Business Services and WebLogic

Our business services consumers have unique E1 userid's and based on the F00950 different information is displayed. This works great in WebSphere. We are looking at WebLogic and it isn't working the same. It appears to use the F00950 for the default userid in the ini for all requests, regardless of the user submitting the request.

For example, JDE is in the ini and he can see everything. I'm submitting a request as JOHN and JOHN doesn't have access to MCU = 2. In WAS, the data isn't returned. In WLS, the response is successful.

Has anybody run into this before?

Thanks, John

That might be bcus your web logic might be using anonymous connection for the request. Try to use security header in your xml request so you will have to give userid and passwd in request.

Hope this helps.


Chan

Chan could you post an example of xml request you send to WebLogic? I widh to see how you set soapheader.
I have a similar problem, when I invoke a published BSSV deployed to WebLogic all Business function called by PBSSV are executed by "JDE" EnterpriseOne user.
thanks
gg

Gigi,
Below is how the XML request should look like with security header. You have to give actual USERNAME and PASSWD while sending request to server. Also you need to turn on security on BSSV server.

Chan


<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><soap:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soap:mustUnderstand="1"><wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:Username>USERNAME</wsse:Username><wsseassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWD</wsseassword></wsse:UsernameToken></wsse:Security></soap:Header>
<soap:Body xmlns:ns1="http://oracle.e1.bssv.JP55XXXX/types/">
<ns1:yourXMLElements>
<ns1:Elements1/>
<ns1:Elements2/>
</ns1:yourXMLElements>
</soap:Body>
</soap:Envelope>

We aren't using anonymous connections, besides, I don't think WebLogic supports anonymous connections like OAS and WAS does.

Oracle has confirmed that all requests running as the user from the bssv ini a bug if using WebLogic. Here's the SAR number: Defect 11702419.

I also created a user in WebLogic that doesn't exist in E1. I submitted a request with this userid and I was able to access E1 data. Oracle is trying to duplicate this issue too.

Correction. Oracle came back and said the E1 userid's are not supposed to be setup in WebLogic. That was an error in the support documentation. If the E1 userid is not setup in the security realm, then it should work fine and recognize the E1 security. I no longer have a WebLogic server configured. Can somebody try testing this and report their results?

Thanks, John