SAML Validation Error  - Proxy Service - Process WS-Security Header

Similar Messages

• OSB process WS-security header problem! Pls help

  Hi All
  We have protected all our osb proxy services with username token policy. The problem we are facing is that in some of the proxy services we want this header to be available within the message flow (for auditing purposes) but the process WS-security header option when selected removes this header before it enters the message flow.
  If we untick this option, it does not authenticate the incoming soap request and proxy services is invoked even if wrong or no credentials are supplied.
  Is there a way we can select this option for authentication and still have the username token intact within the soap header in the message flow. please help. Thanks

  Please check the content of $inbound at runtime (with process WS-security header option enabled). You may get all the information for auditing purpose from that variable.
  Regards,
  Anuj

• Enable / Disable Process WS-Security Header in SOA Suite 11g

  Hello,
  how can I check the WS-Security Header without authenticate the username? In OSB is a flag "Process WS-Security Header", when I switch it off, the OSB only check the security context and did not check the correct authentication.
  I didn't find a configuration in WebService Security Configuration. Is there a configuration to disable the authentifacation-module?
  KInd regards
  Marcel

  I have the same issue, I need to get the X.509 certificate from the security header but OSB removes them uppon authentication. So I cannot retrieve them !

• Creating Proxy service over a secured BPEL process

  Hi,
  I have a BPEL process project A which I have secured using oracle/wss_username_token_service_policy
  Now, I want to expose it over OSB as a proxy service.
  After registering the WSDL, I tried to create Business Service over it.
  It gave me a warning:
  [OSB Kernel:398133]WSSP 1.2 policy assertions (Web Services Security Policy 1.2) are not allowed on this service.
  What is the best approach to take.
  Thanks.

  Get the wsdl of the OSB proxy service and create webservice parnerlink in BPEL based on this wsdl to invoke the service
  To form the wsdl url, copy the Endpoint URI  configured to the proxy service(just click on the proxy service in the console) from the sbconsole  - /ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService
  Pre append <<protocol://OSB Hostname:OSB Port>>  - http://localhost:8000/   and post append with ?WSDL
  The final WSDL url look like  - http://localhost:8000/ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService?WSDL
  Regards
  Albin I

• Cluster Creation Validation Error - List Services

  Good Afternoon All,
  I am setting up a simple two node Windows 2008 SP2 Failover cluster.  The nodes are brand new and patched with all updates.  Having gone through this process many times before I was confident it would be quick and painless.  However I am getting
  the following validation error that I have never seen before:
  An error occurred while executing the test. There was an error getting information about the running services on the nodes. There was an error retrieving information about the Services from node 'Node.domain'. Object reference not set to an instance of an
  object
  I'm at a complete loss as to where to start.  If the task is to simply obtain a list of running services I would have thought that would be relatively straight forward.  A simple Get-Service from Powershell will display those details.  I have
  located a KB article that refers to this exact error and there is a hotfix available but this is strictly for Windows 2008 R2 not R1 (SP2).
  http://support.microsoft.com/kb/2559392
  Has anyone seen this error before?

  Hi valleydoofer,
  This error some time occur when you installed Powershell 3, please try to uninstall Powershell 3 from the nodes then rerun the validation.
  More information:
  Install and Configure Windows PowerShell
  http://msdn.microsoft.com/en-us/library/cc952756(v=exchsrvcs.149).aspx
  Best Regards,
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Support, contact [email protected]

• Read SAML attributes in Proxy service

  Hi,
  I need to read SAML attributes in a proxy service in OSB. But the SAML is not available.
  The client call a service with encrypted SAML im Header, but when I read the header in Proxy service, the SAML is no more available.
  Client call with:
  Authorization: Basic MTAyOjw/eG1sIHZlcnNpb249IjEuMCIgZW5jb2Rpbmc9IlVURi04Ij8+CjxzYW1sMnA6UmVzcG9uc2UgSUQ9IlJlc3BvbnNlX2YzY2ZkZjM5NWIyNzI3ZWFhZWEyZDlhYTRkMWNhY2RhNzgzNGMxZWMiIElzc3VlSW5zdGFudD0iMjAxMi0wOC0zMFQwNjoyMDoyMC43MDNaIiBWZXJzaW9uPSIyLjAiIHhtbG5zOnNhbWwycD0idXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOnByb3RvY29sIj48c2FtbDI6SXNzdWVyIHhtbG5zOnNhbWwyPSJ1cm46b2FzaXM6bmFtZXM6dGM6U0FNTDoyLjA6YXNzZXJ0aW9uIj5uZXZpc0F1dGg8L3NhbWwyOklzc3Vlcj48c2FtbDJwOlN0YXR1cz48c2FtbDJwOlN0YXR1c0NvZGUgVmFsdWU9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDpzdGF0dXM6U3VjY2VzcyIvPjwvc2FtbDJwOlN0YXR1cz48c2FtbDI6QXNzZXJ0aW9uIElEPSJBc3NlcnRpb25fM2MxYzZlZGM1NWQ4ZDVhN2QzNmQ2NTkzMzlmMzgxNzBhOWU1Mzk0NiIgSXNzdWVJbnN0YW50PSIyMDEyLTA4LTMwVDA2OjIwOjIwLjM4OVoiIFZlcnNpb249IjIuMCIgeG1sbnM6c2FtbDI9InVybjpvYXNpczpuYW1lczp0YzpTQU1MOjIuMDphc3NlcnRpb24iIHhtbG5zOnhzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYSI+PHNhbWwyOklzc3Vlcj5uZXZpc0F1dGg8L3NhbWwyOklzc3Vlcj48ZHM6U2lnbmF0dXJlIHhtbG5zOmRzPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjIj4KPGRzOlNpZ25lZEluZm8+CjxkczpDYW5vbmljYWxpemF0aW9uTWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS8xMC94bWwtZXhjLWMxNG4jIi8+CjxkczpTaWduYXR1cmVNZXRob2QgQWxnb3JpdGhtPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwLzA5L3htbGRzaWcjcnNhLXNoYTEiLz4KPGRzOlJlZmVyZW5jZSBVUkk9IiNBc3NlcnRpb25fM2MxYzZlZGM1NWQ4ZDVhN2QzNmQ2NTkzMzlmMzgxNzBhOWU1Mzk0NiI+CjxkczpUcmFuc2Zvcm1zPgo8ZHM6VHJhbnNmb3JtIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI2VudmVsb3BlZC1zaWduYXR1cmUiLz4KPGRzOlRyYW5zZm9ybSBBbGdvcml0aG09Imh0dHA6Ly93d3cudzMub3JnLzIwMDEvMTAveG1sLWV4Yy1jMTRuIyI+PGVjOkluY2x1c2l2ZU5hbWVzcGFjZXMgUHJlZml4TGlzdD0ieHMiIHhtbG5zOmVjPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxLzEwL3htbC1leGMtYzE0biMiLz48L2RzOlRyYW5zZm9ybT4KPC9kczpUcmFuc2Zvcm1zPgo8ZHM6RGlnZXN0TWV0aG9kIEFsZ29yaXRobT0iaHR0cDovL3d3dy53My5vcmcvMjAwMC8wOS94bWxkc2lnI3NoYTEiLz4KPGRzOkRpZ2VzdFZhbHVlPnRvUzBGM3lxSjdPTXpUZmYzQ05oVFlvQ0x1Yz08L2RzOkRpZ2VzdFZhbHVlPgo8L2RzOlJlZmVyZW5jZT4KPC9kczpTaWduZWRJbmZvPgo8ZHM6U2lnbmF0dXJlVmFsdWU+ClNjTlJBc0cvY2loSFB2cVRPTHhOSkNOQUhjdVNoU0NCZDQ4UTNDK1ZieHQ3OHVoZDZNbHdVdDhuaDVJc1hJK2k4SldWRFJiMnJVMUYKcGxYeUdrcWRDYWRtcVB5bjRUb00wZ2tLRTF3R05wb1lLYkFtaGl5ZDZyai9yK2E0SEVmUUxvQmxxWTQ4TTBzZWRra1dlY0orcGE1NwppbUM3ekNzWlhWbWFSNzdvZEZPVVhsR1FwNFlpbnlBaExrbVk1QjlkNjVZSE91akh3UFhLTURaT3VwSlExMURIcFE3N1p1WjE5WjNWClRWK2ZkRzl1RThBUmpKYVZobnJSdWdETWVEOWNaYnRDbkRyRWdaeFYwanAvWHB2TTg3cTEwYXNuWFZMaDRwWlA5eCtGSkNQQis4MS8KV21PK2VwRVZSZU0rLy85WU1xdlNTaXBaTXJ1N1AxZGs5K3R3eHc9PQo8L2RzOlNpZ25hdHVyZVZhbHVlPgo8ZHM6S2V5SW5mbz48ZHM6WDUwOURhdGE+PGRzOlg1MDlDZXJ0aWZpY2F0ZT5NSUlERERDQ0FmU2dBd0lCQWdJR0FUY3dvTzBVTUEwR0NTcUdTSWIzRFFFQkJRVUFNRll4Q3pBSkJnTlZCQVlUQW1Ob01SUXdFZ1lEClZRUUtEQXRVY21sMllXUnBjeUJCUnpFeE1DOEdBMVVFQXd3b2RISnBkbUZrYVhNZ1EwRWdLR3hqYlRBeE1ERXVZMnh2ZFdRdWRISnAKZG1Ga2FYTXVZMjl0S1RBZUZ3MHhNakExTURrd09EQTBNelphRncweU1qQTFNRGt3T0RBME5ERmFNRGd4Q3pBSkJnTlZCQVlUQW1ObwpNUlF3RWdZRFZRUUtEQXRVY21sMllXUnBjeUJCUnpFVE1CRUdBMVVFQXd3S1lYVjBhRk5wWjI1bGNqQ0NBU0l3RFFZSktvWklodmNOCkFRRUJCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFKbWhjRTVWQ0JjVXNwTFVaa1JkRkxETFk2VFBjR3JmbUJmSkVFblVCUXF5MTZ5UG5LZmIKRVNFWjEzQnFCSVNKcEQ0aEpFRWJXZTFvY1hUSWJTSTNRaVE0Z1huMzdraXYwVmZkZmdmcGRDeW9zazIwbmRsWEsxbnFQcmdrREQzNwpSU0h5YXhYWW1QOExEWDF0UHNzbTJPT3lBdWtVcXgxVnJtRDc3SGttMHBuVGxKWWhlODVGZndiQnpQaGtJM3pWa0lZYmF5eHh2QkQrCldURjRZa0pQeUNRQmxxRUZGQ0I3enpsVUhRTzBTZngyK0Q0b3MyVSthbThjTHkvUUNQT2F0N0prQkZ0TXJOME5ZbWpOaEFBNWkyYkMKWHNnWldGNXM4bmZTU0Y4R0JYVWdTcXJyMVdKaHg2YVJ0V2xJcUl2ZFpGSStYbmttRHhiNjNtUDBDdVRmMnUwQ0F3RUFBVEFOQmdrcQpoa2lHOXcwQkFRVUZBQU9DQVFFQWF2YXdzMkFJM0NrZzhwclYrcFVOSGxlanV1aE5ZbEFlZGVFaUs3Z09jb29ScjEvV0N6cDA4cFdjCmE5ZThQWEhGTGJPeHJYMUNyeXA1bW9Xc3ZwRXFQMkhVbFZqK3d3ZWtnZERXVzFzaTdYZWI5YURyTmFvSnJQelp6ZzNvK2ZmaXRMM1EKeWYvRTcwemllZTladG5ZQk1Zc1ZIbituWHJzZlVsYVdjMzdYQzNPaWZtajc1WGYrZ0J0MmM1RUJLay8yV1cwaXlEZTJhQVpubisyNwpKTkU2bGE5SHVqWWlWS3pzMUpzRm5lNWJwT1dJZDZ5MW8rUnZSOVpsb1hSMjVMM2tMekd1ajBlRzdjaTE1eXBjY1o1NDlZaTdHRlhPClJxZTlKVnZPZERGcllCQnpEaHE4TWlEZG1aemVZbFEzS3NNNlU1SjE5ODVDRXJLa0NpNUdUTm9yanc9PTwvZHM6WDUwOUNlcnRpZmljYXRlPjwvZHM6WDUwOURhdGE+PC9kczpLZXlJbmZvPjwvZHM6U2lnbmF0dXJlPjxzYW1sMjpTdWJqZWN0PjxzYW1sMjpOYW1lSUQ+MTAyPC9zYW1sMjpOYW1lSUQ+PC9zYW1sMjpTdWJqZWN0PjxzYW1sMjpDb25kaXRpb25zIE5vdEJlZm9yZT0iMjAxMi0wOC0zMFQwNjoyMDoyMC4zODlaIiBOb3RPbk9yQWZ0ZXI9IjIwMTItMDgtMzBUMDY6MjU6MjAuMzg5WiIvPjxzYW1sMjpBdXRoblN0YXRlbWVudCBBdXRobkluc3RhbnQ9IjIwMTItMDgtMzBUMDY6MjA6MjAuMzg5WiI+PHNhbWwyOkF1dGhuQ29udGV4dD48c2FtbDI6QXV0aG5Db250ZXh0Q2xhc3NSZWY+dXJuOm9hc2lzOm5hbWVzOnRjOlNBTUw6Mi4wOmFjOmNsYXNzZXM6UGFzc3dvcmRQcm90ZWN0ZWRUcmFuc3BvcnQ8L3NhbWwyOkF1dGhuQ29udGV4dENsYXNzUmVmPjwvc2FtbDI6QXV0aG5Db250ZXh0Pjwvc2FtbDI6QXV0aG5TdGF0ZW1lbnQ+PHNhbWwyOkF0dHJpYnV0ZVN0YXRlbWVudD48c2FtbDI6QXR0cmlidXRlIE5hbWU9ImNsaWVudElkIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyI+MTAwPC9zYW1sMjpBdHRyaWJ1dGVWYWx1ZT48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIE5hbWU9InJvbGVzIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyIvPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0ic2Vzc2lkIj48c2FtbDI6QXR0cmlidXRlVmFsdWUgeG1sbnM6eHNpPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNjaGVtYS1pbnN0YW5jZSIgeHNpOnR5cGU9InhzOnN0cmluZyIvPjwvc2FtbDI6QXR0cmlidXRlPjxzYW1sMjpBdHRyaWJ1dGUgTmFtZT0ibG9naW5JZCI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciLz48L3NhbWwyOkF0dHJpYnV0ZT48c2FtbDI6QXR0cmlidXRlIE5hbWU9InByb2ZpbGVJZCI+PHNhbWwyOkF0dHJpYnV0ZVZhbHVlIHhtbG5zOnhzaT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEtaW5zdGFuY2UiIHhzaTp0eXBlPSJ4czpzdHJpbmciPjEwMjwvc2FtbDI6QXR0cmlidXRlVmFsdWU+PC9zYW1sMjpBdHRyaWJ1dGU+PC9zYW1sMjpBdHRyaWJ1dGVTdGF0ZW1lbnQ+PC9zYW1sMjpBc3NlcnRpb24+PC9zYW1sMnA6UmVzcG9uc2U+
  Is the security filtered ?
  Thanks
  Yves

  Hi Sura,
  The number of thread-count configured in your proxy-scheme is the number of concurrent client request that you proxy servers can handle. Ideally your (thread-count * proxy servers) = (clients * max requests). Also, you need to check that the byte/message backlog on the proxy servers is close to zero.
  Hope this helps!
  Cheers,
  NJ

• Detecting validation errors during accept processing

  I have a page with the following accept processing components
  1. Process - On Submit - Before computations and validations
  2. A validation
  3. Process - On Submit - After computations and validations
  When the page is first submitted, (1) runs fine. (2) runs and the validation fails so (3) doesn't run.
  Now when I re-submit the page, I would like (1) to NOT run.
  Is there a way to detect that the page is being re-submitted as a result of validation errors and hence suppress certain after-submit components from executing?
  [As far as I know, the "Inline validation errors" declarative condition and the g_inline_validation_error_cnt variable only apply during the page rendering phase, so they can't be used here]
  Thanks

  Hello Vikas,
  In version 3.0 you can use a hidden item as a flag, and set this flag with a on load procedure (and NOT computation). The first procedure will be conditioned by "Inline Validation Errors Displayed" and the second one with "NO Inline Validation Errors Displayed". Then you can condition your after submit processes with this flag.
  >>As far as I know, the "Inline validation errors" declarative condition and the g_inline_validation_error_cnt variable only apply during the page rendering phase, so they can't be used here
  A little test on my local instance confirm this.
  Regards,
  Arie.

• Movement type error for Service Processes

  Hi All,
  We are working on service scenario with CRM5.0 and R/34.6c.
  The problem that we face is as follows,
  Whenever we make a service confirmation with products with item cat group BANC the movement type is correctly determined as 261 but whenever our service confirmation contains the products with item category NORM, the R/3 system returns the error that the movement type 291 is not found for the business area.
  Regards
  Rekha Dadwal

  The error was due to the material type. We changed the material type and now it works fine

• Validation Errors with new Install of W7 x64 Ent Debug Checker On New Equipment

  I am receiving multiple Errors. I am trying to use the Windows 7 x64 Enterprise which happens to be the Debug Checker version OS as the host machine.  I have only built the machine, and tried to load the Drivers.
  I say this due to the starting issue that upon the loading of the entire driver set, (for the MB, Seagate Harddrive, and Vid Card), I would get the BSOD.  I identified that the Bluetooth driver was the issue.  I then did not load the Bluetooth
  drivers for the MB on the 5^th or so install of the 7 Ent os.  (Tried Server 2k8 r2. Which is not compatible with the MB Drivers.)
  I have not received a single Update either.  The Auto update feature claims that I am up to date.  I do not believe this due to the fact that any fresh Install of any OS has about several decades of updates and reboots to go through.
  Upon trying the suggestions on the forum about turning off the IE Addons, the errors remain.  Also the results of the sfc /scannow are copied below.
  My Questions
  I am seeking assistance on solving the Errors that have refused to leave me alone , to put it humorously and am asking for your insight and wisdom.  Will you take a look??
  Do I need to go to Win 7 Ent or Ult x64 that is not a Debug Checker version.
  Are there other Microsoft download Registery file checkers besides the MGA Diag tool that are freeware that I can use to check, for corrupted registry files.
  Or do I just need to take it to the stores (Fry’s and Microcenter) that recommended the equipment and have them just reload the software and allow them the headache of solving the error issue, by paying them to install the drivers and have ALL of the
  drivers work. (including the blue tooth)
  The Goal is to turn it into a Active Directory Server using Virtual Box with Server 2k8 R2 running in the virtual box environment.
  Errors and Results.
  There are also a number of logs that show various Crit, Error, and Warning logs.  I will include those if need be.
  This is the majority of the error messages, and I have missed the opportunity to capture others.
  Internet explorer encountered Validation errors:
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : mshtml.dll
  iii.     
  Assert offset: 0000000000B221DB
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : comctl32.dl
  iii.     
  Assert offset: 00133A2A
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : mshtml.dll
  iii.     
  Assert offset: 008BE823
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : mshtml.dll
  iii.     
  Assert offset: 0040F9E8
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : iertutil.dll
  iii.     
  Assert offset: 001DEC51
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : KERNELBASE.dll
  iii.     
  Assert offset: 00014159
  Validation Error
  i.     
  Process Name: iexplorer.exe
  ii.     
  Module Name : mshtml.dll
  iii.     
  Assert offset: 0000000000B221DB
  Microsoft Management Console Encountered a Validation Error
  Validation Error
  i.     
  Process Name: mmc.exe
  ii.     
  Module Name : ieframe.dll
  iii.     
  Assert offset: 00000000006C9283
  Scripted Diagnostics Native Hot encountered a Validation Error
  Validation Error
  i.     
  Process Name: sdiagnhost.exe
  ii.     
  Module Name : urlmon.dll
  iii.     
  Assert offset: 00000000001A0A73
  Validation Error
  i.     
  Process Name: sdiagnhost.exe
  ii.     
  Module Name : KERNELBASE.dll
  iii.     
  Assert offset: 0000000000017f32
  Windows System Assessment Tool encountered a validation error
  Validation Error
  i.     
  Process Name: winsat.exe
  ii.     
  Module Name : KERNELBASE.dll
  iii.     
  Assert offset: 0000000000017F32
  Windows Explorer Encountered a validation Error
  Validation Error
  i.     
  Process Name: Explored.exe
  ii.     
  Module Name : thumbcache.dll
  iii.     
  Assert offset: 00000000000300BE
  AI Suite 2 encountered a validation error
  Validation Error
  i.     
  Process Name: AI Suite 2.exe
  ii.     
  Module Name : ntdll.dll
  iii.     
  Assert offset: 000686BD
  the number “2” is the substitutedfor the roman numeral 2
  I believe that this is part of the MB Suite.
  My the environment is a new equipment, and Downloaded student software. Windows 7 Enterprise SPK 1 Debug Checker, Valid Key with the software download.  Activated on 8-12-2012
  Motherboard: Asus p9x79 Deluxe, Part number: 90-mibh50-g0aay0kz
  Chip Set: bx80619i73930k
  2x Memory: cmx16gx3m2a1600c11 Corsair
  Video Card: Diamond R7870 2GB DD OC 2xDVI/HDMI/2xDisplayport memory Clock 1250 MHz
  Hard Drive: 9jb1n3-574 (leave the last two didgets off when searching in the browser) This is a Seagate 2TB
  Generic optic drive: SH-222bb/bebe Samsung
  Here is the Microsoft Fix It error code
  Assertion Failed!
  Program:…
  File: d:\w7rtm\ds\security\cryptoapi\pki\...\newstor.cpp
  Line: 2131
  Expression: pStore->dwState = = STORE_STATE_OPEN || pStore->dwState = = STORE_STATE_OPENING || pStore->dwState = = STORE_STATE_DEFER_CLOSING || pStore->dwState = = STORE_STATE_NULL
  For information on how your program can cause an assertion failure, see the Visual C++ documentation on asserts
  (Press Retry to debug the application – JIT must be enabled)
                  Abort    Retry     Ignore
  Abort
  Closes the program
  Retry
  Repeats the error
  Verbatim
  Ignore
  Closes the program
  Nothing happens
  Here is the Microsoft Genuine Advantage Diagnostic Report
  Diagnostic Report (1.9.0027.0):
  Windows Validation Data-->
  Validation Code: 0
  Cached Online Validation Code: N/A, hr = 0xc004f012
  Windows Product Key: *****-*****-*****-*****-8C7YB
  Windows Product Key Hash: cezvXJ2/mUhIEFxJfWkZ3IN8EQQ=
  Windows Product ID: 55041-146-2397786-86942
  Windows Product ID Type: 6
  Windows License Type: Volume MAK
  Windows OS version: 6.1.7601.2.00010100.1.0.004
  ID: {EBD85729-DBBB-479F-AB15-EBC0DDE0CC28}(1)
  Is Admin: Yes
  TestCab: 0x0
  LegitcheckControl ActiveX: N/A, hr = 0x80070002
  Signed By: N/A, hr = 0x80070002
  Product Name: Windows 7 Enterprise
  Architecture: 0x00000009
  Build lab: 7601.win7sp1_rtm.101119-1850
  TTS Error:
  Validation Diagnostic:
  Resolution Status: N/A
  Vista WgaER Data-->
  ThreatID(s): N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  Windows XP Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  File Exists: No
  Version: N/A, hr = 0x80070002
  WgaTray.exe Signed By: N/A, hr = 0x80070002
  WgaLogon.dll Signed By: N/A, hr = 0x80070002
  OGA Notifications Data-->
  Cached Result: N/A, hr = 0x80070002
  Version: N/A, hr = 0x80070002
  OGAExec.exe Signed By: N/A, hr = 0x80070002
  OGAAddin.dll Signed By: N/A, hr = 0x80070002
  OGA Data-->
  Office Status: 109 N/A
  OGA Version: N/A, 0x80070002
  Signed By: N/A, hr = 0x80070002
  Office Diagnostics: 025D1FF3-364-80041010_025D1FF3-229-80041010_025D1FF3-230-1_025D1FF3-517-80040154_025D1FF3-237-80040154_025D1FF3-238-2_025D1FF3-244-80070002_025D1FF3-258-3
  Browser Data-->
  Proxy settings: N/A
  User Agent: Mozilla/4.0 (compatible; MSIE 8.0; Win32)
  Default Browser: c:\Program Files (x86)\Internet Explorer\iexplore.exe
  Download signed ActiveX controls: Prompt
  Download unsigned ActiveX controls: Disabled
  Run ActiveX controls and plug-ins: Allowed
  Initialize and script ActiveX controls not marked as safe: Disabled
  Allow scripting of Internet Explorer Webbrowser control: Disabled
  Active scripting: Allowed
  Script ActiveX controls marked as safe for scripting: Allowed
  File Scan Data-->
  File Mismatch: C:\Windows\system32\wat\watadminsvc.exe[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\npwatweb.dll[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\watux.exe[Hr = 0x80070003]
  File Mismatch: C:\Windows\system32\wat\watweb.dll[Hr = 0x80070003]
  Other data-->
  Office Details: <GenuineResults><MachineData><UGUID>{EBD85729-DBBB-479F-AB15-EBC0DDE0CC28}</UGUID><Version>1.9.0027.0</Version><OS>6.1.7601.2.00010100.1.0.004</OS><Architecture>x64</Architecture><PKey>*****-*****-*****-*****-BBBBB</PKey><PID>55041-146-2397786-86942</PID><PIDType>6</PIDType><SID>S-1-5-21-4234423899-2489109333-1931045272</SID><SYSTEM><Manufacturer>System
  manufacturer</Manufacturer><Model>System Product Name</Model></SYSTEM><BIOS><Manufacturer>American Megatrends Inc.</Manufacturer><Version>1103</Version><SMBIOSVersion major="2" minor="7"/><Date>20120409000000.000000+000</Date></BIOS><HWID>CFBA3607018400F2</HWID><UserLCID>0409</UserLCID><SystemLCID>0409</SystemLCID><TimeZone>Pacific
  Standard Time(GMT-08:00)</TimeZone><iJoin>0</iJoin><SBID><stat>3</stat><msppid></msppid><name></name><model></model></SBID><OEM/><GANotification/></MachineData><Software><Office><Result>109</Result><Products/><Applications/></Office></Software></GenuineResults> 
  Spsys.log Content: 0x80070002
  Licensing Data-->
  Software licensing service version: 6.1.7601.17514
  Name: Windows(R) 7, Enterprise edition
  Description: Windows Operating System - Windows(R) 7, VOLUME_MAK channel
  Activation ID: 9abf5984-9c16-46f2-ad1e-7fe15931a8dd
  Application ID: 55c92734-d682-4d71-983e-d6ec3f16059f
  Extended PID: 55041-00172-146-239778-03-1033-7601.0000-2252012
  Installation ID: 000792957432055771547065313840421702569731971164600080
  Processor Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88338
  Machine Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88339
  Use License URL: http://go.microsoft.com/fwlink/?LinkID=88341
  Product Key Certificate URL: http://go.microsoft.com/fwlink/?LinkID=88340
  Partial Product Key: 8C7YB
  License Status: Licensed
  Remaining Windows rearm count: 5
  Trusted time: 8/12/2012 5:47:25 PM
  Windows Activation Technologies-->
  HrOffline: 0x00000000
  HrOnline: N/A
  HealthStatus: 0x0000000000000000
  Event Time Stamp: N/A
  ActiveX: Not Registered - 0x80040154
  Admin Service: Not Registered - 0x80040154
  HealthStatus Bitmask Output:
  HWID Data-->
  HWID Hash Current: OAAAAAEAAgABAAEAAgACAAAABAABAAEAHKJu3XDSdMRkx4ieoGkwung0ipvkrmTRDIsORc6qNCE=
  OEM Activation 1.0 Data-->
  N/A
  OEM Activation 2.0 Data-->
  BIOS valid for OA 2.0: yes, but no SLIC table
  Windows marker version: N/A
  OEMID and OEMTableID Consistent: N/A
  BIOS Information:
    ACPI Table Name           OEMID Value     OEMTableID Value
    APIC                                    ALASKA                               
  A M I
    FACP                                   ALASKA                               
  A M I
    HPET                                    ALASKA                               
  A M I
    MCFG                                 ALASKA                               
  OEMMCFG.
    SSDT                                    AMICPU                              
  PROC
  Scan Now Results
  Microsoft Windows [Version 6.1.7601]
  Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
  C:\Windows\system32>sfc /scannow
  Beginning system scan.  This process will take some time.
  Beginning verification phase of system scan.
  Verification 100% complete.
  Windows Resource Protection did not find any integrity violations.
  C:\Windows\system32>

  Thank you for your valuable time.
  I have performed the Chkdsk and the memory Diagnostic tool as per the suggestions.
  The Memory Tool did not find anything amiss.
  As per another thread I am going to try flashing the bios as well with the updates.
  Following are the Chkdsk results.
  Are there any other suggestions?
  Chkdsk Results
  Checking file system on C:
  The type of the file system is NTFS.
  A disk check has been scheduled.
  Windows will now check the disk.                        
  CHKDSK is verifying files (stage 1 of 5)...
    89600 file records processed.                               
            File verification completed.
    221 large file records processed.                                     
  0 bad file records processed.                                       
  1596 EA records processed.                                             
  44 reparse records processed.                                      
  CHKDSK is verifying indexes (stage 2 of 5)...
    131874 index entries processed.                                        
  Index verification completed.
    0 unindexed files scanned.                                           0
  unindexed files recovered.                                       CHKDSK
  is verifying security descriptors (stage 3 of 5)...
    89600 file SDs/SIDs processed.                                        
  Cleaning up 36 unused index entries from index $SII of file 0x9.
  Cleaning up 36 unused index entries from index $SDH of file 0x9.
  Cleaning up 36 unused security descriptors.
  Security descriptor verification completed.
    21138 data files processed.                                           
  CHKDSK is verifying Usn Journal...
    36120296 USN bytes processed.                                            
  Usn Journal verification completed.
  CHKDSK is verifying file data (stage 4 of 5)...
    89584 files processed.                                                
  File data verification completed.
  CHKDSK is verifying free space (stage 5 of 5)...
    476262075 free clusters processed.                                        
  Free space verification is complete.
  Windows has checked the file system and found no problems.
  1953410047 KB total disk space.
    48065140 KB in 61610 files.
       43468 KB in 21139 indexes.
           0 KB in bad sectors.
      253139 KB in use by the system.
       65536 KB occupied by the log file.
  1905048300 KB available on disk.
        4096 bytes in each allocation unit.
   488352511 total allocation units on disk.
   476262075 allocation units available on disk.
  Internal Info:
  00 5e 01 00 ef 42 01 00 ef 95 02 00 00 00 00 00  .^...B..........
  e3 00 00 00 2c 00 00 00 00 00 00 00 00 00 00 00  ....,...........
  6d 00 75 00 69 00 00 00 00 00 00 00 00 00 00 00  m.u.i...........
  Windows has finished checking your disk.
  Please wait while your computer restarts.

• OSB 10gR3 - Process WS-Security flag not working with PasswordDigest

  Hi,
  By Oracle documentation when you set the "process ws-security header" in security section of a proxy service, the proxy service act as an active intermediary and consume the ws-security header received in inbound messages. This feature works fine when you call the proxy service using WS-Security Username Token Profile PasswordText, but when you send Username Token with PasswordDigest I got the following error: +"weblogic.xml.crypto.wss.WSSecurityException: Unable to validate identity assertions"+
  I am using SoapUi to call the proxy with passwordDigest, WSS-Password Type option set to PasswordDigest.
  Proxy configured with:
  General tab -> WSDL based proxy service, this wsdl doesn't have ws-policy definitions inside.
  Transport tab -> Get all headers = Yes
  HTTP Transport tab -> HTTPS Required = No / Authentication = Basic
  Operation tab -> Enforce WS-I Compliance = not checked / Selection Algorithm = SOAP Body Type
  Message Content tab -> default settings
  Policy -> Added Auth.xml(predefined) policy to request policies.
  Security tab -> Process WS-Security header = Yes / Custom Authentication settings = none
  Error --->
  +<01/12/2009 09h34min55s BRST> <Error> <OSB Security> <BEA-387022> <An error ocurred during web service security inbound request processing [error-code: Fault, message-id: 6198860737666014185--de42214.12549f82d66.-7fdb, proxy: AlphaTests/MyProxy/Proxy/MyLogProxy, operation: null]+
  --- Error message:
  +<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>wsse:InvalidSecurity</faultcode>*<faultstring>Unable to validate identity assertions.</faultstring>*</env:Fault></env:Body></env:Envelope>+
  weblogic.xml.crypto.wss.WSSecurityException: Unable to validate identity assertions.
  +     at weblogic.wsee.security.wss.SecurityPolicyValidator.processIdentity(SecurityPolicyValidator.java:133)+
  +     at weblogic.wsee.security.wss.SecurityPolicyValidator.processInbound(SecurityPolicyValidator.java:77)+
  +     at weblogic.wsee.security.WssServerPolicyHandler.processInbound(WssServerPolicyHandler.java:54)+
  +     at weblogic.wsee.security.WssServerPolicyHandler.processRequest(WssServerPolicyHandler.java:30)+
  +     at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:74)+
  +     at com.bea.wli.sb.security.wss.WssInboundHandler.processRequest(WssInboundHandler.java:155)+
  +     at com.bea.wli.sb.security.wss.WssHandlerImpl.doInboundRequest(WssHandlerImpl.java:201)+
  +     at com.bea.wli.sb.context.BindingLayerImpl.addRequest(BindingLayerImpl.java:257)+
  +     at com.bea.wli.sb.pipeline.MessageProcessor.processRequest(MessageProcessor.java:66)+
  +     at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:508)+
  +     at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:506)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)+
  +     at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:505)+
  +     at com.bea.wli.sb.transports.TransportManagerImpl.receiveMessage(TransportManagerImpl.java:371)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper$1.run(HttpTransportServlet.java:279)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper$1.run(HttpTransportServlet.java:277)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper.securedInvoke(HttpTransportServlet.java:276)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet$RequestHelper.service(HttpTransportServlet.java:237)+
  +     at com.bea.wli.sb.transports.http.HttpTransportServlet.service(HttpTransportServlet.java:133)+
  +     at weblogic.servlet.FutureResponseServlet.service(FutureResponseServlet.java:24)+
  +     at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)+
  +     at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)+
  +     at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)+
  +     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)+
  +     at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:175)+
  +     at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3498)+
  +     at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)+
  +     at weblogic.security.service.SecurityManager.runAs(Unknown Source)+
  +     at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2180)+
  +     at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2086)+
  +     at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1406)+
  +     at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)+
  +     at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)+

  Eduardo,
  Yes, but the flag "Process WS-Security header" needs to be set to 'No' and I included a delete node to remove the wsse:Security element from header. Attaching Auth.xml predefined policy to my request operation, causes OSB to include the policy directive in my WSDL, but the PasswordText(see below).
  In Oracle security guide we have steps to configure PasswordDigest in the Oracle Service Bus Security Configuration using the WLS Console http://download.oracle.com/docs/cd/E13159_01/osb/docs10gr3/security/model.html#wp1062542
  My doubt is: Is this a bug? "Process WS-Security header" flag is supposed to work with PasswordDigest?
  My WSDL with WS-Policy statements after Auth.xml policy was configured.
  <?xml version="1.0" encoding="UTF-8"?>
  <s2:definitions targetNamespace="http://alpha.tests.org" xmlns:s0="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:s1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:s2="http://schemas.xmlsoap.org/wsdl/" xmlns:s3="http://alpha.tests.org" xmlns:s4="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
  <s0:Policy s1:Id="encrypt-custom-body-element-and-username-token">
  <wssp:Identity xmlns:wssp="http://www.bea.com/wls90/security/policy">
  <wssp:SupportedTokens>
  <wssp:SecurityToken TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
  <wssp:UsePassword Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"/>
  </wssp:SecurityToken>
  </wssp:SupportedTokens>
  </wssp:Identity>
  </s0:Policy>
  <wsp:UsingPolicy s2:Required="true"/>
  <s2:types>
  <xsd:schema elementFormDefault="qualified" targetNamespace="http://alpha.tests.org" xmlns="http://www.w3.org/2001/XMLSchema" xmlns:impl="http://alpha.tests.org" xmlns:s0="http://schemas.xmlsoap.org/wsdl/" xmlns:s1="http://alpha.tests.org" xmlns:s2="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <xsd:element name="EchoRequest">
  <xsd:complexType>
  <xsd:sequence>
  <xsd:element name="send" type="xsd:string"/>
  </xsd:sequence>
  </xsd:complexType>
  </xsd:element>
  <xsd:element name="EchoResponse">
  <xsd:complexType>
  <xsd:sequence>
  <xsd:element name="response" type="xsd:string"/>
  </xsd:sequence>
  </xsd:complexType>
  </xsd:element>
  </xsd:schema>
  </s2:types>
  <s2:message name="echoRequest">
  <s2:part element="s3:EchoRequest" name="echoPartReq"/>
  </s2:message>
  <s2:message name="echoResponse">
  <s2:part element="s3:EchoResponse" name="echoPartResp"/>
  </s2:message>
  <s2:portType name="MyAlphaPort">
  <s2:operation name="echo">
  <s2:input message="s3:echoRequest" name="echoRequest"/>
  <s2:output message="s3:echoResponse" name="echoResponse"/>
  </s2:operation>
  </s2:portType>
  <s2:binding name="MyAlphaBinding" type="s3:MyAlphaPort">
  <s4:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
  <s2:operation name="echo">
  <s2:input name="echoRequest">
  <s4:body use="literal"/>
  <wsp:Policy>
  <wsp:PolicyReference URI="#encrypt-custom-body-element-and-username-token"/>
  </wsp:Policy>
  </s2:input>
  <s2:output name="echoResponse">
  <s4:body use="literal"/>
  </s2:output>
  </s2:operation>
  </s2:binding>
  <s2:service name="MyAlphaBindingQSService">
  <s2:port binding="s3:MyAlphaBinding" name="MyAlphaBindingQSPort">
  <s4:address location="http://CLXSP0272:7001/MyAlphaService"/>
  </s2:port>
  </s2:service>
  </s2:definitions>

• Saml authentication error-cross domains

  Hi,
  I am trying to setup the SAML 1.1 authentication with OWSM Policy for my SOA composite. The Web Service contains a simple hello operation which is called by an external client also BPEL service. The SOA service is just an SAML assertion consumer. I have already configured the OWSM through the Enterprise Manager and the policy for the Proxy Service:
  1. Security/Security Provider Configuration/ Web Services Manager Authentication Providers section - I configured a custom keystore with private key and required trusted certificates. The saml.loginmodule is configured with sufficient control flag, valid issuer vaue and to allow virtual users (property oracle.security.jps.assert.saml.identity=true)
  2. Custom OWSM policy was created. It is based on the built-in wss11_saml_token_with_message_protection_service_policy.
  3. Web Services/Platform Policy COnfiguration/Trusted STS Servers and Trusted SAML Clients configuration contains the Issuer of my SAML Issuer.
  Now I am calling the hello service with an external client. The request meets the security policy. It contains a valid, signed SAML assertion (with sender-vouches subject confirmation method), a valid timestamp is attached in the security header and the body is encrypted with the required method. On the server, I am getting the following exception during the SAML assertion validation:
  Unable to invoke endpoint URI "http://172.17.30.192:8001/soa-infra/services/default/SAMLSCAApplication!1.0*soa_a95b5561-3c2e-4339-a301-ec79172914ad/bpelprocess1_client_ep" successfully due to: oracle.fabric.common.PolicyEnforcementException: access denied (oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=oracle.wsm.security,keyName=keystore-csf-key read)
  Can you please help me?
  Regards,
  Bharat

  Hi,
  I am trying to setup the SAML 1.1 authentication with OWSM Policy for my SOA composite. The Web Service contains a simple hello operation which is called by an external client also BPEL service. The SOA service is just an SAML assertion consumer. I have already configured the OWSM through the Enterprise Manager and the policy for the Proxy Service:
  1. Security/Security Provider Configuration/ Web Services Manager Authentication Providers section - I configured a custom keystore with private key and required trusted certificates. The saml.loginmodule is configured with sufficient control flag, valid issuer vaue and to allow virtual users (property oracle.security.jps.assert.saml.identity=true)
  2. Custom OWSM policy was created. It is based on the built-in wss11_saml_token_with_message_protection_service_policy.
  3. Web Services/Platform Policy COnfiguration/Trusted STS Servers and Trusted SAML Clients configuration contains the Issuer of my SAML Issuer.
  Now I am calling the hello service with an external client. The request meets the security policy. It contains a valid, signed SAML assertion (with sender-vouches subject confirmation method), a valid timestamp is attached in the security header and the body is encrypted with the required method. On the server, I am getting the following exception during the SAML assertion validation:
  Unable to invoke endpoint URI "http://172.17.30.192:8001/soa-infra/services/default/SAMLSCAApplication!1.0*soa_a95b5561-3c2e-4339-a301-ec79172914ad/bpelprocess1_client_ep" successfully due to: oracle.fabric.common.PolicyEnforcementException: access denied (oracle.security.jps.service.credstore.CredentialAccessPermission context=SYSTEM,mapName=oracle.wsm.security,keyName=keystore-csf-key read)
  Can you please help me?
  Regards,
  Bharat

• External Client Error - /groupexpansion/service.svc/WebTicket_Bearer

  When users login to the Lync 2013 client from outside the network, it begins continually uploading a heap of data. A fiddler check shows an error, which appears dozens of times after just of few minutes of being connected.
  It returns a HTTP/1.1 500 Internal Server Error on https://lync.contoso.com/groupexpansion/service.svc/WebTicket_Bearer
  The WebView panel shows:
  http://www.w3.org/2005/08/addressing/soap/faulturn:uuid:6ac390a9-bb40-4375-8662-06622f0fb66e<faultcode xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurityToken</faultcode><faultstring
  xml:lang="en-AU">An error occurred when processing the security tokens in the message.</faultstring>
  Any help would be appreciated :)<faultstring xml:lang="en-AU"></faultstring>

  Hi,
  It may be a certificate issue for Edge server, you can first to check the SAN of certificate on Edge server with the help of the link below:
  http://technet.microsoft.com/en-us/library/gg398519.aspx
  Also, please try to restart Lync server to test the issue again.
  Best Regards,
  Eason Huang
  Eason Huang
  TechNet Community Support

• Osb proxy service with owsm policy auth slow when soap request very large

  I have a proxy service which is security with owsm policy: oracle/wss_username_token_service_policy, the proxy service simply route to Business Service which directly invoke a bpel exposed web service, when I call the proxy service with soap envelope large than 15MB(not attachment), waiting about 4~5 minutes, the bpel instance created ; but when I remove the security policy:oracle/wss_username_token_service_policy, it will cost only 20 seconds, why authentication cost so long? How can I deal with the problem?
  My English is poor, please don't mind!
  besides, with my OSB version is 11.1.1.6.0

  I finally figured it out. The nullpointer exception is related to the SAML assertion. The SAML assertion in my requests is signed with embedded signature and this seems to be not supported with the used OWSM policy. Without the signature is the exception gone.
  Marian

• OWSM Custom Assertion for OSB RESTful Proxy Service

  Hello,
  I have implemented a Custom OWSM Assertion to authenticate requests with a custom token placed in a HTTP header. I can assign this assertion to a SOAP proxy service as a security policy. However I am not able to assign the very same policy to a Restful JSON service (Proxy service defined as messaging service with text message type). I am getting this error:
  [OSB Kernel:398128]One of the Web service policy attached is not allowed on service default/RESTful because the service binding does not support it
  My policy:
  <wsp:Policy xmlns="http://schemas.xmlsoap.org/ws/2004/09/policy"
      xmlns:custom="http://custom"
      orawsp:status="enabled"
      xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" orawsp:category="security"
      orawsp:attachTo="binding.server" wsu:Id="http_customtoken_authentication_policy"
      xmlns:orawsp="http://schemas.oracle.com/ws/2006/01/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
      wsp:Name="custom/http_customtoken_authentication_policy">
      <custom:customTokenHttpAuthentication
          orawsp:Silent="true" orawsp:Enforced="true"
          orawsp:name="Http custom token Authentication" orawsp:category="security/authentication" >
          <orawsp:bindings>
              <orawsp:Config orawsp:name="authenticationassertion"
                  orawsp:configType="declarative">
                  <orawsp:PropertySet orawsp:name="headerName">
                      <orawsp:Property orawsp:name="headerName"
                          orawsp:type="string" orawsp:contentType="constant">
                          <orawsp:Value>CustomToke</orawsp:Value>
                      </orawsp:Property>
                  </orawsp:PropertySet>
              </orawsp:Config>
          </orawsp:bindings>
      </custom:customTokenHttpAuthentication>
  </wsp:Policy>
  My OSB version is OSB 11g PS6 and in this version, OWSM policies are supported for Restful services. Interesting is, that the built-in policy oracle/http_basic_auth_over_ssl_service_policy can be assigned to my Restful service. Do you know a solution for the problem, how can I assign my custom assertion to the Restful service? Anything special is needed in the policy definition?
  Thanks.
  Marian

  Hi Vinoth,
  The users/groups are picked up from the LDAP configured in Security Realms->myRealm->Providers
  You basically have 2 options:
  - You can configure your LDAP in Providers
  - Use the DefaultAuthenticator that weblogic provides you by default.
  If you do not want to configure an LDAP, and want to use weblogic's default, then all you have to do is add users and groups in Security Realms->myRealm->Users and Groups
  Do mark this as useful or answered, if this has helped.

• Validation error in BDC

  Hi friends,
  I am doing a BDC for F-03 and everything is working fine except when the the BDC is executed at background mode i.e N.
  It is working good at A and E but it gives a custom validation error at background processing.
  I am searching SDN since yesterday and found this is caused by S and W messages but i have diffused then but then too the error is encountered.
  No idea why my PROFIT CENTER value is not populated at BACKGROUND mode.
  Any ideas?
  Please help.
  Thanks much.

  Hi Park,
  If you have GUI objects like pop-up screens, etc it will not work. Check out these links for more information.
  Re: Docking container could not be created - while running batch job
  Re: Multiple OO ALV Container - Background Execution
  Thanks and Best Regards,
  Dinesh.