403 Forbidden Error on Inbound Web Service Call
Hi XI Gurus.
We have been using an ID for a while now to login to the XI server to post SOAP messages to the adapter. For some unknown reason we now receive 403 Forbidden messages. The user has the exact same roles and authorizations as the corresponding user in another environment where this works fine. I know it's not related to any of the solutions posted here because using my ID works fine.
We have assigned the user SAP_XI_APPL_SERV_USER and S_RFC auth's for a few RFC groups that the interface will need to invoke. Again, this works perfectly in our other environment.
A few questions:
1) How can we see the error logs when this error gets thrown? J2EE Admin?
2) What would cause this? It doesn't seem to be authorizations at the XI level. Is it something at the J2EE level?
This might be a silly question but the user is not locked?
You can always create a trace in the Java Admin Console:
Traces are used to analyze runtime errors. By setting a specific trace level for specific locations, you can analyze the behavior of individual code segments at class and method level. This is done with the help of the log configurator service:
Log onto Java Admin Console
 Services
 Log Configurator
 Locations
 Choose the location (Java package) and the tracing level (severity)
(for example, com.sap.aii.adapter.rfc)
 Root Location > com > sap > aii > RFC
 Set the severity to Debug (or all) and choose Copy Severity to Subtree.
Run end to end process and check the log file in the standalone log viewer.
Similar Messages
-
SharePoint SiteMialbox failed with 503 error (AutoDiscover.svc web service call failed)
SharePoint SiteMialbox failed with 503 error (AutoDiscover.svc web service call failed)
I followed Technet articles to configure SiteMailBoxes in our environment & exchange sever.
When we created Sitemailbox in a SiteCollection &when we try to open it, it failed with below error.
Site Mailbox
We are having trouble connecting to Exchange Server
The server might be temporarily unavailable. Please check back on this page in a few minutes. If this problem persists, please contact your system administrator.
Correlation ID: bb0fe99c-6f4e-e084-b191-881fbf0fa977, Error Code 10
ULS Log (503 error)
Autodiscover Diagnostics Response Headers: request-id: 95d12ceb-283e-4495-b28b-256503fd097c client-request-id: 742fe69c-ef5a-e084-ca05-6098c759c584 X-CalculatedBETarget: devapwxyz01a.devap.mydomain.com X-FEServer: DEVNAABCD01B
Content-Length: 0 Cache-Control: private Date: Tue, 03 Feb 2015 18:53:40 GMT Set-Cookie: X-BackEndCookie=; expires=Sun, 03-Feb-1985 18:53:40 GMT; path=/autodiscover; secure; HttpOnly Server: Microsoft-IIS/8.5 X-AspNet-Version:
4.0.30319 X-Powered-By: ASP.NET
742fe69c-ef5a-e084-ca05-6098c759c584
if I am correct, X-CalculatedBETarget supposed to be DEVNAABCD01B.devna.mydomain.com but it connected to different domain devapwxyz01a.devap.mydomain.com. Do you guys have any idea on this? (I verified
the same using fiddler, it is failing right at autodiscover.svc call.)
I wrote a powershell script to connect autodiscover service in sharepoint server & this web service call able connect right server X-CalculatedBETarget. It gave the expected response.
I am not sure why SharePoint webservice call (X-CalculatedBETarget) is going to different server?
let me know if you guys have any ideas.
Thanks.Thanks for the Response Raj.
I already followed the same instructions in the Links.
When SharePoint Autodisover.svc webservice send a request to Exchange server & Exchange server redirecting that request to different server, this is the problem i am facing right now.
X-CalculatedBETarget
supposed to be DEVNAABCD01B.devna.mydomain.com but it connected to different domain devapwxyz01a.devap.mydomain.com.
Let me know if you have any suggestions? -
Errors when processing web service call
Hello Experts,
Based on a requirement, I got a URL based on WSDL, using which I created a Consumer Proxy in SAP.
I created a Logical Port in SOA Manager with type selected as 'WSDL'.
When I'm trying to execute the proxy class to call the webservice using the logical port through SE80 it is throwing an error log as stated below.
1) SOAP:14 Unexpected element -el=definitions ns=http://schemas.xmlsoap.org/wsdl/
2)Error when processing Web service call
3)Error when calling SOAP Runtime functions: Unexpected element -el=definitions ns=http://schemas.xmlsoap.org/wsdl/
Kindly help me out.
Thanks,
VamshiHi,
Check Anton's reply in this thread: External WS Consumption Issue
Also refer the below doc which may help you: Consume an External Web Service in a Nutshell with Good Old ABAP
Calling WebServices from ABAP via HTTPS
Regards,
Kiran -
Occasional SOAP errors when making web service calls from C#
We have a C# application making web service calls to RFCs (non-NCO, SAP 4.7, WAS 6.40) and occasionally getting the following error:
The 'SOAP-ENV:Envelope' start tag on line '1' does not match the end tag of 'SOAP-ENV:Envel'. Line 1, position 34560.
This error happens randomly and can occur, not occur, and occur again for the exact same call (same data, same web service call). I anticipate that we might have a missing configuration on one of our application servers, but don't know where to tell BASIS to look. Any ideas or other help would be appreciated.That's going to be difficult. The random nature of the error makes it impossible to reproduce (so far) in our Development and Test environments. Since the error is coming from the SAP side, I believe I would need a sniffer on each production application server in order to try to catch this and that would result in some very large log files. Is there any log file or other SAP transaction that might already be capturing these failures?
-
Error reporting with web service call
Hi Experts,
We have a unique requirement of logging errors or exceptions throughout the message lifecycle to a Logging System via a web service call.
If error occur during message processing, is there any way to trigger an error message from every step of message pipeline which will invoke a web service ?
Please share your views on it.
We are using PI7.3 Java only stack.
- ShriHi
You can try using a try/catch block in your UDF and write the logging lookup logic in catch block.
It can catch some exceptions(For example response message parsing). Just give a try.
And let me know the result.
Thanks,
Dhanish -
Inbound Web Service calls get error "Reliable Messaging(RM) configured, but no Message ID..."
We are setting up the Communication System and Communication Arrangement "Business Partner Replication from SAP ERP".
For protocol, we are using Type 5 - WebServices. See screenshot below.
Our error is that when we send webservice calls to our C4C, we get messages:
1. Web service response is "Web service processing error; more details in the web service error log on provider side"
2. Backend error messages is "SRT: Plain SOAP: Reliable messaging (RM) configured, but no Messaging ID and no WSRM assertion provided"
We have sent messages from PI and also independently thru soapUI.
So it seems the C4C in the backend is stuck on the RM messaging protocol setting.
Appreciate any and all assistance.Hi Tim,
For this error following are the places that needs to be checked.
1. In C4C the protocol defined in the Communication System should be 5 - Web Services
2. In C4C Communication Arrangement should have the right protocol selected
3. In PI make sure the Communication Channel's are created using provided Communication Channel Templates as part of the standard PI content.
In other words just follow the integration guide available in SMP to avoid such errors.
Hope this helps.
Thanks,
Prakash -
Error while making Web service call
I have configured my webservice for https
i calling the web service from a j2me clieny application, i get the error
javax.xml.rpc.JAXRPCException: no HTTP reply header
at com.ibm.pvcws.jaxrpc.rpc.OperationImpl.invoke(OperationImpl.java:321)
Can somebody please help me with the errorHello
You get the WebServiceME.jar by downloading an add-on by using the software manager, Help->Software Updates->Software Manager
Good luck -
Error when processing web service call
Hello Experts,
Based on a requirement, I got a URL based on WSDL, using which I created a Consumer Proxy in SAP.
I created a Logical Port in SOA Manager with type selected as 'WSDL', and didnot gave any authentication id or password in it.
When I'm trying to execute the proxy class to call the webservice using the logical port, it is asking me a prompt for Userid and Password, and when I press enter, it is throwing an error log as stated below.
SOAP:1,007 SRT: Unsupported xstream found: ("HTTP Code 401 : Unauthorized")
(Error when calling SOAP Runtime functions).
I think I configured the Logical port incorrectly. Is there any specific setting that I missed, I dont know.
Kindly help me out.
Thanks,
MallikUnsupported xstream found: ("HTTP Code 401 : Unauthorized")
Unsupported xstream means response received from service provider (host) is NOT in valid xml format (usually HTML). You will see this type of error when host or service you are trying to call return HTML (error pages etc).
HTTP Code 401 : Unauthorized : Clearly means that user/password for service provider is incorrect
[Click here|http://en.wikipedia.org/wiki/List_of_HTTP_status_codes] to understand all HTTP code
I am closing this thread, if you have any question post new question in forum.
Regards,
Gourav -
403 Forbidden error calling PL/SQL Procedure from URL
I am getting a 403 Forbidden browser error when calling a PL/SQL procedure from the URL, as in this:
http://<server.port>/apex/SCHEMA.procedure_name/f?p_param1=394&p_param2=2, etc
We are upgrading from HTMLDB 2.0 to APEX 4.0.2. I do not believe the upgrade has anything to do with it, c/o the upgraded app works fine in another APE 4.0.2 environment.
The upgrade is to new machines, new DB and new app server, Oracle Web Tier, Oracle HTTP server deployment.
The dads.conf entries are fine, all standard:
Alias /i/ "/apexd01/app/oracle/product/http/Oracle_WT1/ohs/images/"
Alias /c/ "/apexd01/app/oracle/product/http/Oracle_WT1/ohs/custom_htmldb/"
<Location /pls/apexd>
Order deny,allow
PlsqlDocumentPath docs
AllowOverride None
PlsqlDocumentProcedure wwv_flow_file_mgr.process_download
PlsqlDatabaseConnectString dbserver.us.com:1521:SERVER.US.COM ServiceNameFormat
PlsqlNLSLanguage AMERICAN_AMERICA.AL32UTF8
PlsqlAuthenticationMode Basic
SetHandler pls_handler
PlsqlDocumentTablename wwv_flow_file_objects$
PlsqlDatabaseUsername APEX_PUBLIC_USER
PlsqlDefaultPage apex
PlsqlDatabasePassword apexpwd
PlsqlRequestValidationFunction wwv_flow_epg_include_modules.authorize
Allow from all
</Location>
The GRANT EXECUTE ON procedure TO PUBLIC is there.
A call to the same procedure via a process in an APEX page works fine - the procedure is OK.
The call from javascript, which sets up the call from the URL, is the one that fails with the 403 Forbidden error.
The same app works fine in another APEX 4.0.2 environment, so I know it is not the JS; It has to be some configuration setting in this environment.
I do NOT have access to the app server.
I have asked that they compare the httpd.conf, and all underlying conf files, to check for differences.
In order for me to be more specific, and hopefully speed up the troubleshooting process, can anyone suggest what other settings to look at?
Thank you - KarenHello,
Good catch, but the difference in URL is in fact the difference in my env to theirs. My typo in not correcting my example to match the dads.conf entry of /pls/apexd. My env uses /apex/. Just saves on my typing.
As an update, I asked the DBA to double-check, and yes, the www_flow_epg_include_mod_local function IS there.
www_flow_epg_include_mod_local is an APEX function.
So now we are trying adding procedures to it. I'll let you know if it works.
My previous question remains - why would I need to do this in one env, and not another,
given that the DB GRANTs are there.
Is there a particular app server setting that wil block execution of PL/SL procedures from the URL?
My guess is, there is some difference in configuration settings for the app server, somewhere in the httpd.conf chain.
Since I do not have access to those files, I cannot do a diff myself, as I would have if I the issue was on my machine.
I am in a situation where I can suggest what to do, but that's it. I agree, it's hard to troubleshoot in this situation.
I am being asked "what setting do I need to change?" without the benefit of access to what is there,so I am doing the best I can, without diverting from my work for a deep-dive refresher session on httpd.conf settings.
So, if anyone is aware of some setting that would block execution of a PL/SQL proc from the URL, please let me know,
and of course, if adding a proc to www_flow_epg_include_mod_local works, I'll be happy. Just still curious.
Thank you - K -
Weblogic app server wsdl web service call with SSL Validation error = 16
Weblogic app server wsdl web service call with SSL Validation error = 16
I need to make wsdl web service call in my weblogic app server. The web service is provided by a 3rd party vendor. I keep getting error
Cannot complete the certificate chain: No trusted cert found
Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure
Validation error = 16
From the SSL debug log, I can see 3 verisign hierarchy certs are correctly loaded (see 3 lines in the log message starting with “adding as trusted cert”). But somehow after first handshake, I got error “Cannot complete the certificate chain: No trusted cert found”.
Here is how I load trustStore and keyStore in my java program:
System.setProperty("javax.net.ssl.trustStore",”cacerts”);
System.setProperty("javax.net.ssl.trustStorePassword", trustKeyPasswd);
System.setProperty("javax.net.ssl.trustStoreType","JKS");
System.setProperty("javax.net.ssl.keyStoreType","JKS");
System.setProperty("javax.net.ssl.keyStore", keyStoreName);
System.setProperty("javax.net.ssl.keyStorePassword",clientCertPwd); System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump","true");
Here is how I create cacerts using verisign hierarchy certs (in this order)
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignClass3G5PCA3Root.txt -alias "Verisign Class3 G5P CA3 Root"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediatePrimary.txt -alias "Verisign C3 G5 Intermediate Primary"
1.6.0_29/jre/bin/keytool -import -trustcacerts -keystore cacerts -storepass changeit -file VerisignC3G5IntermediateSecondary.txt -alias "Verisign C3 G5 Intermediate Secondary"
Because my program is a weblogic app server, when I start the program, I have java command line options set as:
-Dweblogic.security.SSL.trustedCAKeyStore=SSLTrust.jks
-Dweblogic.security.SSL.ignoreHostnameVerification=true
-Dweblogic.security.SSL.enforceConstraints=strong
That SSLTrust.jks is the trust certificate from our web server which sits on a different box. In our config.xml file, we also refer to the SSLTrust.jks file when we bring up the weblogic app server.
In addition, we have working logic to use some other wsdl web services from the same vendor on the same SOAP server. In the working web service call flows, we use clientgen to create client stub, and use SSLContext and WLSSLAdapter to load trustStore and keyStore, and then bind the SSLContext and WLSSLAdapter objects to the webSerive client object and make the webservie call. For the new wsdl file, I am told to use wsimport to create client stub. In the client code created, I don’t see any way that I can bind SSLContext and WLSSLAdapter objects to the client object, so I have to load certs by settting system pramaters. Here I attached the the wsdl file.
I have read many articles. It seems as long as I can install the verisign certs correctly to web logic server, I should have fixed the problem. Now the questions are:
1. Do I create “cacerts” the correct order with right keeltool options?
2. Since command line option “-Dweblogic.security.SSL.trustedCAKeyStore” is used for web server jks certificate, will that cause any problem for me?
3. Is it possible to use wsimport to generate client stub that I can bind SSLContext and WLSSLAdapter objects to it?
4. Do I need to put the “cacerts” to some specific weblogic directory?
---------------------------------wsdl file
<wsdl:definitions name="TokenServices" targetNamespace="http://tempuri.org/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
<wsp:Policy wsu:Id="TokenServices_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="true"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:TransportBinding>
<wsaw:UsingAddressing/>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="xsd0.xsd" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="xsd1.xsd" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ITokenServices_GetUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetUserTokenResponse"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_InputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserToken"/>
</wsdl:message>
<wsdl:message name="ITokenServices_GetSSOUserToken_OutputMessage">
<wsdl:part name="parameters" element="tns:GetSSOUserTokenResponse"/>
</wsdl:message>
<wsdl:portType name="ITokenServices">
<wsdl:operation name="GetUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetUserToken" message="tns:ITokenServices_GetUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetUserTokenResponse" message="tns:ITokenServices_GetUserToken_OutputMessage"/>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<wsdl:input wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserToken" message="tns:ITokenServices_GetSSOUserToken_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ITokenServices/GetSSOUserTokenResponse" message="tns:ITokenServices_GetSSOUserToken_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="TokenServices" type="tns:ITokenServices">
<wsp:PolicyReference URI="#TokenServices_policy"/>
<soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="GetUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
<wsdl:operation name="GetSSOUserToken">
<soap12:operation soapAction="http://tempuri.org/ITokenServices/GetSSOUserToken" style="document"/>
<wsdl:input>
<soap12:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap12:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="TokenServices">
<wsdl:port name="TokenServices" binding="tns:TokenServices">
<soap12:address location="https://ws-eq.demo.i-deal.com/PhxEquity/TokenServices.svc"/>
<wsa10:EndpointReference>
<wsa10:Address>https://ws-eq.demo.xxx.com/PhxEquity/TokenServices.svc</wsa10:Address>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
----------------------------------application log
adding as trusted cert:
Subject: CN=VeriSign Class 3 International Server CA - G3, OU=Terms of use at https://www.verisign.com/rpa (c)10, OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x641be820ce020813f32d4d2d95d67e67
Valid from Sun Feb 07 19:00:00 EST 2010 until Fri Feb 07 18:59:59 EST 2020
adding as trusted cert:
Subject: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x3c9131cb1ff6d01b0e9ab8d044bf12be
Valid from Sun Jan 28 19:00:00 EST 1996 until Wed Aug 02 19:59:59 EDT 2028
adding as trusted cert:
Subject: CN=VeriSign Class 3 Public Primary Certification Authority - G5, OU="(c) 2006 VeriSign, Inc. - For authorized use only", OU=VeriSign Trust Network, O="VeriSign, Inc.", C=US
Issuer: OU=Class 3 Public Primary Certification Authority, O="VeriSign, Inc.", C=US
Algorithm: RSA; Serial number: 0x250ce8e030612e9f2b89f7054d7cf8fd
Valid from Tue Nov 07 19:00:00 EST 2006 until Sun Nov 07 18:59:59 EST 2021
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Ignoring not supported JCE Cipher: SunPKCS11-Solaris version 1.6 for algorithm DESede/CBC/NoPadding>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Will use default Cipher for algorithm DESede>
<Mar 7, 2013 6:59:21 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Using JCE Cipher: SunJCE version 1.6 for algorithm RSA/ECB/NoPadding>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSetup: loading trusted CA certificates>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 28395435>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <25779276 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - xx.xxx.xxx.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 6457753>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.removeContext(ctx): 22803607>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Filtering JSSE SSLSocket>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLIOContextTable.addContext(ctx): 14640403>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLSocket will be Muxing>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write HANDSHAKE, offset = 0, length = 115>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <isMuxerActivated: false>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 SSL3/TLS MAC>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <23376797 received HANDSHAKE>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: ServerHello>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <HANDSHAKEMESSAGE: Certificate>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Cannot complete the certificate chain: No trusted cert found>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 0 in the chain: Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validating certificate 1 in the chain: Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <validationCallback: validateErr = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[0] = Serial number: 2400410601231772600606506698552332774
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Subject:C=US, ST=New York, L=New York, O=xxx LLC, OU=GTIG, CN=ws-eq.demo.xxx.com
Not Valid Before:Tue Dec 18 19:00:00 EST 2012
Not Valid After:Wed Jan 07 18:59:59 EST 2015
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> < cert[1] = Serial number: 133067699711757643302127248541276864103
Issuer:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=(c) 2006 VeriSign, Inc. - For authorized use only, CN=VeriSign Class 3 Public Primary Certification Authority - G5
Subject:C=US, O=VeriSign, Inc., OU=VeriSign Trust Network, OU=Terms of use at https://www.verisign.com/rpa (c)10, CN=VeriSign Class 3 International Server CA - G3
Not Valid Before:Sun Feb 07 19:00:00 EST 2010
Not Valid After:Fri Feb 07 18:59:59 EST 2020
Signature Algorithm:SHA1withRSA
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <weblogic user specified trustmanager validation status 16>
<Mar 7, 2013 6:59:22 PM EST> <Warning> <Security> <BEA-090477> <Certificate chain received from ws-eq.demo.xxx.com - 12.29.210.156 was not trusted causing SSL handshake failure.>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Validation error = 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Certificate chain is untrusted>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <SSLTrustValidator returns: 16>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <Trust status (16): CERT_CHAIN_UNTRUSTED>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <NEW ALERT with Severity: FATAL, Type: 42
java.lang.Exception: New alert stack
at com.certicom.tls.record.alert.Alert.<init>(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.fireAlert(Unknown Source)
at com.certicom.tls.record.handshake.ClientStateReceivedServerHello.handle(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessage(Unknown Source)
at com.certicom.tls.record.handshake.HandshakeHandler.handleHandshakeMessages(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.interpretContent(Unknown Source)
at com.certicom.tls.record.MessageInterpreter.decryptMessage(Unknown Source)
at com.certicom.tls.record.ReadHandler.processRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readRecord(Unknown Source)
at com.certicom.tls.record.ReadHandler.readUntilHandshakeComplete(Unknown Source)
at com.certicom.tls.interfaceimpl.TLSConnectionImpl.completeHandshake(Unknown Source)
at com.certicom.tls.record.WriteHandler.write(Unknown Source)
at com.certicom.io.OutputSSLIOStreamWrapper.write(Unknown Source)
at java.io.BufferedOutputStream.flushBuffer(BufferedOutputStream.java:65)
at java.io.BufferedOutputStream.flush(BufferedOutputStream.java:123)
at java.io.FilterOutputStream.flush(FilterOutputStream.java:123)
at weblogic.net.http.HttpURLConnection.writeRequests(HttpURLConnection.java:154)
at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:358)
at weblogic.net.http.SOAPHttpsURLConnection.getInputStream(SOAPHttpsURLConnection.java:37)
at weblogic.wsee.util.is.InputSourceUtil.loadURL(InputSourceUtil.java:100)
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(DOMParser.java:118)
at weblogic.wsee.util.dom.DOMParser.getDocument(DOMParser.java:65)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:311)
at weblogic.wsee.wsdl.WsdlReader.getDocument(WsdlReader.java:305)
at weblogic.wsee.jaxws.spi.WLSProvider.readWSDL(WLSProvider.java:296)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:77)
at weblogic.wsee.jaxws.spi.WLSProvider.createServiceDelegate(WLSProvider.java:62)
at javax.xml.ws.Service.<init>(Service.java:56)
at ideal.ws2j.eqtoken.TokenServices.<init>(TokenServices.java:64)
at com.citi.ilrouter.util.IpreoEQSSOClient.invokeRpcPortalToken(IpreoEQSSOClient.java:165)
at com.citi.ilrouter.servlets.T3LinkServlet.doPost(T3LinkServlet.java:168)
at com.citi.ilrouter.servlets.T3LinkServlet.doGet(T3LinkServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(Unknown Source)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(Unknown Source)
at weblogic.servlet.internal.WebAppServletContext.execute(Unknown Source)
at weblogic.servlet.internal.ServletRequestImpl.run(Unknown Source)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <write ALERT, offset = 0, length = 2>
<Mar 7, 2013 6:59:22 PM EST> <Debug> <SecuritySSL> <BEA-000000> <close(): 16189141>I received a workaround by an internal message.
The how to guide is :
-Download the wsdl file (with bindings, not the one from ESR)
-Correct it in order that the schema corresponds to the answer (remove minOccurs or other things like this)
-Deploy the wsdl file on you a server (java web project for exemple). you can deploy on your local
-Create a new logicial destination that point to the wsdl file modified
-Change the metadata destination in your web dynpro project for the corresponding model and keep the execution desitnation as before.
Then the received data is check by the metadata logical destination but the data is retrieved from the correct server. -
Error while calling SPML web service call in OIM 11g
Hi,
While testing the SPML web service call, I am getting the "failure in security check" errors.
And I have attached the request and responce .
Request:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header xmlns:ns1="urn:names:spml:ws:header">
<ns1:ServiceHeader>
<ns1:serviceId/>
</ns1:ServiceHeader>
<wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>xelsysadm</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXXXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body xmlns:ns2="http://xmlns.oracle.com/idm/identity/spmlv2custom/Username">
<ns2:validateUsernameRequest xmlns:ns3="urn:oasis:names:tc:SPML:2:0" requestID="12345" executionMode="synchronous" locale="en" policyURI="http://www.sample.com/string/string">
<ns2:capabilityData mustUnderstand="true" capabilityURI="urn:oasis:names:tc:SPML:2:0:reference"/>
<ns2:username>TCS1000</ns2:username>
</ns2:validateUsernameRequest>
</soap:Body>
</soap:Envelope
Response:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<env:Fault xmlns:ns0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<faultcode>ns0:FailedCheck</faultcode>
<faultstring>FailedCheck : failure in security check</faultstring>
<faultactor/>
</env:Fault>
</env:Body>
</env:Envelope>
I have attached the log file from OIM
####<Apr 26, 2012 10:27:13 AM EDT> <Error> <oracle.wsm.resources.enforcement> <corwloimhd01> <dev-oim_oim_server01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <214014dca901f288:-460ab67b:136eeab0662:-7ffd-0000000000000838> <1335450433058> <WSM-07501> <Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=spml-xsd, composite=null, modelObj=SPMLService, policy=oracle/wss11_saml_or_username_token_with_message_protection_service_policy, policyVersion=1, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss11-username-with-certificates.>
####<Apr 26, 2012 10:27:13 AM EDT> <Notice> <Stdout> <corwloimhd01> <dev-oim_oim_server01> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'> <<WLS Kernel>> <> <214014dca901f288:-460ab67b:136eeab0662:-7ffd-000000000000083d> <1335450433058> <BEA-000000> <<Apr 26, 2012 10:27:13 AM EDT> <Error> <oracle.wsm.resources.enforcement> <WSM-07501> <Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=spml-xsd, composite=null, modelObj=SPMLService, policy=oracle/wss11_saml_or_username_token_with_message_protection_service_policy, policyVersion=1, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss11-username-with-certificates.>>
Please help me how to solve this issue.
Thanks in advance
SivaYour business logic has to be implemented by using OIM APIS. oimclient.jar..
you can then expose these business functions accordingly using a webservice or rest ...
for business logic refer:-
http://docs.oracle.com/cd/E27559_01/dev.1112/e27150/apis.htm#OMDEV734
You will basicsally have to deal with UserManager class for managing users.
java API:
http://docs.oracle.com/cd/E27559_01/apirefs.1112/e28159/toc.htm -
LCDS web service call throwing error for valid XSD URL
Hi,
I am trying to call a web service which is deployed on a J2EE application[ Project name : WebServiceApplication ] through a different LCDS application [ Project name : lcdsTestWebService] But while loading of mxml following error comming into console.
Can any one explain that why Flex application is looking for DocTypeTestService_schema1.xsd into lcdsTestWebService application when this xsd is
present in WebServiceApplication project.
One intresting point which i found that if i place this xsd into root of lcdsTestWebService application so that it is accessable through
url = "http://localhost:9080/lcdsTestWebService/DocTypeTestService_schema1.xsd" than there is no issue and web service call sucessfully
happen.
[2/14/11 16:23:18:208 IST] 0000002c SystemOut O [LCDS]Deserializing AMFX/HTTP request
Version: 3
(Message #0 targetURI=null, responseURI=null)
(Typed Object #0 'flex.messaging.messages.HTTPMessage')
(Object #1)
body = clientId = "A568DF0F-A60A-1473-CDAB-707E4A185812"
contentType = "application/x-www-form-urlencoded"
destination = "testWebservice"
(Object #2)
DSEndpoint = "my-http"
DSId = "A568DE2A-2809-A1FE-0934-D3ECBC19337C"
headers = httpHeaders = null
messageId = "9F6F7661-8FA1-30CA-3F04-23CD91C1AF90"
method = "GET"
recordHeaders = true
timestamp = 0
timeToLive = 0
url = "http://localhost:9080/lcdsTestWebService/DocTypeTestService_schema1.xsd"
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- GET : http://localhost:9080/lcdsTestWebService/DocTypeTestService_schema1.xsd
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Cookie in request: domain = 'localhost', path = '/', client name = 'JSESSIONID', endpoint name = 'JSESSIONID', value = '0000Ii8aRUEKjvhE38Bd_dyW3jw:-1
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: Accept : */*
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: Accept-Language : en-US
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: Referer : http://localhost:9080/lcdsTestWebService/SampleWebService.swf/[[DYNAMIC]]/6
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: x-flash-version : 10,1,102,64
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: Content-Type : application/xml
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: User-Agent : Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.1; Trident/4.0; SLCC2; .NET CLR 3.5.30729; InfoPath.2; .NET CLR 1.1.4322; MS-RTC LM 8; SLCC1; MS-RTC S; USPortal)
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Header in request: Cache-Control : no-cache
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- Begin GET request --
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]
[2/14/11 16:23:19:591 IST] 0000002c SystemOut O [LCDS]-- End GET request --
[2/14/11 16:23:20:191 IST] 0000002d FfdcProvider I com.ibm.ws.ffdc.impl.FfdcProvider logIncident FFDC1003I: FFDC Incident emitted on C:\IBM\WebSphere\Appserver\profiles\AppSrv04\logs\ffdc\server1_1aaf1aaf_11.02.14_16.23.19 .98114899428566798599.txt com.ibm.ws.webcontainer.extension.DefaultExtensionProcessor.handleRequest 573
[2/14/11 16:23:20:391 IST] 0000002c SystemOut O [LCDS]Serializing AMFX/HTTP response
Version: 3
(Message #0 targetURI=/onStatus, responseURI=)
(Typed Object #0 'flex.messaging.messages.ErrorMessage')
body = null
messageId = "A568F5E1-EF0D-DCBC-6AB1-912C2FEAACB2"
extendedData = null
clientId = "A568DF0F-A60A-1473-CDAB-707E4A185812"
headers = (Object #1)
DSStatusCode = 404
rootCause = null
destination = "testWebservice"
faultCode = "Server.Proxy.Request.Failed"
faultString = "HTTP/1.1 404 Not Found"
faultDetail = "HTTP/1.1 404 Not Found"
timeToLive = 0.0
timestamp = 1.297680800351E12
correlationId = "9F6F7661-8FA1-30CA-3F04-23CD91C1AF90"I received a workaround by an internal message.
The how to guide is :
-Download the wsdl file (with bindings, not the one from ESR)
-Correct it in order that the schema corresponds to the answer (remove minOccurs or other things like this)
-Deploy the wsdl file on you a server (java web project for exemple). you can deploy on your local
-Create a new logicial destination that point to the wsdl file modified
-Change the metadata destination in your web dynpro project for the corresponding model and keep the execution desitnation as before.
Then the received data is check by the metadata logical destination but the data is retrieved from the correct server. -
How to retrieve error message(s) after failed web service call
Hi!
I tried to create an item using the web service ego_item_pub.process_item and it worked ok (version 12.1.1). Sending the same request again, I got an error which should be ok since the item id already exists. The thing is, that I only get an "E" as return status:
<X_RETURN_STATUS>E</X_RETURN_STATUS>
<X_MSG_COUNT>1</X_MSG_COUNT>
As described in the integration repository, there should be a parameter called msg_data which should contain the message if there is exactly 1 message, but I cannot find it.
So, I tried to get the message using fnd_message.get, but the response of my web service call is:
AuthorizationFailure : User not authorized to execute service. (I use sysadmin/sysadmin as ws security user).
I use the following grant details:
All Users Direct GLOBAL Revoke Action Enabled
SYSADMIN SYSADMIN Direct USER
What else can I do or how can I retrieve error messages for a failed web service call?
Thanks a lot,
KonradHi Konrad,
As we've found out, search the Integration Repository for internal name ERROR_HANDLER and use that. Letting the general public know the answer for this one!
Regards,
Gareth
http://garethroberts.blogspot.com -
Web service call on hosted env fails with hex to raw conversion error
Hi,
I use Enciva to run some hosted Apex applications, and I've had a call open with them for a few days re: setting up a web service call to an e-mail checker, provided by a company called Rolosoft. The e-mail checker runs fine from outside the hosted environment, but I get the following error trying to call from the Apex application:
ORA-06502: PL/SQL: numeric or value error: hex to raw conversion error
Has anyone hit this error before with web services, I've tried manual and RESTful but get the same error message.
Thanks,
MikeHello,
We encounter the same issue using manual WebService !
Environnement Settings :
Oracle 11g R2 - Windows W2K3 - NLS_CHARACTERSET : AL32UTF8
Apex 4.1
Any suggestions, helps ?
Thanks,
G. -
Solution: Apache2 personal web sharing 403 Forbidden error
Many people are puzzled about Apache 2 throwing 403 Forbidden errors when accessing the user's personal website, although the computer website works. And a lot of incorrect solutions are floating around. I decided to post some info that hopefully will clarify the issue.
As an example, my new Mac mini would run a website OK at http://192.168.0.2/ but my personal website at http://192.168.0.2/~username/ would give a 403 Forbidden error. I believe I have found out why. This is due to incorrect user-level settings that I believe were migrated from a previous OS version. I migrated from an old Power Mac G5 Quad with MacOS X 10.5 to my new Mac mini with MacOS X Lion 10.7.
The problem here is that Apache denies access to the user level Sites folder. If you create a new user on Lion, the system will create a username.conf, where username is the user's short name. But if you migrated from a previous version, this file will not exist, so Apache will not serve pages from the user's Sites folder. Some people tried to fix this by modifying httpd.conf, for example, by putting virtual hosts on the computer's main site. But that's not the right place to fix it. This should be fixed at the username.conf level. So.. look for this file with your username:
/private/etc/apache2/users/yourusername.conf
If it does not exist, you will have to create it in a text editor, and change the owners. First get a text editor and create it, for example you could do this in pico
sudo pico /private/etc/apache2/users/yourusername.conf
Then add this to the file and save it:
<Directory "/Users/yourusername/Sites/">
Options Indexes MultiViews ExecCGI
AllowOverride AuthConfig FileInfo
Order allow,deny
Allow from all
</Directory>
Be sure to hit Control-O (letter o) to write out the file then Control-X to exit the pico editor. Note that I have enabled some options, like ExecCGI to allow .cgi files to run, and Authconfig and FileInfo so some useful .htaccess methods work. You could dumb it down and say AllowOverride none like the default settings.
Once you have created the yourusername.conf file, you will have to change the ownership to system:wheel. However, oddly enough, you can't chown system, you have to chown root. So the command will look like this:
sudo chown root:wheel /private/etc/apache2/users/yourusername.conf
You can put other directives here that will only apply to this user. Try to avoid modifying httpd.conf, it's easy to mess up globally and it can be hard to fix if you break it.Howdy, I was having the same problem you were having, until I noticed that I had placed some incompatible File Sharing settings on my home folder. Specifically, I had placed No Access for the 'everyone' group, which is the group that Apache uses.
Thus, even though my ~/Sites folder had "public" permissions, the enclosing folder (~/) had even more restrictive permissions so Apache couldn't serve anything from it.
Check to see if you've enabled any custom File Sharing permissions on your home (or Sites) directory in the Sharing preference pane.
hth.
Message was edited by: Wesley Miyazaki [corrected OS version]
Maybe you are looking for
-
Different frame rate encoding on tape (24p & 24pa)
Hi, I usually record to tape with my dvx100 using 24pa, but sometimes the quick setup dial was switched accidentally resulting in a different frame encoding, like 24p for example. Everything is recorded in 29.97fps on mini-dv, we all know that, makin
-
How to use Unicode characters with TestStand?
I'm trying to implement the use of Greek characters such as mu and omega for units. I enabled multi-byte support in the station options and attempted to paste some characters in. I was able to paste the mu character (μ) and import it from Excel with
-
Bat file for running scheduled jobs
Hi I am not entirely sure whether this is the correct forum to post this question, so apologies if I have posted this question in the wrong place. Anyhow, I would like to know how to create two automated bat file scripts that will execute a PL/SQL pa
-
Tomcat Servlet: System.out.println in servlet not printing to catalina.out
Hello friends , When i m using System.out.println() in servlet its o/p should come in catalina.out but its not coming plz help me....one thing more can we replace exixting catalina.out file with new one... please Help me soon. Thanks
-
What to do when you entered all the require info JDE System Values screen and when try to log in received a Code 4- Software protection code invalid (SPC or Maximum users). I enter on the web site to generate my key but keep getting the same error. T