Encryption and Decryption can be done on the sensitive payload data for a
BPEL process being passed from boundary to boundary. This data is not
visible in the audit and debug logs.
Example:
One Process performs Encryption operation and another for decryption operation.
Encryption process encrypts the input and call decryption process with the encrypted data.
Decryption process will decrypt the data and write into file or Database or call any wsdl (except bpel process wsdl, because of decrypted element are not visible in bpel console with decrypted value)
Encryption and Decryption had been done for the following data elements in the Example:
• Age
• Salary
Following are the steps to encrypt and decrypt the Properties in Payment Gateway:
I) ENCRYPTION PROCESS (TestingBPELEncription)
Encryption Process: Encryption process encrypts the input and call decryption process with the encrypted data.
1. Create properties and property aliases for the data elements to be encrypted in Oracle JDeveloper.
1.1. Create properties : right-click in the BPEL designer and select View > Properties, then highlight the Properties folder and click the Create icon.
1.2. Create Property aliases:
1. Create Property Alias for Age: Right-click in the BPEL designer and select View > Property Aliases, then highlight the Property Aliases folder and click the Create icon.
2. First select the dropdown (Property Dropdown) for Age.
After that go to the Message payload that needs to encrypt. Once you select the payload then Query box will enable .Then navigate to Query box and press Ctrl+Enter.
3. then the xpath of that payload will come
4. after that select the element that need to encrypt
5. Property alias for Age is created .same procedure for creating property alias for Salary.
6. Property Alias for salary
7. Property Alias for salary and Age
1.3. For Your Information
Automatically WSDL is changed with Properties and Property Alias
Once completed the creation of properties and property aliases, the updates are reflected in the WSDL file of the TestingBPELEncription process.
New wsdl (TestingBPELEncription_Properties.wsdl) is created automatically. Properties (e.g.: Age/Salary) are listed in the same wsdl.
Properties in the WSDL
<bpws:property name="Salary" type="xsd:string"/>
<bpws:property name="Age" type="xsd:string"/>
Property Alias added (Automatically) in TestingBPELEncription.wsdl
<bpws:propertyAlias propertyName="pns1:Age" messageType="client:TestingBPELEncriptionRequestMessage" part="payload" query="/client:TestingBPELEncriptionProcessRequest/client:Age"/>
<bpws:propertyAlias propertyName="pns1:Salary" messageType="client:TestingBPELEncriptionRequestMessage" part="payload" query="/client:TestingBPELEncriptionProcessRequest/client:Salary"/>
2. Add Encryption Properties in BPEL.xml:
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}Salary
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}Age
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}—This should be the targetNamespace in TestingBPELEncription_Properties.wsdl.
Bpel.xml
II. DECRYPTION PROCESS (TestingBPELDecription)
Decryption process will decrypt the data and write into file or Database or call any wsdl (except bpel process wsdl, because of decrypted element are not visible in bpel console with decrypted value).Here we are going to write into a file.
1. Create properties and property aliases for the data elements to be decrypted in Oracle JDeveloper.
1.1. Create properties : right-click in the BPEL designer and select View > Properties, then highlight the Properties folder and click the Create icon.(Same as described above)
1.2. Create Property aliases: right-click and select View > Property Aliases, then highlight the Property Aliases folder and click the Create icon.
Here we are creating property alias to the input message of File adapter (write operation).
1.3. When complete, the updates are reflected in the WSDL file of the Payment Gateway Provider processes:
Properties added in TestingBPELDecription_Properties.wsdl
<bpws:property name="Age" type="xsd:string"/>
<bpws:property name="Salary" type="xsd:string"/>
Property Alias added in TestingBPELDecription.wsdl
<bpws:propertyAlias propertyName="pns1:Age" xmlns:ns1="http://xmlns.oracle.com/pcbpel/adapter/file/Decriptedmessagetofile/"
messageType="ns1:TestingBPELDecriptionProcessResponse_msg" part="TestingBPELDecriptionProcessResponse"
query="/client:TestingBPELDecriptionProcessResponse/client:Age"/>
<bpws:propertyAlias propertyName="pns1:Salary" xmlns:ns1="http://xmlns.oracle.com/pcbpel/adapter/file/Decriptedmessagetofile/"
messageType="ns1:TestingBPELDecriptionProcessResponse_msg" part="TestingBPELDecriptionProcessResponse"
query="/client:TestingBPELDecriptionProcessResponse/client:Salary"/>
2. Add Decryption Properties in Bpel.xml under the configurations section
{http://xmlns.oracle.com/TestingBPELDecription/correlationset}Salary
{http://xmlns.oracle.com/TestingBPELDecription/correlationset}Age
Screen Shots
The output file (file created after execution of decryption process (File adapter write operation))
Example:
One Process performs Encryption operation and another for decryption operation.
Encryption process encrypts the input and call decryption process with the encrypted data.
Decryption process will decrypt the data and write into file or Database or call any wsdl (except bpel process wsdl, because of decrypted element are not visible in bpel console with decrypted value)
Encryption and Decryption had been done for the following data elements in the Example:
• Age
• Salary
Following are the steps to encrypt and decrypt the Properties in Payment Gateway:
I) ENCRYPTION PROCESS (TestingBPELEncription)
Encryption Process: Encryption process encrypts the input and call decryption process with the encrypted data.
1. Create properties and property aliases for the data elements to be encrypted in Oracle JDeveloper.
1.1. Create properties : right-click in the BPEL designer and select View > Properties, then highlight the Properties folder and click the Create icon.
1.2. Create Property aliases:
1. Create Property Alias for Age: Right-click in the BPEL designer and select View > Property Aliases, then highlight the Property Aliases folder and click the Create icon.
2. First select the dropdown (Property Dropdown) for Age.
After that go to the Message payload that needs to encrypt. Once you select the payload then Query box will enable .Then navigate to Query box and press Ctrl+Enter.
3. then the xpath of that payload will come
4. after that select the element that need to encrypt
5. Property alias for Age is created .same procedure for creating property alias for Salary.
6. Property Alias for salary
7. Property Alias for salary and Age
1.3. For Your Information
Automatically WSDL is changed with Properties and Property Alias
Once completed the creation of properties and property aliases, the updates are reflected in the WSDL file of the TestingBPELEncription process.
New wsdl (TestingBPELEncription_Properties.wsdl) is created automatically. Properties (e.g.: Age/Salary) are listed in the same wsdl.
Properties in the WSDL
<bpws:property name="Salary" type="xsd:string"/>
<bpws:property name="Age" type="xsd:string"/>
Property Alias added (Automatically) in TestingBPELEncription.wsdl
<bpws:propertyAlias propertyName="pns1:Age" messageType="client:TestingBPELEncriptionRequestMessage" part="payload" query="/client:TestingBPELEncriptionProcessRequest/client:Age"/>
<bpws:propertyAlias propertyName="pns1:Salary" messageType="client:TestingBPELEncriptionRequestMessage" part="payload" query="/client:TestingBPELEncriptionProcessRequest/client:Salary"/>
2. Add Encryption Properties in BPEL.xml:
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}Salary
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}Age
{http://xmlns.oracle.com/TestingBPELEncription/correlationset}—This should be the targetNamespace in TestingBPELEncription_Properties.wsdl.
Bpel.xml
II. DECRYPTION PROCESS (TestingBPELDecription)
Decryption process will decrypt the data and write into file or Database or call any wsdl (except bpel process wsdl, because of decrypted element are not visible in bpel console with decrypted value).Here we are going to write into a file.
1. Create properties and property aliases for the data elements to be decrypted in Oracle JDeveloper.
1.1. Create properties : right-click in the BPEL designer and select View > Properties, then highlight the Properties folder and click the Create icon.(Same as described above)
1.2. Create Property aliases: right-click and select View > Property Aliases, then highlight the Property Aliases folder and click the Create icon.
Here we are creating property alias to the input message of File adapter (write operation).
1.3. When complete, the updates are reflected in the WSDL file of the Payment Gateway Provider processes:
Properties added in TestingBPELDecription_Properties.wsdl
<bpws:property name="Age" type="xsd:string"/>
<bpws:property name="Salary" type="xsd:string"/>
Property Alias added in TestingBPELDecription.wsdl
<bpws:propertyAlias propertyName="pns1:Age" xmlns:ns1="http://xmlns.oracle.com/pcbpel/adapter/file/Decriptedmessagetofile/"
messageType="ns1:TestingBPELDecriptionProcessResponse_msg" part="TestingBPELDecriptionProcessResponse"
query="/client:TestingBPELDecriptionProcessResponse/client:Age"/>
<bpws:propertyAlias propertyName="pns1:Salary" xmlns:ns1="http://xmlns.oracle.com/pcbpel/adapter/file/Decriptedmessagetofile/"
messageType="ns1:TestingBPELDecriptionProcessResponse_msg" part="TestingBPELDecriptionProcessResponse"
query="/client:TestingBPELDecriptionProcessResponse/client:Salary"/>
2. Add Decryption Properties in Bpel.xml under the configurations section
{http://xmlns.oracle.com/TestingBPELDecription/correlationset}Salary
{http://xmlns.oracle.com/TestingBPELDecription/correlationset}Age
Screen Shots
The output file (file created after execution of decryption process (File adapter write operation))
No comments:
Post a Comment
Note: only a member of this blog may post a comment.