Thursday, October 18, 2018

Next Step After Learning ADF

Some people keep asking me what after we learned ADF? what technology we can start to learn?

I can suggest 3 options:

- Take Advanced ADF Course if you are a beginner.
- Get ADF Certificate.
- Learn another Oracle Fusion Middleware technology but ADF should be part of it so that you will not forget ADF. I recommended Oracle BPM, because you will use Oracle ADF for creating Oracle BPM Human Task.

I have created 4 courses in Udemy can help you to take the second step after you learning ADF:

- Complete Oracle ADF course (for anyone want to start working in Oracle Fusion Middleware but he don't know from where he can start).
- Advanced Oracle ADF Course (If you know ADF but want to go more deeply inside ADF).
Oracle ADF for Certification (For anyone know ADF and want to be ADF Certified or anyone want a light ADF course and want to get ADF certificate).
- Oracle BPM Course (For anyone know ADF and want to take the second step).


You can have a look on these courses from the following URLs:

Udemy ADF Course for Beginners (Step-by-Step)

Udemy Advanced Oracle ADF Course

Udemy Oracle BPM Course for Beginners (Step-by-Step)

Udemy Light ADF Course for Certification



Tuesday, October 9, 2018

Secure Your SOAP Web Service Using username Token Security

Some developers asked me how can they add security to their web services, so in this post I will show you how you can develop SOAP web service and secure the web service using username token security.

I use JDeveloper 11g (11.1.1.7.0) and I use SOAPUI to test my web service.

First Step: Develop SOAP Web service


  • Open JDeveloper and create new Application

  • Create a class which will be your web service (e.g MyWebService)



  • Write your web service. In this example I will create simple web service with one function call sayHello, this function will receive as a parameter and return Hello, , as shown:


  • To convert the java class to web service, right click on the class --> Create web service


  • Follow these screenshots then press Finish:








  • Your web service will looks like this:

  • To add the security, in WEB-INF create folder call "policies" and inside this folder create an xml file call "usernametoken.xml".
  • Inside this usernametoken.xml write as shown (you can download the Sample Application and take this file)


  • In your webservice, point to this usernametoken.xml file by writing "@Policies({ @Policy(uri = "policy:usernametoken.xml") })" under "@WebService" as shown:

  • Save all and run your webservice.

  • After your webservice is running, just open the browser and run web service WSDL, the usernametoken secuirty should appear in the wsdl as shown:




Second Step: Test SOAP Web service using SoapUI

  • Open SoapUI and create new SOAP Project.

  • Enter any project name and enter your web service WSDL.


  • Open the Webservice request and try to enter any value in the parameter and run to test webserivce. You will get security error message as shown:


  • You get error message because we didn't enter username/password to invoke the webservice. Let us first add the user which we will use to test WS. In weblogic server which the webservice is running, you can open weblogic console --> Secuirty Realms --> myrealm --> Users and Groups



  • You can add any user and set the password (I will use weblogic user to test the WS)




  • Back to SoapUI, and we should set username and password to invoke WS. Right click on the Soap Project --> Show Project View


  • In WS-Secuirty Configurations --> Outgoing WS-Secuirty Configurations --> press on Add button


  • Enter any name

  • In the left bottom section add new WSS entry

  • From drop down list select type "Username"

  • Enter Username and Password (the user which you defined in weblogic) and select PasswordText as shown


  • In the soap request close it and reopen it again. In the bottom of the request select Auth and select Add New Authentication

  • Select Type --> Basic

  • Select the created Outgoing WSS  as shown


  • Now invoke the web service again, you will find the result is generated and the webservice is called successfully.


You can download the webservice sample application from this here