Error in OWSM.

Hi all,
I am working on the OWSM part and I am trying to configure the ESB webservice to the OWSM (ccore). While doing so I have deleted the gateway in the EM console which is necessary for the OWSM.
Because of this we can't proceed further and we want this gateway to be reinstalled to do so whether we want to reinstall the OWSM part fully or we can do anything do reinstall the gateway separately which has been deleted. After the deletion of the gateway we can't find the gateway.ear also in the server.
Please help me on this.
Thanks.

Thanks for your reply Chintan,
However I have another issue regarding registering a webservice in the owsm.
I have a working BPEL webservice and I am attempting to register it to the owsm and i copy and paste the following wsdl of the ws. http://ebi-orcl-srvr.wipro.com:80/orabpel/default/BPELProcess1/1.0 but after registering it and I attempt to test the wsdl url[b]
http://10.141.5.82:80/gateway/services/SID0003006?wsdl taken from registered services part in owsm but it is showing the following error.
java.io.IOException: The document 'http://10.141.5.82:80/gateway/services/BPELProcess1.xsd' contains HTML tags.
But when I test the default TimeService wsdl which is there in the ccore itself it is working fine.
I want to know how to give the wsdl url in the owsm.
Thanks.

Similar Messages

[URGENT]Error in OWSM gateway.

Hi Mathias ,
Oracle SOA suite version: 10.1.3.1.0
I started the OWSM with the quick start tutorial. Instead of using the time service I used another service deployed. When I started I had created a gateway which I then deleted.
Then I created a new gateway and done the steps specified by the tutorial.
The problem is occuring when I try to access the proxy wsdl url.
It giving an error :-
Oracle Web Services Manager Gateway C0003001: Cannot find WSDL for service "SID0003006"
I have updated the gateway.component.id with C0003007 the next possible component ID in gateway-config-installer.properties located in OH/owsm/config/gateway and then redeployed the gateway successfully.Now I am getting a little bit different error :
Oracle Web Services Manager Gateway : Cannot find WSDL for service "SID0003007"
I deleted all other gateways and this is the only gateway remaining.
Please tell me another way to fix this.
Thanks and Regards,
Vargab Pathak

To debug the problem, bump up the log level as mentioned in this post http://ws-security.blogspot.com/2007/04/howto-10131-owsm-change-log-level.html
Try to see if the detailed logs help in resolving the problem.
Vikas

Error when OWSM policy is applied to Proxy Service in 11gR1

Hi,
I have applied oracle/wss_username_token_service_policy for my proxy service and trying to test that from OSB Test Console. I am getting below error,
When i have launched Test Console for this proxy, i have observed in Security part, oracle/wss_username_token_client_policy is appearing. I am not sure why oracle/wss_username_token_client_policy is appearing there when i applied oracle/wss_username_token_service_policy to my proxy service.
I have created Keystore and also created oralce.wsm.security map under em console.
Now when i am trying to Test proxy service using Test Console, I am facing below error,
An error ocurred during web service security outbound request processing [error-code: InternalError, message-id: <test-message>, proxy: <alsb-test-service>, target: Samples/Proxy Services/HelloWorld_PS, operation: sayHello]
--- Error message:
oracle.wsm.common.sdk.WSMException: WSM-00015 : The user name is missing.
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor.sendRequest(WssUsernameTokenScenarioExecutor.java:219)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:545)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:608)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:335)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:282)
at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:915)
at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:436)
at oracle.wsm.agent.handler.WSMEngineInvoker.handleRequest(WSMEngineInvoker.java:393)
at com.bea.wli.sb.security.wss.wsm.WsmOutboundHandler$1.run(WsmOutboundHandler.java:141)
at com.bea.wli.sb.security.wss.wsm.WsmOutboundHandler$1.run(WsmOutboundHandler.java:139)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
I am using below header to invoke the service
+<soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">+
+<wsse:Security>+
+<wsse:UsernameToken>+
+<wsse:Username>weblogic</wsse:Username>+
+<wsse:Password>welcome1</wsse:Password>+
+</wsse:UsernameToken>+
+</wsse:Security>+
+</soapenv:Header>+
Please advise me regarding this.
Thanks
Rajesh

Hi,
Check the below link for your solution.
http://tim.blackamber.org.uk/?p=825
Thanks,
Durga

Implemented OWSM -- XML-22045: (Error) Extension function error

good day
When I activated my OWSMAgent within ESB, I launched a null pointer Exception when running a fault, since I have reviewed the documentation WSM_DeploymentGuide and commented that it is not possible to add an error handler general, reviewing the logs I found the following error:
XML-22045: (Error) Extension function error: Class not found '
Missing class: com.cablemas.extensionfunctioncablemas.ExtensionFunctionCablemas
Dependent class: oracle.xml.xpath.XSLExtFunctions
Loader: oracle.xml: 10.1.0_2
Code-Source: / F: / product/10.1.3.1/OracleAS_1/lib/xmlparserv2.jar
Configuration: <code-source> (ignore manifest Class-Path) in META-INF/boot.xml in F: \ product \ 10.1.3.1 \ OracleAS_1 \ j2ee \ home \ oc4j.jar
This load was initiated at oc4j: 10.1.3 using the loadClass () method.
The missing class is available from the following locations:
1. Code-Source: / F: / product/10.1.3.1/OracleAS_1/j2ee/oc4j_soa/applib/ExtensionFunctionCablemas.jar (from <code-source> in / F: / product/10.1.3.1/OracleAS_1/j2ee/oc4j_soa/config / server.xml)
This source code is available in loader global.libraries: 1.0. This shared-library can be made visible to the "oc4j" by modifying the boot loader descriptor.
Class ExtensionFunctionCablemas use it to take the code of the error, locate it within a table in the DB and return the corresponding message, the null pointer exception only if it throws error. OWSM reviewing the request is recorded correctly, and the answer recorded as a fault but I'm not returning the message corresponding to error code.

Greetings,
Quoted:
When using Oracle XSLT extensions, make sure you set the namespace of the extension class to be:
http://www.oracle.com/XSL/Transform/java/This was excerpted from the pdf at:
http://www.oracle.com/technology/tech/xml/xdk/collateral/OracleAS10g_10.1.2_XDK_FAQ.pdfThe namespace tells the application how to interpret your XSLT attributes\elements.
-Michael

OWSM Monitoring

Hi
1) I am new to OWSM . I have an Integration project where number of web services esb & BPEL are developed and doing some or other functionality.
I need OWSM primarily to monitor these web services as in data statistics , payload , instances etc.
While exploring OWSM i felt that to monitor web service through OWSM , it needs to be triggered or routed through OWSM gateway or agent.
But in my case most of the services are either initiated as Adapters polling from DB or file or are triggered using BPEL schedulers.
Can i use OWSM to monitor these self triggered esb & bpels deployed on same server as OWSM if i register them on OWSM gateway.
2) Secondly when i register a web service to a OWSM gateway - LBT_BPEL_Invoke_UC13 (BPEL internally calling ESB) using test page tool. It gives me following error on OWSM console after triggering the wsdl.
ORABPEL-08021
Cannot find partner wsdl.
parnterLink "LBT_BPEL_Invoke_UC13" is not found in process "LBT_BPEL_Invoke_UC13" (revision "1.0&quot
Please check the deployment descriptor of the process to find the correct partnerLink name.
</faultstring><faultactor xmlns=""/>
</env:Fault>
Following error in oc4j default log.
<PAYLOAD>
<MSG_TEXT>An error occurred for port: BPEL_OC4J_SOAP_Provider: javax.xml.rpc.JAXRPCException: ORABPEL-08021
Cannot find partner wsdl.
parnterLink "LBT_BPEL_Invoke_UC13" is not found in process "LBT_BPEL_Invoke_UC13" (revision "1.0")
Please check the deployment descriptor of the process to find the correct partnerLink name.
.</MSG_TEXT>
</PAYLOAD>
I have checked all logs nothing substantial found .Have tried opening the wsdl in the explorer that opens well.
Also tried triggering the wsdl independently from BPEL console which runs successfully.
The partner link entry in the wsdl also seems to be fine .
Can anyone please help me on these 2 issues. I have spent lot of time on these but couldn't find any solution.
Thanks in advance.

1. The primary functionality OWSM addresses is securing (authenticating/authorizing) BPEL/ESB/Web Service - if you need to monitor webservices for statistics, you can try BAM - but it is geared more towards business reporting. For technical low level reporting, directly querying the dehydration databases for BPEL/ESB would be the best option.
2. The error indicates that OWSM application is not able to find the wsdl - most common causes include OWSM being on a separate box and BPEL on another box.
Hope this helps,
Regards,
Shanmu.
http://www.prshanmu.com/articles
Edited by: sthiagar on 27-Oct-2009 04:30

General Fault Handler - ESB implementing OWSM

good day
When I activated my OWSMAgent within ESB, I launched a null pointer Exception when running a fault, since I have reviewed the documentation WSM_DeploymentGuide and commented that it is not possible to add an error handler general, reviewing the logs I found the following error:
XML-22045: (Error) Extension function error: Class not found '
Missing class: com.cablemas.extensionfunctioncablemas.ExtensionFunctionCablemas
Dependent class: oracle.xml.xpath.XSLExtFunctions
Loader: oracle.xml: 10.1.0_2
Code-Source: / F: / product/10.1.3.1/OracleAS_1/lib/xmlparserv2.jar
Configuration: <code-source> (ignore manifest Class-Path) in META-INF/boot.xml in F: \ product \ 10.1.3.1 \ OracleAS_1 \ j2ee \ home \ oc4j.jar
This load was initiated at oc4j: 10.1.3 using the loadClass () method.
The missing class is available from the following locations:
1. Code-Source: / F: / product/10.1.3.1/OracleAS_1/j2ee/oc4j_soa/applib/ExtensionFunctionCablemas.jar (from <code-source> in / F: / product/10.1.3.1/OracleAS_1/j2ee/oc4j_soa/config / server.xml)
This source code is available in loader global.libraries: 1.0. This shared-library can be made visible to the "oc4j" by modifying the boot loader descriptor.
Class ExtensionFunctionCablemas use it to take the code of the error, locate it within a table in the DB and return the corresponding message, the null pointer exception only if it throws error. OWSM reviewing the request is recorded correctly, and the answer recorded as a fault but I'm not returning the message corresponding to error code.

Dear Pallavi,
Very useful post!
I am looking for similar accelerators for
Software Inventory Accelerator
Hardware Inventory Accelerator
Interfaces Inventory
Customization Assessment Accelerator
Sizing Tool
Which helps us to come up with the relevant Bill of Matetials for every area mentioned above, and the ones which I dont know...
Request help on such accelerators... Any clues?
Any reply, help is highly appreciated.
Regards
Manish Madhav

Error while calling Encryption Policy in OWSM

Hi,
I have a simple BPEL process and which is registered in OWSM with Encryption/decryption policies using jks
I get below error in gatway logs.Please let me know any thoughts
2009-06-22 04:57:32,503 FINE [AJPRequestHandler-HTTPThreadGroup-8] CSWComponent - Executing policy step. Policy='SID0003053', Step Name='XML Encrypt', Step Class='com.cfluent.policysteps.security.wssecurity.EncryptStep'
2009-06-22 04:57:32,503 FINER [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - Step XML Encrypt called
2009-06-22 04:57:32,507 FINEST [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.EncryptStep - Encrypting Soap XPATH
2009-06-22 04:57:32,515 FINEST [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - XPath= /descendant-or-self::node()/child::*[(attribute::encrypted = "true")]
2009-06-22 04:57:32,516 WARNING [AJPRequestHandler-HTTPThreadGroup-8] wssecurity.SecurityBaseStep - Failure while applying XML Security
java.lang.StringIndexOutOfBoundsException: String index out of range: -1
at java.lang.String.substring(String.java:1768)
at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.setLocationsForXPath(SecurityBaseStep.java:518)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.setEncryptLocationsForXPath(EncryptStep.java:225)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.getEncryptLocations(EncryptStep.java:202)
at com.cfluent.policysteps.security.wssecurity.EncryptStep.performXmlSecurity(EncryptStep.java:177)
at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.execute(SecurityBaseStep.java:256)
at com.cfluent.pipelineengine.container.DefaultPipeline.executeStep(DefaultPipeline.java:124)
at com.cfluent.pipelineengine.container.DefaultPipeline.execute(DefaultPipeline.java:97)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.execute(DefaultPolicy.java:63)
at com.cfluent.pipelineengine.container.DefaultPolicy$DeferredPipeline.access$300(DefaultPolicy.java:18)
at com.cfluent.pipelineengine.container.DefaultPolicy.execute(DefaultPolicy.java:126)
at com.cfluent.pipelineengine.container.PipelineContainer.execute(PipelineContainer.java:114)
at com.cfluent.agent.Agent.intercept(Agent.java:123)
at com.cfluent.agent.AgentRuntime.intercept(AgentRuntime.java:252)
at com.cfluent.pipelineengine.util.PolicyInvoker.execute(PolicyInvoker.java:30)
at com.cfluent.pipelineengine.util.InvokerChain.execute(InvokerChain.java:30)
at com.cfluent.gateway.Invoker.execute(Invoker.java:148)
at com.cfluent.gateway.listener.ProtocolListener$ListenerTask.run(ProtocolListener.java:272)
at com.cfluent.gateway.listener.ProtocolListener.invoke(ProtocolListener.java:110)
at com.cfluent.gateway.listener.GatewayRuntime.invoke(GatewayRuntime.java:32)
at com.cfluent.gateway.listener.http.HttpListener.invoke(HttpListener.java:30)
at com.cfluent.gateway.listener.http.ServicesServlet.handlePost(ServicesServlet.java:57)
at com.cfluent.common.servlet.BaseServlet.doPost(BaseServlet.java:264)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.evermind.server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:713)
at com.evermind.server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:370)
at com.evermind.server.http.HttpRequestHandler.doProcessRequest(HttpRequestHandler.java:871)
at com.evermind.server.http.HttpRequestHandler.processRequest(HttpRequestHandler.java:453)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:302)
at com.evermind.server.http.AJPRequestHandler.run(AJPRequestHandler.java:190)
at oracle.oc4j.network.ServerSocketReadHandler$SafeRunnable.run(ServerSocketReadHandler.java:260)
at com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
at java.lang.Thread.run(Thread.java:595)
2009-06-22 04:57:32,519 FINE [AJPRequestHandler-HTTPThreadGroup-8] CSWComponent - Step execution failed: Fault Code=[http://schemas.oblix.com/ws/2003/08/Faults/GenericFault] Fault String=[WS-Security process failure:String index out of range: -1] Policy=[SID0003053] Pipeline=[Request] Step Name=[XML Encrypt] Step Class=[com.cfluent.policysteps.security.wssecurity.EncryptStep]
Thanks
Vinay

you missed one question of mine <b>Do you create the PDF after creating the GUID ?</b>
try giving a fixed URL just to test.
Aman

Error while using OWSM File based authentication - URGENT

Hi ,
We have the requirement to invoke the gateway protected webservice from the client.
PLEASE GIVE ME A SOLUTION. IT IS URGENT.
I have protected a webservice via OWSM Gateway.The webservice was devloped with the jdev RPC-ENC format and deployed on a Oracle AS.
I tried testing the webservice with the OWSM-Test Tool without any issues.
But when i created a webservice proxy client and test the code with the userid/passwrd ,am getting the following error.
calling http://localhost:8888/gateway/services/SID0003001
javax.xml.rpc.soap.SOAPFaultException: Invalid username or password
at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:555)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
at project1.proxy.runtime.RpcEncWSSoapHttp_Stub.getStringReturnCust(RpcEncWSSoapHttp_Stub.java:78)
at project1.proxy.RpcEncWSSoapHttpPortClient.getStringReturnCust(RpcEncWSSoapHttpPortClient.java:45)
at project1.proxy.RpcEncWSSoapHttpPortClient.main(RpcEncWSSoapHttpPortClient.java:31)
Process exited with exit code 0.
I wonder ,whats the mode of difference between the OWSM-Test tools client and the Java WS proxy client.
Has any body encountered this kind of behaviour.
Your feed back is highly appreciated.
AG
Edited by: user555285 on May 29, 2009 10:42 AM
Edited by: user555285 on May 29, 2009 10:42 AM

Yes, The originial web service also has authentication and i did it via OWSM but I did not initialize it in authentication in the webservice proxy.
Now i did it and works fine.
Thanks AJochems (Redora) .
--AG

Error while testing the OWSM client agent

Hi All,
I've created an Oracle WSM Client Agent to initiate my process invoking a web service. After I've changed the
agent.properties file setting component.id and client.home=D:/OracleAS_1_10.1.3.1, I've configured the wsif-wsm-config.xml
File to enable the BPEL Process to Securely Invoke the Web Service.
Now when I invoke my process throughBPELConsole, i am getting the following error :
Agent home property not found in init file
D:\OracleAS_1_10.1.3.1\owsm\config\interceptors\C0003009\confluent.properties
Can anyone please help me out?
Thanks.
Regards
OracleCOE

I've tried copying
clientagent.home=../../clientagent
clientagent.default.config.path=clientagent-config-installer.properties;clientagent-config-common.properties
to the confluent.properties file and copying gdkapp.xml to clientagent directory. But, Now I am getting the following error:
<fault>
<remoteFault xmlns="http://schemas.oracle.com/bpel/extension">
<part name="code">
<code>GenericFault</code>
</part>
<part name="summary">
<summary>Agent is not ready to process requests</summary>
</part>
<part name="detail">
<detail>null</detail>
</part>
</remoteFault>
</fault
What shall I do?
Thanks & Regards
OracleCOE

OWSM: Gateway has encountered an unexpected error

Hi everyone,
Oracle SOA suite version: 10.1.3.1.0
I tested a web services application which deployed on GlassFish 9.1 (Java EE 5) on Test Page of OWSM, all the services methods worked fine.
then, I followed the steps of the quick start tutorial of OWSM for the above mentioned web services instead of TimeService, the problem happened, web service method has been called in server side, but the gateway has the problem to parse the response from the server.
The error message: Gateway has encountered an unexpected error
I look at gateway.log, there is exception:
http.HttpListener - Error while processing request
java.lang.NullPointerException
at java.io.FilterInputStream.available(FilterInputStream.java:146)
at oracle.xml.jaxp.JXSAXParser.parse(JXSAXParser.java:283)
Any help will be appreciated!

I have the same problem, any solution?

Error trying to secure Web Service through OWSM and OAM

Hi all.
We are trying to secure a web service using Oracle Web Service Manager and Oracle Access Manager. We have deployed it into two HTTP Servers. The intended business flow should be:
1. The WSC make a SOAP request signed with a X.509 v1 client certificate.
2. The OWSM Gateway intercepts this request and apply the defined policy:
a. Verify Signature.
b. Extract of credentials
c. OAM Authenticate Authorize.
3. Then OAM apply the defined rule:
a. Credential validation and extraction of security tokens
b. Authentication against OID security attributes
We have protected with OAM the end-point web service URL for authentication and authorization. But we are getting an error when we invoke this web service:
/The Web Service call failed. The service returned a SOAP fault with the
message: Authentication Fault: Invalid User Session Token/
It seems that OWSM Gateway are processing policies defined well, but th error became accesing to OAM authentication and authorize. We have tried to enable OAM debug system, but if we configure it, OAM are unable to start. So we are not able to obtain a more detailed error.
T.I.A.

Try re-configuring the AccessServerSDK AccessGate using the configureAccessGate command in the tools directory. It may be possible that the key pairing is corrupted.

OWSM SAML verification and Must Understand error

Has anyone verified SAML tokens generated by JDev proxies by OWSM?
I tried to use the simplest scenario (similar to what I had tested when verifying SAML with Application Server) with OWSM. I don't use signature and just sender vouches at the proxy side. On the other side, OWSM, I have a gateway which has one step in the request pipeline which verifies SAML.
I get this response message:
<?xml version = '1.0' encoding = 'UTF-8'?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://project1/types/">
<env:Body>
<env:Fault>
<faultcode>env:MustUnderstand</faultcode>
<faultstring>*SOAP must understand error: {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security*</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
Regards
Farbod
P.S. this is my request message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://project1/">
<env:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" env:mustUnderstand="1">
<wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" wsu:Id="B1tdL86gkmAN00oYpfTmOw22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:KeyIdentifier xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID">lrLlLdbWLda851vHdngAEA22</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
<saml:Assertion MajorVersion="1" MinorVersion="1" xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" AssertionID="lrLlLdbWLda851vHdngAEA22" IssueInstant="2008-10-11T08:46:36Z" Issuer="www.oracle.com">
<saml:Conditions NotBefore="2008-10-11T08:46:36Z" NotOnOrAfter="2008-10-12T08:46:36Z"/>
<saml:AuthenticationStatement AuthenticationInstant="2008-10-11T08:46:36Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
<saml:Subject>
<saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">www.oracle.com</saml:NameIdentifier>
<saml:SubjectConfirmation>
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
</saml:SubjectConfirmation>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</wsse:Security>
</env:Header>
<env:Body>
<ns0:jamshidElement/>
</env:Body>
</env:Envelope>

Without more specific about the SOAP Fault you are getting, the version and the type of client you built, it will be hard to give you specifics.
You may want to verify that the policy used to configure the client proxy does match with the server-side.
Usually, this error is generated during deserialization of a SOAP envelope when some SOAP header contains the mustUnderstand attribute with the value set to true and are not ready (configured) to process this specific header.
It could be just a version mismatch; I process header in the foo namespace, but this one was in the bar namespace.
Hope it helps,
-Eric

SAML Sender-Vouches errors when using with OWSM

Hi,
We have configured OWSM Policy 'SAML - Verify WSS 1.0 Token' with Allow signed assertions only. We have created jks Trust store location and configured policy to refer to the file with appropriate password.
We have created proxy security to Sender-Voches signed and to sign outbound message.
We are getting following error when we try to run the proxy.
javax.xml.rpc.soap.SOAPFaultException: SAML token verification failed
at oracle.j2ee.ws.client.StreamingSender._raiseFault(StreamingSender.java:555)
at oracle.j2ee.ws.client.StreamingSender._sendImpl(StreamingSender.java:396)
at oracle.j2ee.ws.client.StreamingSender._send(StreamingSender.java:112)
at vigni4.oracle.srtutorial.datamodel.proxy.runtime.TimeServiceSoap_Stub.getTime(TimeServiceSoap_Stub.java:79)
at vigni4.oracle.srtutorial.datamodel.proxy.TimeServiceSoapClient.getTime(TimeServiceSoapClient.java:41)
at vigni4.oracle.srtutorial.datamodel.proxy.TimeServiceSoapClient.main(TimeServiceSoapClient.java:29)
Process exited with exit code 0.
and Error in gateway.log is
2007-09-01 18:58:56,561 WARNING [RMICallHandler-58] saml.VerifySAMLStep - SAML Token verification failed:
Can any provide information on how to resolve the issue?

We have also noticed that correct message is reaching OWSM.
Attaching the same.
<?xml version="1.0" encoding="UTF-8" ?>
- <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="urn:Test:GetTime">
- <env:Header>
- <wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="_FNfXFOVi1OcPKSyRUAHDyw22" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIICQjCCAasCBEbZZN4wDQYJKoZIhvcNAQEFBQAwaDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExEDAOBgNVBAcTB3NhbUhvbWUxDzANBgNVBAoTBnNhbU9yZzEQMA4GA1UECxMHc2FtRGVwdDESMBAGA1UEAxMJU2FtIE1vb3JlMB4XDTA3MDkwMTEzMTA1NFoXDTA3MTEzMDEzMTA1NFowaDELMAkGA1UEBhMCVVMxEDAOBgNVBAgTB0Zsb3JpZGExEDAOBgNVBAcTB3NhbUhvbWUxDzANBgNVBAoTBnNhbU9yZzEQMA4GA1UECxMHc2FtRGVwdDESMBAGA1UEAxMJU2FtIE1vb3JlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDOrVJbJ/sPvZsgZEDUSIolP1UDT8hfyajfIaPqYHBLBK+FlywrhhrxESyzAsG/k7FSIRZvFg5vAk/W3LB+nPBtrbI2bBMEsQbznuSjzEVkQJVxZMlDjR4yNMHPLbniL64BKuTFnLEhWrnZTmpiThjwoWMPL9eK7/x7su9iDCP5NwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADWjdaRz0FBNHxXPiV9Ad0Kkm2Eag5LQXQoXUuC/VTXk56uQktVLtorp5fYAUsRD2o7ZuPGPJ6Q+5Owe8wXbxrCOX1diI5fxpH5TsS0k8Y/7/Hx3gq67JuPy8x8ApgNd+NagAKHKC0rgEP9ng1FGyhzuHICapPxmjrt2VI3SW2cJ</wsse:BinarySecurityToken>
- <dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#">
- <dsig:SignedInfo>
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <dsig:Reference URI="#mvDwzM5hZWAdG6n5tKLufA22">
- <dsig:Transforms>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>zBFquf+Y0ngNapyK4Xq0Jws1FPM=</dsig:DigestValue>
</dsig:Reference>
- <dsig:Reference URI="#nwWnNm69TPcdyp0yT8fa7g22">
- <dsig:Transforms>
- <dsig:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
- <wsse:TransformationParameters xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</wsse:TransformationParameters>
</dsig:Transform>
<dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</dsig:Transforms>
<dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsig:DigestValue>rgHU/BWcaOiwuP/Q72oybFcEQO8=</dsig:DigestValue>
</dsig:Reference>
</dsig:SignedInfo>
<dsig:SignatureValue>R+RGFjzRYpGVPGINbzsFbXSQ7Slc04/mzQ+BX57oD7NhMKxCcO1C9cV2cJzWAeN5WuDlfsh3RZR/5sTsyEi3yO69ECcLUNDlbjey57GBr5W9PRRIWPs2fZVk2EH4+KOnXVghcAsrXPgm1Ai9UZQUXh0aPiOkQMDplnnhENTkKUo=</dsig:SignatureValue>
- <dsig:KeyInfo>
- <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#_FNfXFOVi1OcPKSyRUAHDyw22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
</wsse:SecurityTokenReference>
</dsig:KeyInfo>
</dsig:Signature>
- <wsse:SecurityTokenReference wsu:Id="nwWnNm69TPcdyp0yT8fa7g22" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">YFfqXnq2xlt426HB9uDInw22</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
- <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="YFfqXnq2xlt426HB9uDInw22" IssueInstant="2007-09-01T13:40:06Z" Issuer="https://phaos.com/idp" xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
<saml:Conditions NotBefore="2007-09-01T13:40:06Z" NotOnOrAfter="2007-09-02T13:40:06Z" />
- <saml:AuthenticationStatement AuthenticationInstant="2007-09-01T13:40:06Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
- <saml:Subject>
<saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">oc4jadmin</saml:NameIdentifier>
- <saml:SubjectConfirmation>
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
</saml:SubjectConfirmation>
</saml:Subject>
</saml:AuthenticationStatement>
</saml:Assertion>
</wsse:Security>
</env:Header>
- <env:Body wsu:Id="mvDwzM5hZWAdG6n5tKLufA22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
- <ns0:getTime env:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<format xsi:type="xsd:string" />
</ns0:getTime>
</env:Body>
</env:Envelope>

Error When Sending Service Request Through OWSM Gateway

We are trying to test using OWSM Gateways and Server Agents to sign and then verify messages being passed to a web service on a server. We have been able to get this to work with a simple HelloWorld type service without any problems. We then followed the exact same steps to do this with an actual service and it is not working.
We run the test from the "Test Page" inside the ccore GUI. We first test the connection directly to the service and receive a message about it missing the WS Security header. This is somewhat expected. Then, we send through the gateway which is set up to sign the message and pass along the header and receive the same error message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns="http://schemas.oblix.com/ws/2003/08/Faults"><faultcode xmlns="">:GenericFault</faultcode><faultstring xmlns="">WS-Security process failure:FAULT CODE: InvalidSecurity FAULT MESSAGE: Missing WS Security header in the SOAP message</faultstring><faultactor xmlns=""></faultactor></env:Fault></env:Body></env:Envelope>
We have checked the OWSM logs and can see that both times the server agent receives the request. The gateway logs, however, do not show any requests or responses even though the message should have gone through it. We do see these messages in the logs when testing our HelloWorld service with the same sign/verify settings. A review of the gateway.log file shows the following message displayed each time we submit a test to the malfunctioning service:
2007-10-18 10:30:22,263 INFO [AJPRequestHandler-HTTPThreadGroup-54] gateway.WSDLRegistry - Exception occured in updateWSDL
We have until tomorrow to get this issue resolved before development presses to move forward without OWSM security and we cannot have that. Your immediate assistance is required. Thank you.

Some additional research has been done here and it seems that web services created with SOAP 1.1 (such as the HelloWorld service) work just fine. The problem is with services created with SOAP 1.2. Are there separate configurations or changes that need to be made for SOAP 1.2 services?

OWSM GATEWAY PROBLEM .xsd error

Hi,
I am working on OWSM gateways.I deployed a mail web service and tried to virtualise it using OWSM gateways. I have registered the service . When i use the link for service wsdl generated by OWSM in internet explorer i can see the wsdl file but when do the same using test page in OWSM i get the following error.
java.io.IOException: The document 'http://localhost:8888/gateway/services/alshirawiMail.xsd' contains HTML tags.
Also i have only tried with web services but when i try to virtualise THE WHOLE BPEL PROCESS i get error like
java.io.IOException: The document 'http://localhost:8888/gateway/services/rule_doesnot_work.xsd' contains HTML tags.
Please reply.
Thanks and regards.
Vishnu
Message was edited by:
user607746

Hi
The problem with xsd resolved but now when i invoke the service from test page i am getting this error.
<env:Envelope
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">null
<env:Body>
<env:Fault
xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<faultcode>env:Server</faultcode>
<faultstring>ORABPEL-08021 Cannot find partner wsdl. parnterLink "OWSM_SYNC_BPEL_PROCESS" is not found in process "OWSM_SYNC_BPEL_PROCESS" (revision "1.0") Please check the deployment descriptor of the process to find the correct partnerLink name. </faultstring>
null</env:Fault>
</env:Body>
</env:Envelope>

Error in OWSM.

Similar Messages

Maybe you are looking for