPMStudio.Bydefault,OracleBPMStudiodoesnotuseaKeyStore,sowewillmost
likelyneedtogenerateanewone.Thiscanbedonewithacommandlineasfollows:

>$JAVA_HOME/bin/keytoolimportaliasCitiGroupfile
c:\CitiCertificate.cerkeystorec:\OBPMStudioKeyStore.storestorepasspassword

Inthiscase,weassumethattheOrganizationnameforwhichthecertificate
wasextendedisCitiGroup.Wealsoassumethatthepasswordforthekeystorein
whichwewillimportthecertificatewillbepassword.Wealsoassumeyouhavea
JavaDeveloperKit(JDK)installedsincethesecertificaterelatedcommandsarenot
distributedwiththeJVMthatcomeswithOracleBPMStudio.
3.SetthefollowingpropertiesinthefollowingfilesdependingtheOracle
BPMStudioversionused:
ALBPMStudio5.7:Editthe$STUDIO/bin/albpmstudio.propertiesandadd
thefollowing2systemproperties:

javax.net.ssl.trustStore=c:/CitiKeyStore.store
javax.net.ssl.trustStorePassword=password

as indicated in the line below:

# fuego.boot.verbose=true
fuego.log.runningtime=true
fuego.update.disabled=true
javax.net.ssl.trustStore=c:/CitiKeyStore.store
javax.net.ssl.trustStorePassword=password
#

ALBPMStudio6.0/OBPMStudio10gR3:Editthe
$STUDIO/eclipse/eclipse.iniandaddthefollowingsystemproperties:

OracleProprietaryandConfidential


javax.net.ssl.trustStore=c:/CitiKeyStore.store
javax.net.ssl.trustStorePassword=password

asindicatedinthelinebelow:

-Djava.endorsed.dirs=
-XX:PermSize=64M
-Djavax.net.ssl.trustStore=c:/CitiKeyStore.store
-Djavax.net.ssl.trustStorePassword=password

IMPORTANT:ItisworthpointingoutthatthepropertiesareNOTtheones
withtheprefixkeyStore,buttheoneswiththeprefixtrustStore.

4.LaunchOracleBPMStudioagainandthistime,whenyoutrytoinstrospect
theWebServiceitshouldwork.

AnotheralternativepathforthisistodownloadtheWSDLfilewiththe
browserlocallyandintrospecttheWebServicefromthefilesystemdirectly.

OracleProprietaryandConfidential


WebServiceAuthentication

ThissubsectionofthedocumentwillconcentrateonaddressinghowOracle
BPMcaninvokesecuredwebservices.

WSSecurity:UserNameTokenProfilesecuredWebServices

TheUserNameTokenProfileauthenticationisnotanoutoftheboxfeature
inALBPM5.7.ThisparticularimplementationfollowingtheWSUsernameToken
Profile1.1isprovidedstartinginALBPM6.0andalsoinOBPM10gR3.
ThefollowingsectionwilldescribehowtointrospectaWebServicethatat
runtimeusesWSSecurityUserNameTokenProfile.ThiswillbeillustratedinOracle
BPMStudio10gR3butitisthesameinALBPMStudio6.0.
1. LaunchtheWebServiceintrospectionwizardasshownbelow.

2. ClickNexttocontinueandwaituntiltheintrospectioncompletesas
shownbelow.ClickFinishtoproceed.

OracleProprietaryandConfidential


3. AftertheWebServicehasbeenintrospected,itisnecessarytogotothe
WebServicegeneratedExternalResourcesasshownbelow.

4. YouwillseetheSecurityTabatthebottomofthepanel.Clickonitand
youwillhavethefollowingpanelasshowninthefigurebelow.

OracleProprietaryandConfidential


5. IftheWebServiceisnotusingWSSecurityUserNameTokenProfile,the
valueintheSendUserNameTokendropdownshouldbeNone.
Otherwise,iftheWebServiceisprotectedwithWSSecurityUserName
TokenProfile,selectthewaythecredentialswillbesentfromtheWeb
Serviceitself.Theoptionsaretosendthecredentialsinplainformator
encryptedwithaDigest.

6. SelecttheappropriatemechanismforsendingtheUserNameTokenand
specifythedefaultusernameandpasswordforproperlyauthenticating
thefutureWebServicecalls.

HTTPBasicAuthentication(Transportsecurity)

InadditiontothesecurityenforcedattheSOAPstacklevel,itispossiblethat
theWebContainerusingBasicAuthenticationprotectstheWebServiceexposed
throughHTTPatthetransportlevel.
OracleBPMstartedsupportingHTTPBasicAuthenticationinALBPM6.0and
itisalsosupportedinOBPM10gR3.
InsteadofconfiguringthissecurityaspectintheWebServiceExternal
Resource,itisnecessarytospecifyitintheServerConfigurationexternalresource

OracleProprietaryandConfidential


partoftheWebService.ThefigurebelowwillshowwheretheHTTPBasic
Authenticationcanbespecified.

Fromthefigureabove,itshouldbeclearthattheRequiresHTTPBasic
Authenticationcheckboxisselectedandthatvalidvaluesarespecifiedinthe
User/PasswordTextFieldinthispanel.

SpecifyingadifferentUser/PasswordwheninvokingtheWebServiceusingPBL

ItispossiblethattheWebServicecallsmaynotneedtobedoneusingthe
generalcredentialsprovidedthroughtheprocedurebelow.Intheeventthatthecall
needstobeimpersonatedwithadifferentusernameandpassword,thisisthePBL
codethatcanbewrittenforthisparticularusecase.Thefollowingsampleassumes
thattheWebServiceisprotectedbothattheSOAPandHTTPlevels.Youwillneedto

OracleProprietaryandConfidential


adaptyourcodebasedonyourneedsbutwewantedtopresentalloptionsinthis
codesnippet.
configuration = Fuego.WebServices.Configuration();
endpoint =
Fuego.WebServices.HttpEndpoint("http://localhost:8081/
ws/myService");
// Add Endpoint
configuration.endpoint = endpoint;
// Setting Http Basic Authentication
endpoint.setUsername("username");
endpoint.setPassword("mypassword");
// Setting UsernamTokenProfile-Digest
httpBasicAuthPolicy =
Fuego.WebService.HttpBasicAuthenticationSecurityPolicy
("test1","password");
usernameTokenPlain =
Fuego.WebService.UsernameTokenProfileSecurityPolicy("t
est2","password");
policies as Fuego.WebService.SecurityPolicy[];
policies[]=usernameTokenPlain;
// Add policy
configuration.securityPolicies = policies;
service = Module.Pepe.Test1Service(configuration);
test1 service
using parameter = null
returning parameterOutput = parameterOutput

Alternatively,youcangettheExternalResourcedefinitionbyusingthe
followingConfigurationobjectconstructorbyprovidingthecasesensitivenameof
theExternalResourcenameasthesingleconstructorargument:
configuration =
Fuego.WebServices.Configuration("MyExternalResources")
;

OracleProprietaryandConfidential


ExposingOBPMassetsasWebServicesforexternalconsumption

Thissectionofthedocumentwillconcentrateondetailsastohowexpose
certainOracleBPMassetsasWebServices.Withinthiscategoryofassetswillfind:
a) ProcessesExposedasWebServices

b) PAPIWS

SpecifyingSecurityforProcessesexposedasWebServices

WhenexposingaprocessasaWebService,itispossibletospecifyhowitis
goingtobesecured.AtdesigntimeandinOracleBPMStudio10gR3(andalso
ALBPM6.0),itispossibletospecifywhatistheWebServicesecuritymechanismfor
doingthis.

IntheStudioIDE,gothroughthefollowingmenupath:Process>Process
WebService.Apanelsimilartotheonebelowwillbepresentedwhereitispossible
tospecifythemethodsthatwillexposetheprocesspublicinterfaceandwhereitis
alsopossibletospecifythesecurity.

OracleProprietaryandConfidential


Inthefigureabove,itispossibletospecifyWSSecurityUserNameToken
ProfileaswellasHTTPBasicAuthenticationasindicatedintheprevioussections.
Whentheprojectispublishedanddeployed,properExternalResourceswill
begeneratedforeveryprocessexposedasaWebServiceandtherightcredentials
canbespecifiedthere.

SpecifyingSecurityforPAPIWS

AnotherapplicationthatcanleveragetheWSSecurityandHTTPBasic
AuthenticationisPAPIWS.Asitmaybeknown,startinginALBPM6.0(andalsoas
partofOBPM10gR3),PAPIWSisbundledasasingleWebApplicationthatcan
serverSOAPrequeststointeractwithbusinessprocesseswithafinergranular
controlthanProcessesexposedasWebServices.
WhenlaunchingtheAdminCentercomponentofanyoftheEnterprise
distributions,itwillbepossibletoentertheConfigurationofthisinstallationand
navigatetothePAPIWSTabasshowninthefigurebelow.

OracleProprietaryandConfidential


Inthispanel,itispossibletoselecttheEnableHTTPBasicAuthentication
(disabledbydefault)aswellasEnableUserNameTokenProfileAuthentication
(enabledbydefault).

Itisthenresponsibilityoftheclientapplicationstoprovideproper
credentialsforthelevelofsecurityrequestedbythePAPIWSWebApplication.

ClientFrameworkstoconnecttoProcessasaWebServiceandPAPIWS

Whenaprocessinterfacehasbeencreatedforagivenprocessoryouwantto
connecttotheOracleBPMPAPIWSAPI,thefollowing2WebServicestack
frameworkshavebeenvalidated:
JAXWS2.1.x
.NETFramework2.0.5andMicrosoftWebServiceEnhancements3.0.
TherehavebeensomeproblemswhentestingdifferentWebServiceclient
frameworkslikeAXIS.SoAXISisnotrecommendedforinvokingWebService
componentsinOracleBPM.
Samplecodesnippetscanbefoundthroughthislink:
http://download.oracle.com/docs/cd/E13154_01/bpm/docs65/papi/index.html.
ChecktheOracleBPMPAPIWebServicesectionforthedata.

ClientAuthentication

WhenyouareimplementingyourownWebServiceclientapplicationtotalktoa
businessprocessexposedasaWebServiceyouhavethefollowingalternatives:
SessionIdbasedauthentication
WSSecurityUserNameTokenProfileauthentication

Letsseeindetailseachinthenext2subsections.

SessionIdbasedClientAuthentication

ThisauthenticationmechanismistheonlyoneavailableinALBPM5.5and
ALBPM5.7.ItisalsosupportedindeprecatedfashioninALBPM6.0butifyouare

OracleProprietaryandConfidential


planningonusingthisnewrelease,werecommendtheuseofWSSecuritybased
authentication.
Inthiscase,theclientfirstneedstocreateasessionandthenusethe
returnedsessionidinallsubsequentcalls.Theclientapplicationisalsoinchargeof
thesessionlifecycleanditistheresponsibilityoftheclientapplicationtoclosethe
sessionwhenitisnolongerneeded.Itisworthtomentionthatthesessioncreation
isnotaquickoperationsinceitneedstoalsoidentifypermissionssoweencourage
sessioncachingtechniquesontheclientsidetopreventopeningandclosing
sessionstoofrequently.
ThefollowingisasnippetofcodeonhowtocreatethesessionwithPAPIWS
usingtheSessionIdmechanism:

ProcessServiceservice=locator.getProcessService();
StringuserId=user;
Stringpassword=password;
StringmySessionId=;

mySessionId=service.createSession(userId,password);
InstanceInfo[]instances=service.getInstancesByView(mySessionId,
view);

service.closeSession(mySessionId);

WSSecurityUserNameTokenProfileauthentication

ThisauthenticationmechanismhasbeenintroducedinALBPM6.0andonly
availableinALBPM6.0andOBPM10gR3.Itreplacesthesessionidbased
authenticationandthecredentialsasdefinedintheWSSecurityspecification
definitioncantravelintheSOAPmessage.

Inthiscase,theclientapplicationdoesnotneedtodosessionmanagement
asthisisautomaticallymanagedontheserversidebythePAPIWSapplicationof
theBPMEngineprovidingprocessesexposedasWebServices.Usuallythese

OracleProprietaryandConfidential


sessionswillleaveforaconfigurableamountoftimeandwhentheyarenotalready
created,theywillbecreatedontheflightautomatically.
Youcanfindcodesnippetsforcreatinganauthenticationrequestthrough
thislink:
http://download.oracle.com/docs/cd/E13154_01/bpm/docs65/pdf/Oracle
BPMPAPIDeveloperGuide_10.3.pdf

PAPIWSSingleSignOn

PAPIWSfunctionalityisprovidedthroughtheimplementationofaWeb
Application.InALBPM5.5andALBPM5.7,thePAPIWSfunctionalitywasjointly
distributedwiththeALBPMPortalWebApplication.InALBPM6.0andOBPM
10gR3,thePAPIWSfunctionalitywasdecoupledfromtheALBPMPortalorOBPM
WorkSpaceWebApplicationimplementationtoseparateandconfigurethese
individually.Oneofthesethingsissecurity.

InALBPM5.5andALBPM5.7,itispossibletoconfiguretheDirectoryService
usingtheTrustedmodewhereatauthenticationorlogintime,onlytheidentityof
theconnecteduserisvalidatedwithoutapasswordmatchingvalidation.This
functionalityalsoexistsinALBPM6.0andOBPM10gR3.Thisconfigurationis
inheritedbyconfiguringtheDirectoryServiceinTrustedmode.Asetofparticular
preferencesneedstobedefinedinthedirectory.properties(ALBPM5.5andALBPM
5.7)ordirectory.xml(ALBPM6.0andOBPM10gR3)aswellassomespecificsinthe
DirectoryServiceDatabase.Thisparticularconfigurationisoutofthescopeofthis
document,butitisincludedhereasareferenceofavailablefunctionality.
InadditiontotheTrustedDirectoryServicemode,ALBPM6.0andOBPM
10gR3canimplementaSSOmodulesoadditionalvalidationisavailable.ThisSSO
canbeseenintheAdminCenterTab.Thesettingsherearethenpropagatedtothe
papiws.propertiesfileinthefollowingpropertyentries:
fuego.papiws.enableSSO
fuego.papiws.sso.loginClassName

Belowyouwillfindthereferenceimplementationforacustom
implementationoftheloginClassName.
publicclassSSOUserLogin
implementsSSOUserLoginInterface
{

//~Methods..............................................................................................

OracleProprietaryandConfidential


publicStringgetUser(finalHttpServletRequestrequest,finalHttpServletResponse
response)
throwsSSOLoginException
{
returnrequest.getRemoteUser();
}

publicStringgetPassword(finalHttpServletRequestrequest,finalHttpServletResponse
response)
throwsSSOLoginException
{
returnnull;
}

publicbooleanskipFDIAuthentication()
{
returntrue;
}

publicStringgetLogoutURL()
{
returnnull;
}

publicStringgetLogoutRelativePath()
{
returnnull;
}
}

Intheprevioussubsectionswehaveidentifiedhowtocreatesessionswitha
sessionIdandWSSecurityauthenticationmechanisms.IfyouareconfiguringSSO
forPAPIWS,thenyouwillstillneedtocreatethesessionsthroughtheprovided
mechanismsanditwilldependontheSSOauthenticationmodulewhattodowith
theprovideddata.Thedefaultmechanismimpliescheckingtheparticipantexistsin
theOracleBPMDirectoryServicebutnopasswordmatchingisexercised.Sothe
passwordprovidedwhencreatingasessiondoesnotneedtohaveavalidone.

OracleProprietaryandConfidential


GeneralBestPractices

Thissectionofthedocumentwillmainlyconcentrateonprovidinggeneral
bestpracticeswhenworkingwithWebServicesmostlywhentheyareconsumed
fromwithinOracleBPMthroughtheintrospectionframework.

WebServiceVersioning

ItwouldnotbeuncommontoseetheWebServiceevolveovertime.
GenerallyspeakingyoucanhaveaWebServiceaddnewmethods,change
argumentsonanexistingmethodstojustnameafewofthemostcommon
upgrade/maintenanceoperations.

ALBPMdoesactuallyversiontheprocessesaswellasthecatalogitusesall
together,butoneoftheproblemswithWebServicesisthatpossibledifferent
implementationversionsmayusethesameExternalResource.
Thebestpracticeinthiscaseisthatifforsomereason,theinterfacesofthe
WebServicechangesandyouhaveinflightinstancesthatmaystillneedtoinvoke
thisWebService,thattheWebServiceisintrospectedagainonadifferentModule.
ThiswillforceanewExternalResourcedifferentthantheoneusedbytheprevious
versionoftheWebServiceusedbypreviousversionsorrevisions.Thiswillprevent
theundesiredeffectofanexistingoldinstancetryingtoinvokeanewinterfacethat
isnotcompatible.

WebServiceExceptionHandling

TheOracleBPMEngineconceptuallymanage2differenttypeofexceptions:
SystemExceptions:Thesearetypicallyassociatedtounexpected
componentinvocationbehaviorsnotrelatedwithbusinesslogicthatcan
becheckedintheimplementationofyourbusinessprocessorBPM
Objects.Forexample,thecomponentbackendnotbeingavailable,
networkissues,etc.Thesetypeofexceptionswillbe
BusinessExceptions:Thesearetypicallydefinedwithinthescopeofthe
BPMProjectCatalogandaretriggeredmanuallybythedeveloperinthe
codetheyimplement.Forexample,wemaycheckthedifferentpiecesofa
mailaddressandfindthatthezipcodedoesnotmatchtheaddress.In

OracleProprietaryandConfidential


thiscase,wecanmanuallyraiseaBusinessExceptionduetothiscoded
validation.

Dependingonwhatistheexceptiontype,theOracleBPMEnginewillreact
differentlytothem.Itisimperativethatthedifferencesareknownaswellasthe
effectstheyhaveonexceptioncatching/trappingcodingpractices.

InALBPM5.7,theinvocationofaWebServicemethodcantriggerbothtype
ofexceptions.WhentheWebServicerespondswithaSOAPfaulthandler,itwillbe
masqueradedasaBusinessException.Ontheotherhand,specificunderlyingWeb
ServiceproblemswillbetrappedasaSystemException.AllWebServiceExceptions
mustbetreatedasSystemExceptionsfromanexceptionhandlingperspective.Ifit
isnecessarytochangetheexceptionmechanismbehavior,itwillmandatorytore
catalogthewholeWebServiceagainsincenewmetadataneedstoberefreshedand
updated.Itisalsonecessarytogenerateanewrevisionoftheprojectifitisalready
deployedandupandrunning.
WhethertheWebServiceexceptionsareSystemorBusinesscanbedefined
intheAdvancedTaboftheWebServicedefinitionasshowninthefigurebelow.
Selectthecheckboxappropriately.

OracleProprietaryandConfidential


WhenSOAPFaultsaredeclaredintheWSDL,thesewillberepresentedas
ExceptionsintheWebServicemodulethathasbeenintrospected.Theseexceptions
wouldthenbeabletobeusedinanyexceptioncatchingconstructasshownbelow.

do
WebService.callMethod(m1,m2)
oneasMySOAPFaultException
//DoSomethingwiththisWebServiceException
end

IntheeventthattheexceptionsareNOTdefinedasSOAPFaultHandlers,it
willbenecessarytouseanexceptioncatcherusingtheAnytypeasshownbelow:

do
WebService.callMethod(m1,m2)
oneasAny
//DoSomethingwiththisWebServiceException
end

SomethingworthpointingoutisthatSOAPFaultexceptionsarenotJavaExceptions
andassuch,theydonotextendfromthejava.lang.Exceptionsuperclass.Anyisa
exceptionlayerontopofjava.lang.exception(inthePBLscriptinglanguage),that
allowshandlingthesenondeclaredSOAPFaults.

OracleProprietaryandConfidential


Troubleshooting

WhilediscoveringWebServicesaccessibleoverthenetwork,itispossible
thataproxyneedstobespecified.IftheWebServiceWSDLcannotbeaccessedas
showninthefigurebelow,itisnecessarytospecifytheproxyhostandportas
systempropertiesfortheJavaVirtualMachinerunningtheintrospectionaswellas
fortheonerunningtheBPMEngine.

ThesystempropertiesthatneedtobespecifiedintheOracleBPMStudioand
OracleBPMEngineare(theyarecasesensitive):

http.proxyHost
http.proxyPort

ThesecanbesetintheOracleBPMStudio5.7throughthefollowingmenu
paths:File>Preferences>ConnectionSettingsasshowninthefigure
below.

OracleProprietaryandConfidential


AccordingtoSunsspecification,ifthetransportprotocolusedisHTTPS
insteadofHTTP,thesystempropertiesare(notethesintheprefixword):

https.proxyHost
https.proxyPort

ThesepropertiescannotbeaddedthroughtheStudioUIandtheyneedtobe
addedtotheOracleBPMStudio5.7Launcherpropertiesfileunder
$STUDIO/bin/albpmstudio.laxasshowninthescreenshotbelow.

Theimportantlineshouldreadasfollows:

lax.nl.java.option.additional=eaXms64mXmx256m
Dhttps.proxyHost=proxyHost.oracle.comDhttps.proxyPort=8080
Dfile.encoding=UTF8


InALBPM6.0,thesepropertiescanbespecifiedinthe
$STUDIO/eclipse/eclipse.inifile.
InOracleBPMStudio10gR3,thepropertiesinthe
$STUDIO/eclipse/eclipse.inidoesnotwork,andtheseproxysettingsneedtobe
specifiedintheIDEitselffollowingthismenupath:"Window">"Preferences">

OracleProprietaryandConfidential


"General">"NetworkConnections".Inthispanel,weneedtospecifytheHTTPand
HTTPSproxyservers.Checkthefigurebelow.

Afterthesechanges,restartOracleBPMStudioandtrytheWebService
introspectionagain.

OracleProprietaryandConfidential