Avoid stripping of wsse security headers

Hi,
I have created two SOA composites. The first soa composite is for inserting to a database whereas the second composite is just a wrapper service to invoke the first composite. The first composite is attached with policy oracle/wss11_username_token_with_message_protection_service_policy as a result of which the reference endpoint of the second composite is attached with oracle/wss11_username_token_with_message_protection_client_policy. The service endpoint of the wrapper service is attached with oracle/wss_username_token_service_policy. In the
oracle/wss11_username_token_with_message_protection_client_policy the default key has been overriden with a key that has credentials of an user who does not have the authentic and authorization privilege. So while testing the service with user (with right privilege) the security header is getting stripped when the second service is getting invoked as a different policy has been attached. So is there any way to avoid stripping off the wsse headers from the first service so that it overrides the security header when the second service is being invoked?
The soa version is 11.1.1.5.0
Thanks,
Sourav

Hi all,
any solution to this?

Similar Messages

Sending WSSE security headers to non-weblogic web service

I have been trying to send wsse headers to a non-weblogic web service. I am looking for a way to do this using the control file I generated from the wsdl or the page flow where I implement the control, or the message handler file. I have username and password parameters but I cannot get this to function.
Here is the signature I need:
<?xml version="1.0" encoding="UTF-8" ?>
- <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
- <env:Header>
- <wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsse:UsernameToken wsu:Id="Id-dFQDZm_34ewPYtaARIJ_4BfI" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>weblogic</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">weblogic</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
- <env:Body>
<n1:hello xmlns:n1="http://workshop.bea.com/WebServiceB" />
</env:Body>
</env:Envelope>
Of course the Body is different, but this is the security signature that I need to get into the header. After looking at all the examples, I only see the option of using a java proxy class to call the web service, which would be a little difficult to use as my whole page flow application so far is calling the web service from a generated control. There are also lots of coplex datatypes that are being sent to the web service so a jave proxy would be a little difficult. I have tried to take the code from the java proxy class example and put it in my handler class, but the handler seems to only use MessageContext, not WebServiceContext and will not let me add the username password tokens. When I have tried to case a WebServiceContext out of a MessageContext, it gives me a runtime error "Class Cast Exception" even though workshop lets me do it.
This is extremely urgent. Please help me! I am using the sample handler class called MessageHandler.java and the sample WSSE java proxy class called WebServiceBClient.java that generated the above signature.

More information:
Here is the first part of my Java Control where I am calling the web service and the message handler:
package controls;
* @jc:location http-url="http://localhost:7001/Checking.jws"
* @jc:wsdl file="#CheckingWsdl"
* @jc:handler callback="MessageHandler" operation="MessageHandler"
public interface CheckingService extends com.bea.control.ControlExtension, com.bea.control.ServiceControl
public static class CustomerInfo
implements java.io.Serializable
public java.lang.String FirstName;
public java.lang.String LastName;
public java.lang.String MiddleName;
public int SSN;
public int CustomerNumber;
public java.util.Calendar CreationDate;
public java.util.Calendar LastModifiedDate;
public static class FundingInfo
implements java.io.Serializable
public float Amount;
public java.util.Calendar CurrentDate;
public int AccountNumber;
public static class anyType
implements java.io.Serializable
public com.bea.xml.XmlObject[] t;
public static class AccountInfo
implements java.io.Serializable
public int AccountNumber;
public float Balance;
public int CustomerNumber;
public java.util.Calendar LastModifiedDate;
* @jc:protocol form-post="false" form-get="false"
public AccountInfo CreateAccountChecking (CustomerInfo CustomerInfo, FundingInfo FundingInfo, anyType CommonHeader);
static final long serialVersionUID = 1L;
Here is the section of the MessageHandler class where I am attempting to add security token to the header:
protected void addSecurityHeader (MessageContext mc)
* Registers a handler for the SOAP message traffic.
HandlerRegistry registry = mc.getHandlerRegistry();
List list = new ArrayList();
list.add(new HandlerInfo(WSSEClientHandler.class, null, null));
registry.setHandlerChain(new QName("hello"), list);
try
WebServiceContext context = (WebServiceContext)WebServiceContext.currentContext().getLastMessageContext();
//(WebServiceContext)mc;
WebServiceSession session = context.getSession();
* Set the username and password token for SOAP message sent from the client, through
* the proxy, to the web service.
UserInfo ui = new UserInfo("weblogic", "weblogic");
session.setAttribute(WSSEClientHandler.REQUEST_USERINFO, ui);
//mc.setProperty(WSSEClientHandler.REQUEST_USERINFO, ui);
* Adds the username / password token to the SOAP header.
SecurityElementFactory factory = SecurityElementFactory.getDefaultFactory();
Security security = factory.createSecurity(null);
security.addToken(ui);
session.setAttribute(WSSEClientHandler.REQUEST_SECURITY, security);
//mc.setProperty(WSSEClientHandler.REQUEST_SECURITY, security);
} catch (Exception ex) {System.out.println("EXCEPTION CAUGHT DOING SECURITY STUFF " + ex.getMessage());}
I tried to use the MessageContext to do this but it came out null. I tried to cast the MessageContext to WebServiceContext and it gave me a Class Cast Exception. I tried to add the HandlerRegistry section to this but of course the assignment mc.getHandlerRegistry is improper and is not compiling so don't let that confuse you.

WS-Security Headers

I am having a problem making a webservice call through a partnerlink with the wsse security headers in the webservice call.
BPEL server is receiving a SOAP webservice call with ws-security headers. I want to call a partner link, external webservice, with the same ws-security headers that I received from the client. BPEL is just being the middleman in this situation, receiving a webservice call and then making a webservice call with the same ws-security headers. I am having no success, can someone please help me?

I am having a problem making a webservice call through a partnerlink with the wsse security headers in the webservice call.
BPEL server is receiving a SOAP webservice call with ws-security headers. I want to call a partner link, external webservice, with the same ws-security headers that I received from the client. BPEL is just being the middleman in this situation, receiving a webservice call and then making a webservice call with the same ws-security headers. I am having no success, can someone please help me?

How to insert security headers thru BPEL Process

I am new to BPEL process creation and stuff, but I need to complete a task in which I need
1.Create a BPEL process which accepts Username and password and set it into the soap request header as follows;
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri
ty-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-24438666"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
y-utility-1.0.xsd">
<wsse:Username>Username </wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token
-profile-1.0#PasswordDigest">password </wsse:Password>
<wsse:Nonce>syVMUbFNvaQAfQaDpVDolA==</wsse:Nonce>
<wsu:Created>2009-03-25T22:55:51Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Can you please let me know what all steps I need follow in order to introduce the soap:header with wsse :security header settings. I am using 10.1.2.
I tried to do it by importing a schema wsse.xsd into my WSDL file. and in bpel.xml I set the properties as follows,
<property name="wsdlLocation">AccruentService.wsdl</property>
<property name="wsseUsername">username</property>
<property name="wssePassword">password</property>
<property name="wsseHeaders">credentials</property>
but does not put in the required header.
I dont know if I need to do anything else, Please help.

Hi,
Thanks for the quick reply.
I tried doing he same as mentioned in the link that u provided, but I got struck at this;
I did not understand why we are doing this;
<bpelx:insertAfter>
<bpelx:from variable="pswd" query="/wsse:Password"/>
<bpelx:to variable="userNameToken" query="/wsse:UsernameToken/wsse:Username"/>
</bpelx:insertAfter>
<bpelx:append>
<bpelx:from variable="userNameToken" query="/wsse:UsernameToken"/>
<bpelx:to variable="securityContext" query="/wsse:Security"/>
</bpelx:append>
after doing this and deploying, my request when tested thru SOAPUI looks like this with not security headers
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:add="http://schemas.xmlsoap.org/ws/2003/03/addressing" xmlns:acc="http://www.accruent.com/">
<soapenv:Header>
<add:MessageID>?</add:MessageID>
<add:ReplyTo>
<add:Address>?</add:Address>

<add:ReferenceProperties>

</add:ReferenceProperties>

<add:PortType>?</add:PortType>

<add:ServiceName PortName="?">?</add:ServiceName>

</add:ReplyTo>
</soapenv:Header>
<soapenv:Body>
....I just removed so that it is short
</soapenv:Body>
</soapenv:Envelope>
the service which I am invoking should

Extracting webservice security headers

I want to extract the wsseheader (username, password) that came into the bpel process and pass it to a partner link. any idea how to do it ?

Hi,
If you want to pass incoming WS-Security credentials to a process, which you are invoking, you don't need to extract wsse headers.
You need to set the wsseHeaders partner link property to propagate. To set this property use the following steps:
1. double click on the partner link for the service you need to invoke.
2. Go to the Property tab, and click on create button.
3. Select wsseHeaders from the drop down menu.
4. Give propagate as property value.
5. save and deploy, the WS-Security credentials will automatically propagated to the process you are invoking.
If you still want to extract wsse header inside BPEL you need to do the following:
1. Import "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" for WS-Security elements.
2. Create a variable of type wsse:Security in your BPEL.
3. double click on the receive activity of your BPEL process and go to Adapters tab.
4. Choose the variable you have just created as header variable.
5. In an assign activity create two copy operations to extract user name and password.
5. To extract user name give the "/ns1:Security/ns1:UsernameToken/ns1:Username" in xpath expression.
6. To extract password give the "/ns1:Security/ns1:UsernameToken/ns1:Password " in xpath xpression.
I am assuming ns1 is the name space prefix for WS-security xml schema in you BPEL process.
Read my following posts for more details on how to manipulate soap headers in BPEL and how to pass security credentials from BPEL:
http://soa-howto.blogspot.com/2008/05/how-to-manipulate-soap-headers-in-bpel.html
http://soa-howto.blogspot.com/2008/04/invoking-ws-security-compliant-web.html
http://soa-howto.blogspot.com/2008/09/how-to-set-security-credentials.html
http://soa-howto.blogspot.com/2008/09/how-to-pass-security-credentials-from.html
Thanks,
Dharmendra
http://soa-howto.blogspot.com

How to set wsse:security SOAP header in soa 11g?

Hi,
we are facing an issue with invoking a secured webservice.
we tried 3 things
1.) set the username/password in em under reference properties
2.) Created a schema, set the username/password and included it in partner link header tab.
3.) added a client token policy in em and then set http authentication field.
all these not working.
the error we are facing is :
Non Recoverable System Fault :
javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header
complete payload is below:
<bpelFault>
<faultType>0</faultType>
<remoteFault>
<part name="summary">
<summary>Missing <wsse:Security> in SOAP Header</summary>
</part>
<part name="detail">
<detail>javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header</detail>
</part>
<part name="code">
<code>wsse:InvalidSecurity</code>
</part>
</remoteFault>
</bpelFault>
Please let us know how to proceed with this?
Thanks in advance
Regards

You need to attach the below policy in security section (Select your partnerlink in the references section of composite.xml and the click on "Configure WS policies")
oracle/wss_username_token_client_policy
if it is Secured Webservice, then attach this policy
oracle/wss_username_token_over_ssl_client_policy
After attaching policy, click edit and configure the key(out of box, u see one key csf-key) . This key should be setup with the required username and password that matches with the Webservice expected username and pwd.
Thanks,
Satish
http://soadiscovery.blogspot.com

Business service with ws security (missing security headers)

Hello,
I have business service for which I applied ws - security (I want customer to sign response. Response should be validated by osb). I applied policy. Everything works as expected.
My problem is that I would like to save message sent by customer (together with headers which contain signature). However headers related to security are not present in
$header variable in response pipeline. When I disable ws-security then headers related to security are visible in reponse pipeline. So it seems that security headers are removed
when ws-security in enabled. Can I somehow access all headers in response pipeline to be able to save them?

I wasn't clear?
This is a big dev problem for a major Sun client.
No one knows or wants to answer?

Missing wsse:Security in SOAP Header

Hi,
In a Sync RFC->SOAP scenario I'm facing a problem.
Each time that I invoke the Web service, it returns a fault with the message <i>Missing <wsse:Security> in SOAP Header</i>.
I have double check ten times that the receiver comm.channel has the user and password, but It's still failing.
I don't know if it can be helpful, but the Webservice is provided by an Oracle server.
Thanks in advance for your answers,
David R.

Did you try to invoke the webservice another way?like NWDS for example?
You can write adapter module to see what you are sending to your WebService, here is the process function in Java:
public ModuleData process(ModuleContext moduleContext,
ModuleData inputModuleData)
throws ModuleException {
        try {
                        BufferedWriter out = new BufferedWriter(new FileWriter("c:
logs
web.log",true));
                        Message msg = (Message) inputModuleData.getPrincipalData();
                        out.write(msg.getDocument().getText()+ "\n");
                        out.close();
                } catch (IOException e) {
return inputModuleData;

SOAPFaultException with wsse:Security Tag consuming a Web-Service

hello,
i'm trying to consume a Web-Service of a Document-Server implementing the new CMIS-Interface.
When i call the Service i get the exception:
javax.xml.ws.soap.SOAPFaultException: An error was discovered processing the <wsse:Security> header
my code (in an EJB 3.0 of NWCE 7.1 CE Server) is as follows:
@Stateless(name="DocRepBean")
public class AlfRepBean implements DocRepLocal {
     @WebServiceRef(name="RepositoryService")
     private RepositoryService rService;
     public String repServiceList ()
          String result = "";
          RepositoryServicePort rPort = rService.getRepositoryServicePort();
          try
               String rList = "";
               for (CmisRepositoryEntryType rEntry : rPort.getRepositories())
                    rList = rList + "REntry:ID="+rEntry.getRepositoryID()+";Name="+rEntry.getRepositoryName()+";URI="+rEntry.getRepositoryURI()+":";
               result = rList;
          catch (Exception ex)
               result = "!Exeption:" + ex.toString();
               ex.printStackTrace();
                        // here the exception is thrown
          return result;
Is there maybee a problem with authentification? but how can i set user and password calling that service then?
Sorry for this maybe easy questions but i'm new in consuming other webservices.
regards
matthias hayk

Found solution for this particular problem myself but ran into an follow-up error

Process security headers without removing them

Does anyone know whether it is possible to have OSB process security headers without removing the headers from the message?
I would like to be able to validate the signature and grab the principal from the certificate in order to determine whether the request should be allowed to continue on. However, the signature cannot be removed from the message because the business service requires requests to be signed (and the requests must be signed by the original requester, not an intermediary).
See Process security headers without removing them also
Helmar

I don't know a way of doing this with OSB, I mean having the bus do it for you. It's either process all security headers or none. If the service bus is acting as a pass-through, not processing the headers, you could read them yourself inside the proxy pipeline. But you would have to implement the decryption yourself, this won't be done by the bus. You could do this with a java callout, but I imagine it won't be trivial task.
I'd think this is pretty standard. The headers normally are intended for a service (maybe going through various intermediaries), hence the actor property of the headers, and that service should remove them after processing them. But I'm not familiar with Oracle's ESB to know if this is possible with it.

Unable to process SOAP Header child element 'wsse:Security' with 'mustUnder

Hello everyone.
In have created project in Jdeveloper. In this one i have one external reference for Siebel Service.
At composite, for external reference service(Siebel Service) i have added a security policy i.e. *"oracle_wss_username_token_client_policy"*.
[Right click on SiebelService->configure WS policies->under security tab i have selected above policy]
So apart from this i have added property for the policy
<property name="oracle.webservices.auth.username" type="xs:string"
many="false" override="may">SADMIN</property>
<property name="oracle.webservices.auth.password" type="xs:string"
many="false" override="may">SADMIN</property>
But its returning following error,
Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
This really pushed back me in development.
Really i am in need of help. Help me out of this issue.
Thanks in advance,
Shridhar

Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)The problem is at Siebel side. It is not able to understand the security mechanism being used at SOA side. There are two options -
1. Use the custom policy and assertion at SOA side (please refer to metalink note - 1419373.1)
2. Write your own custom message handler class and use it at Siebel side to negotiate security gap
Regards,
Anuj

Processing WS-Security headers within a web service

Hello,
I have created a service with WS-Security (from a WSDL using jdeveloper) and deployed it on OC4J. Within the service implementation, I need to get some information from soap security header, that is, my service needs to process some security headers. However, in my service implementation, I only have access to information contained inside the SOAP message body (parameters methods).
Could anybody be so kind as to tell me how can I process WS-Security headers inside a web service implementation, please?
Thank you very much in advance.

You can refer this article
web services security in weblogic

SECU1075: An error was discovered processing the wsse:Security header

I have designed a console application as a web service client which is able to talk with webservice; however instead of using
a console application, I've written a DLL that is called from a Winform app and I am getting following error message.
Error message System.Web.Services.Protocols.SoapException: SECU1075: An error was discovered processing the <wsse:Security>
header
   at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response,
Stream responseStream, Boolean asyncCall)   at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
   at ErcotNodalDll.NodalClient.NodalService.MarketTransactions(RequestMessage RequestMessage) in C:\Pb10_Devl\KeyStone\Dark
Angel\Visual Studio\ErcotNodalDll\ErcotNodalDll\Web References\NodalClient\Reference.cs:line 98
   at ErcotNodalDll.Program.submitPayload(String certificate, HeaderType header, RequestType request, PayloadType payload)
in C:\Pb10_Devl\KeyStone\Dark Angel\Visual Studio\ErcotNodalDll\ErcotNodalDll\Class1.cs:line 243
   at ErcotNodalDll.Program.createBidSetData(String[] parms) in C:\Pb10_Devl\KeyStone\Dark Angel\Visual Studio\ErcotNodalDll\ErcotNodalDlA
first chance exception of type 'System.Web.Services.Protocols.SoapException' occurred in System.Web.Services.dll
I'm told the problem is that the DLL can not find the policycache.config file thus doesn't know how to handle security for the
html.
Anybody know what I need to do to call the webservice
from DLL instead of console application?

You use WSE3 and not WCF (which is this forum main focus). One idea is to consider WCF.
Also:
- the client proxy should have a SetPolicy() method which you can use to set the policy
- use Fiddler to check which message the client sends and which one it gets back. Then compare these to a workign client message.
http://webservices20.blogspot.com/
WCF Security, Interoperability And Performance Blog

Urgent How do I add Wsse:Security soap:mustUnderstand="1" in SOAP Document

Hi All,
I am trying to consume external web service with WS Security. How do I add the below nodes to my SOAPDOC?
<soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
Can anyone help in this regard?
Thanks!
Pradeep
[email protected]

try following
&Sdoc = CreateSOAPDoc();
&Sdoc.AddEnvelope(0);
&Sdoc.AddHeader();
&Sdoc.AddBody();
&Sdoc.AddMethod("someelement", 1);
&MethodNode = &Sdoc.MethodNode;
&textNode = &MethodNode.AddText("12345");
&HdrNode = &Sdoc.HeaderNode;
&HdrAttribute = &HdrNode.AddAttribute("xmlns:soapenv", "http://schemas.xmlsoap.org/soap/envelope/");
&WsseNode = &HdrNode.AddElement("wsse:Security");
&WsseAttribute = &WsseNode.AddAttribute("soap:mustUnderstand", "1");
&WsseAttribute = &WsseNode.AddAttribute("xmlns:soap", "http://schemas.xmlsoap.org/wsdl/soap/");
&WsseAttribute = &WsseNode.AddAttribute("xmlns:wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
&strxml = &Sdoc.XmlDoc.GenFormattedXmlString();
&MYFILE = GetFile("c:\temp\test.xml", "N", %FilePath_Absolute);
If &MYFILE.IsOpen Then
   &MYFILE.WriteLine(&strxml);
   &MYFILE.Close();
End-If;content c:\temp\test.xml:
<?xml version="1.0"?>
<SOAP-ENV:Envelope xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
    <someelement>12345</someelement>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

SOAP element wsse:Security with mustUnderstand="1"(SBL-EAI-08000)

Attempting to access Siebel (CRM On Demand) web service using Weblogic web service data control in JDeveloper, set web service security policy to "oracle/wss_username_token_client_policy", receiving the following error:
The Web Service call failed. The service returned a SOAP fault with the message: [SOAP-ENV:MustUnderstand] Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
How can I set mustUnderstand="0" in the SOAP request? (I cannot change the web service to accept mustUnderstand="1")
Thanks!
Edited by: user507901 on Dec 12, 2009 2:09 PM

I am experiencing the exact same problem. From my research, it appears that the problem has to do with the namespace and WS-Security version compatibility.
Here's some related information:
wsse security property in partnerLinkBinding not work in 10.1.3.4 MLR3
Re: Exception with security-enabled web service proxy
Similar problems when connecting from Microsoft to Siebel:
http://social.msdn.microsoft.com/Forums/en/wcf/thread/cc48f572-7082-40d1-9b6b-dcdc7223bc85
(google cache of information that is very relevant)
http://74.125.47.132/search?q=cache:v9gAA2zDcqgJ:soa-howto.blogspot.com/2008/04/invoking-ws-security-compliant-web.html+siebel+ws-security+oasis+2004&cd=9&hl=en&ct=clnk&gl=us&client=firefox-a
http://74.125.47.132/search?q=cache:nIe07-zdum0J:soasol.blogspot.com/2009/06/missing-in-soap-header-when-calling.html+wsseOASIS2004Compliant&cd=3&hl=en&ct=clnk&gl=us&client=firefox-a
Documentation from SOA Suite 10g. Search for "wsseOASIS2004Compliant":
http://download-west.oracle.com/docs/cd/B31017_01/integrate.1013/b28982.pdf
I've tried a number of different ways to set the "wsseOASIS2004Compliant" property to "false" for my partner link, but it simply has no effect in 11g.
Edited by: user12107520 on Dec 15, 2009 10:36 AM

Avoid stripping of wsse security headers

Similar Messages

Maybe you are looking for