Secure Web.Show_Document with forms10.1.2.3 under vista Need authentication

Similar Messages

• Problems with Secure web.show_document! Nimphius Help!!

  In my application, every report node in the menu calls a form which loads the parameters for the report. Ive read the secure web.show_document whitepaper, and i've done everything on the white paper and everytime I try to open the form that invokes the java bean "USERID_BEAN" the form crashes the application.
  Since no errors can be found on a application crash, I tried to compile it in forms and run it as a stand alone form. This is the error I get.
  <img src="http://img143.imageshack.us/img143/5229/pickak8.jpg">
  The class path in the reg is intact... here is the entry
  FORMS_BUILDER_CLASSPATH:
  C:\Oracle\10gDS\forms\java\frmbld.jar;C:\Oracle\10gDS\jlib\importer.jar;C:\Oracle\10gDS\jlib\debugger.jar;C:\Oracle\10gDS\jlib\utj.jar;C:\Oracle\10gDS\jlib\dfc.jar;C:\Oracle\10gDS\jlib\help4.jar;C:\Oracle\10gDS\jlib\oracle_ice.jar;C:\Oracle\10gDS\jlib\jewt4.jar;C:\Oracle\10gDS\jlib\ewt3.jar;C:\Oracle\10gDS\jlib\share.jar;C:\Oracle\10gDS\forms\java\frmwebutil.jar;C:\Oracle\10gDS\forms\java\frmall.jar;C:\Oracle\10gDS\forms\java\frmrwinteg.jar;
  At first I thought it might have been the jar file frmrwinteg.jar, but I downloaded the new one at Nimphius' blog. Still no change..
  am I missing something? Someone please help me! Thanks!
  Mo

  If I am remembering correctly, some changes were necessary in order to make this work with 10.1.2.3. So, if you are using the old jar which you used in previous versions, I would recommend obtaining the one specifically updated for 10.1.2.3. Refer back to the OTN page which has the download and choose the link that references the new version:
  http://www.oracle.com/technology/products/forms/techlisting10gR2.html
  Be sure to clear the client Jar cache before re-testing. This is not the same as the browser cache.

• Web.show_document() with javascript

  Hi Guys,
  I'v been searched this forum about web.show_document() with javascript.
  I saw some threads said
  I can do like
  WEB.SHOW_DOCUMENT ('javascript:window.open("http://www.google.com","","fullscreen=no,titlebar=no,location=no,toolbar=no,menubar=no,status=no,resizable=yes");self.close()','_blank');
  and someone said it worked, but it doesn't work in my machine.
  also some one said the javascript engine is not included in Form 10.1.2, so I can not use WEB.SHOW_DOCUMENT function like above.
  My form builder is 10.1.2.0.2 (Production), os is xp sq2 ,ie 6.(ie6 has some tighter security)
  I want to get clarification about this function, can i use the javascript on it or not ? I really want the pop up window without toolbar and customize size. I need do some configuration in formweb.cfg also?
  Thanks in advance. I appreciated every response.
  Appcat

  Hi Jan,
  Thanks for your reply. I check the metalink about it.
  The first solution is
  1. Make forms Developer URL a trusted site in IE to allow script executions.
  For that open Internet Explorer->Internet Option-> Security.
  Select the "Trusted Sites" Option.
  Click on the Sites Button.
  Add the Developer Suite URL in that.
  for example
  http://<Yourmachinename>:8889/
  It doesn't work in my machine ,still can not activate the javascript.
  The second solution is
  2. Place the script invocation code in a html file in Oracle_home/forms/server directory and call it.
  For example :
  Create a simple form.
  In Forms Trigger :
  web.show_document('http://<Yourmachinename>:8889/file.html');
  In the file.html you may enter the code, for example:
  <HTML>
  <HEAD>Heading</HEAD>
  <BODY>
  <SCRIPT LANGUAGE="Javascript">
  window.open("http://www.yahoo.com","_self");
  </SCRIPT>
  </BODY>
  </HTML>
  It also doesn't work in my machine, the problem is http://<Yourmachinename>:8889/file.html can not be found, even i put it under the Oracle_home/forms/server folder, but i click it directly ,the javascript works. that means the URL http://<Yourmachinename>:8889/file.html is incorrect or I should put the html file into other directory. And I also checked the default.env,FORMS_PATH=D:\DevSuiteHome\forms.
  anything wrong with my env?
  Do you have any idea about it?
  Thanks,
  Appcat
  Message was edited by:
  user577805
  Message was edited by:
  user577805

• WEB.show_document with MAILTO in IE8 - Navigation Cancelled message

  When generating an email from within Oracle Forms 10g using:
  WEB.show_document('mailto:'||'[email protected]'||'?subject='||'test msg'||'&body= 'test body','_SELF');
  An IE8 window pops up with a message saying 'Navigation to the webpage was cancelled'.
  The test email does appear separately, but if the email is generated a second time, the email will not be generated unless the window saying 'Navigation to the webpage was cancelled' was manually closed before the second email generation.
  If we try the same test in our IE7 browser, the email pops up without an IE window coming up in the background (as expected).
  We have tried changing the last parameter to _BLANK and also excluding it altogether, neither option works properly in IE8.
  What code can I use to generate an email within IE8 & IE7 without the extra browser window appearing in the background?

  Ok - so I've had a TAR logged with Oracle since before asking my colleague to post the same query on here.
  As of a couple of days ago Oracle were able to reproduce the same issues using a simple test case. Yesterday they came back with the first part of a fix and updated "Note 1075355.1 - How To Use WEB.SHOW_DOCUMENT To Open Multiple Pages In The Same Browser" accordingly.
  Basically if you are running IE8 on Windows XP and want to use the WEB.SHOW_DOCUMENT with mailto to launch an e-mail you need to specify a named window instead of the regular parameters which are: self, parent, top, blank
  So you would need to use something as below where the word CUSTOM can be anything.
  WEB.show_document('mailto:'||'[email protected]'||'?subject='||'test msg'||'&body=' ||'test body','CUSTOM');
  However this does not appear to fix the issue for IE8 when running on Windows 7.
  Below are other security settings that were recomended and we tried (but I don't think they had any effect):
  1. In IE 8 go to menu Tools -> Internet Options -> Security -> Sites ->
  - Add this website to the zone :
  mailto
  - Uncheck "Require server verifcation (https:) for all sites in this zone."
  - Click Add
  2. In IE 8 go to menu Tools -> Internet Options -> Security -> Custom level
  - Set 'Display mixed content' to Enable.
  Anyway hopefully this information may be useful to anyone else experiencing the same issues - I'm kinda surprised that this hasn't come up and I am interested to hear how other people send email from Forms 10G or 11G applications?

• WebAS run with ibm jdk1.4.2 under window32 platform???

  WebAS run with ibm jdk1.4.2 under window32 platform???

  hi Guoging,
  Yes. Its better if u use Sun JDK 142_09 for all your Installations. we have used that and we have been successful in finishing installations.
  SAP recommends this one. so we follow that.
  Regards
  Arun.

• Issue while generating report using web.show_document with https

  Hi All,
  I am facing some issue while seeing the report using web.show_document as shown below:
  https://ucrmskr.apac.nsroot.net:10301/forms/html/001725032_gca.rtf_
  In this case the report opens directly without asking for me to save or open or cancel option
  whereas if I hit
  http://scrmskr.apac.nsroot.net:7801/forms/html/001725032_gca.rtf_
  it asks for save or open or cancel option
  so that I can save the report to my machine and open in wordpad format
  The report generated in the first case is not coming in proper format
  Below are my forms.conf mappings:
  # Name
  # forms.conf - Forms component Apache directives configuration file.
  # Purpose
  # It should include the weblogic managed server (routing) directives for
  # the servers where Forms applications are deployed and other miscellaneous
  # Forms component OHS directives.
  # Remarks
  # This file is included with the OHS configuration under
  # $OI/config/OHS/<OHS Node Name>/moduleconf sub-directory.
  # virtual mapping for the /forms/html mapping.
  RewriteEngine on
  RewriteRule ^/forms/html/(..*) /workaroundhtml/$1 [PT]
  AliasMatch ^/workaroundhtml/(..*) "/ucrmap1/weblogic/bea/ucrms/config/FormsComponent/forms/html/$1"
  RewriteRule ^/ucrms/icons/(..*) "/workaroundicons/$1" [PT]
  AliasMatch ^/workaroundicons/(..*) "/ucrmap1/weblogic/bea/ORA_PFRD/forms/java/$1"
  RewriteRule ^/forms/help/(..*) "/workaroundhelp/$1" [PT]
  AliasMatch ^/workaroundhelp/(..*) "/ucrmap1/ucrrgbg2/help/$1"
  <Location /forms>
  SetHandler weblogic-handler
  WebLogicCluster kauh0079:9001
  DynamicServerList OFF
  </Location>
  Please let me know what needs to be done additionally if we are trying to hit https because in the second case we were hitting http with similar mapping in diff environment and it was generating report successfully.
  Regards,
  Harish

  Thanks for answering,
  I changed the URL from
  http://nbotlaguduru.dms.local/export/FMSLaborChargesalcs20060829132645.pdf
  to
  http://nbotlaguduru.dms.local:8889/export/FMSLaborChargesalcs20060829132645.pdf
  and the same problem occured
  the file is located on my local C drive in:
  C:\lcs\export
  seems as though I am missing something else as well
  any ideas?

• Web.show_document() with .csv-Files

  Hallo,
  when I try to show a .csv-file using web.show_document in MS-Excel I'm facing the following problem:
  Depending on the windows-settings (?) before showing the Excel-sheet the browser opens an alert 'open/save file'.
  When this alert is activated the web.show-document() is not successfull, that means: it seems that the browser tries to open the new window but it immediatly 'crashes' (I'm using '_blank' as parameter).
  When this alert is not activated everything works perfect.
  My guess is that it has something to do with whith the javascript-problem under XP-SP2. (i also can't get javascript working together with web.show_document).
  Enviroment is: Forms 10g, Windows XP SP2, MS-IE (Mozilla works fine), 10g iDS and iAS
  any ideas?
  tia
  Frank

  Hello,
  already done, doesn't help.
  The odd thing is: when I type the url web.show_document should show directely into the IE (with virtual pathname) the alert shows up, I can choose 'open' and it works (thats the way I get rid of the alert). It seems to me that showing the alert somehow causes the problem in combination with web.show_document.
  I have a similar problem with javascipt. When I type it directly into the browser everything works fine, from web.show_document .. no way.
  So my guess was that maybe the alert itself uses javascript. I dont know much about java and browsers and so its really only a guess.
  The Alert I'm talking about is the following (modulo translation errors):
  do you want to open or save the file
  Name... / Type... /from....
  open/save/cancel -Buttons
  checkbox: always ask before opening a file of this type
  Frank

• Problem with web.show_document with Jinitiator and Firefox

  Not sure Firefox 2.0 is officially certified with Forms 9.0.4.1 and Jinitiatorbut regardless we have some users who want to use this combination. Everything seems to work fine except for the calls to web.show_document which opens a new browser window and displays some html etc.
  The problem is that even though the client Forms JVM is Jinitiator (1.3.1.18 or .21) when the call to web.show_document occurs somehow the Sun Java Plugin starts and having the two JVM's at once causes a fatal crash in Firefox. Can anyone suggest a way to preven the second JVM from opening?
  When the user uses the Sun Plug as the client Forms JVM there is no problem as the second JVM does not open. Unfortunately some users insist on Jinitiator with Firefox hence the problem. -quinn

  James,
  This whole applet embedded in a browser model for webforms is driving us batty at times. The list of problems includes:
  1) Users are constantly tempted by browser controls and accidentally do all sorts of things to get them in trouble. This has included but not limited to using the navigation arrows, jumping off to read their email in the same window as the form and returning to a dead forms session, minimizing, resizing, blurring off to another window and then returning back by clicking on the title bar of the browser and wondering why the form doesn't tab etc.
  Sure hobbling the browser by opening with limited functionality is a possibility but not a complete solution.
  2) New versions of browsers seem to break something. Both IE 7 and Firefox 2 have their own problems with web.show_document, especially file associations such as CSV and DBF and trying to open things in Excel in IE7.Firefox seems to have less problems for some yet some some oddities like the one that started this thread (and 2.0 opening new windows in tabs by default instead of windows).
  3) JVM jigsaw puzzle. Is it Jinit or Sun, which versions? Which combinations of browser version and JVM works.
  4) General fragility of the whole architecture. Running a client JVM in a web browser on top of a PC Operating system connectiong to a forms server over a network embedded in a Java Container server on a full blown web server running on a unix operating system is pushing the bubble. Throw in the mix that any of these components can be combined in numerous ways makes one wonder how it works as well as it does.
  Still users randomly getting dropped connections to forms server (network gltches?). General sluggishness (poorly written forms?). Periods of users with unduplicatable errors primarily network related it would appear.
  General feel that it is not rock solid stable. Perusing metalink documents on performance and tuning gives too much and too general info to troubleshoot so just shrug shoulders and say 'network problem'.
  What's the solution? Java webstart would seem to help at least with the browser realted issues but is that supported and documented how to use yet. Also we'd lose web_show_document which is critical (could it be replaced by webutil calls to open browser?).
  -quinn

• Securing web services with Sun Access Manager

  Hi!
  I have gone through some documentation about Sun Access Manager, and I'm a little bit confused.
  What I want is to secure some web services which are deployed on a BEA WebLogic 9.1 server (WLS). Two solutions are possible: To install some kind of plugin into WLS or to place some kind of proxy in front of WLS. In both cases, the purpose would be to authenticate the caller based on some kind of ticket (SAML or similar) and authorize access to the web service.
  I have read about the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" (those guys really like long names....), but in this documentation web services aren't mentioned at all. They only seem to care about HTTP requests from a browser.
  I have also read about the Policy Agent 2.2 in the documentation called "Sun Java System Access Manager Policy Agent 2.2 Guide for Sun Java System Application Server 9.0/Web Services" (puh...). This document explicitly talks about securing web services the way I want.
  My questions are:
  1) Is it possible to secure WLS based web services in the same way using the Policy Agent for WLS?
  2) Are there any documentation/tutorials/etc?
  Thanks in advance :-)
  Anders

  what you need is a webservices agent that would enable you to "protect" your webservice provider, which I assume is on a BEA weblogic provider.
  the "Sun Java System Access Manager Policy Agent 2.2 for Weblogic 9.1" is "NOT" awebservices agent, but a normal J2EE policy agent.
  So.. having said that. here's what I'd recommend.
  1. install the webservices agent on bea weblogic. (note: NOT the J2EE policy agent)
  2. configure it to use your access manager instance for authentication.
  3. configure your webservices client to use the webservice provider. (note: you'd need the webservices APi's available on the client too... so the quick dirty method would be to install the webservices agent on your client too....) you can later bundle the webservices client independently and provide your"customers" with a webservices client bundle...
  4. voila... your webservices are not "protected" by acces manager ;-)

• Problem: Web.Show_Document with separate frame = True

  We run our application in a seperate frame, so the applet is running outside our browser. When I change the URL in the browser-window the Forms Built-In Web.Show_Document does not work anymore (no browser window will be shown). Is it possible to solve this?

  Maurice,
  though Forms shows in a separate frame, the Applet instance is in the Browser window. If you change the URL in the Browser window then this is equivalent to closing the Applet session. The sepratate frame is a Java Frame that is called similar to
  Frame f = new Frame();
  f.show();
  There is no way to change this except the suggestion to make the Browser Window small as possible do the user does not play with it.
  Frank

• Can I use web.show_document with forms name parameter ?

  Hi All,
  I need to pass URL to web.show_document but with form name too. Is it possible?
  I'd like to do something like web.show_document('url?report=myReport','_blank')
  Thanks in advance
  Edited by: _blackjack on Dec 13, 2012 2:17 PM                                                                                                                                                                                                                                                                                                                                                                                                                                                                                               

  Yes, you can use any valid URL within web.show_document

• Connect to Secure web service with certificate from SAP EP

  Hi Experts,
  Here is the current situation:
  1. Our business requirement is to connect 3rd party RESTful web service which requires secure connection with private client certificate attached
  2. I've tested in my Java test application and successfully attached private certificate to HttpsURLConection request to the web service and made a connection. No problem at all.
  KeyStore keyStore  = KeyStore.getInstance("PKCS12");
  InputStream inputStream = new FileInputStream("privateKeyCert.p12");
  keyStore.load(inputStream, "myPassword".toCharArray());
  KeyManagerFactory keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
  keyManagerFactory.init(keyStore, "myPassword".toCharArray());
  KeyManager[] kms = keyManagerFactory.getKeyManagers();
  SSLContext sslContext = SSLContext.getInstance("SSL");
  sslContext.init(kms, null, new SecureRandom());
  SSLSocketFactory sockFact = sslContext.getSocketFactory();
  URL url = new URL("https://www.thirdpartywebservice.com/testroot/");
  HttpsURLConnection conn = (HttpsURLConnection) url.openConnection();
  conn.setSSLSocketFactory(sockFact);
  conn.setRequestMethod("POST");
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  conn.setDefaultUseCaches (false);
  conn.setRequestProperty("Content-Type", "text/xml");
  3. Next, I tried to apply my Java application to SAP EP NetWeaver, and found that I have to use SecureConnectionFactory:
  https://help.sap.com/saphelp_nw70ehp1/helpdata/en/e2/71c83edf72e16be10000000a114084/content.htm
  4. So, I modified my Java code for SAP EP:
  KeyStore keyStore  = KeyStore.getInstance("PKCS12");
  InputStream inputStream = this.getClass().getClassLoader().getResourceAsStream("privateKeyCert.p12");
  keyStore.load(inputStream, "myPassword".toCharArray());
  SecureConnectionFactory scFactory = new SecureConnectionFactory(keyStore);
  HttpURLConnection conn = scFactory.createURLConnection("https://www.thirdpartywebservice.com/testroot/");
  conn.setRequestMethod("POST");
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  conn.setDefaultUseCaches (false);
  conn.setRequestProperty("Content-Type", "text/xml");
  And I'm facing the following error message:
  Exception: java.security.UnrecoverableKeyException: ja
  va.security.GeneralSecurityException: Unable to decrypt private key: javax.crypto.BadPaddingException: Invalid PKCS#5 padding length: 253
  Could you please help me what this error message means?
  Do you think do I need to to do some other configuration to make connection to web service with client certificate?
  This is our first approach. Please help...
  Thank you in advance.

  SunJSSE implement SSL server CertificateRequest in a strict mode, if client failed to find a proper certificate corresponding the server request, it does not guess what's the proper certificate and send to the server. In your case, because there is no intermediate certificate in the client context, so there is no way to make the decision which certificate would be acceptable by server, so client does not send any cert to server. That's why you got a handshaking error.
  I guess your client key store does not contains a full certificate path from the client end-entity certificate to the root CA. Please import the full certificate path into the key store.
  BTW, these approaches should work, but I found no reason why one does not adopt #1:
  1. import the full certification path of client certificate into client key store.
  2. as a workaround, configure the server to send a list including the intermediate certificates;
  3. as a workaround, you will have to customize the client KeyManager if you don't want to or are not able to configure the server to send a list including the intermediate certificates.

• Probleme mit secure web.show_document()

  Hallo,
  ich möchte einen Report wie im Dokument (http://www.oracle.com/technology/products/forms/pdf/10g/frmwebshowdoc_rep.pdf) beschrieben aufrufen!
  Beim ersten Aufruf des Reports erscheint die übliche Anmeldemaske.
  Wenn man dieses Fenster ohne Eingabe schliesst, und den Report noch einmal aufruft, erscheint die Anmeldemaske nicht mehr.
  Also Funktioniert die USERID_BEAN erst beim zweiten Aufruf???
  Die Ausgabe aus der Javakonsole:
  connectMode=HTTP, native.
  Version von Forms-Applet: 9.0.4.2
  4.0 (compatible; MSIE 6.0; Windows NT 5.0)
  FrmReportsInteg3: Debugging true
  FrmReportsInteg3: Adding new userid string "lf/xxxxxxxx@tc10"
  FrmReportsInteg3: Setting domain to .xxxxx.de
  FrmReportsInteg3: Domain provided is not empty and is evaluated right now
  FrmReportsInteg3: First period found at 0
  FrmReportsInteg3: Second period found at 6
  FrmReportsInteg3: Cookie domain now is: .xxxxx.de
  FrmReportsInteg3: Setting cookie path to /reports/
  FrmReportsInteg3: Default cookie domain: .xxxxx.de
  FrmReportsInteg3: set RW_AUTH9i
  FrmReportsInteg3: Arguments: encryptionKey=reports9i; Reports version=RW9i
  FrmReportsInteg3: Cookie value for RW9i is: lf/xxxxxxxx@tc10;1126275499244:30
  FrmReportsInteg3: Encoded cookie value is: TXuSTNV2BEvREe5k2LSGiga4d16xt6KhwRKtsfgsaYwd
  FrmReportsInteg3: Complete cookie string is: userid=TXuSTNV2BEvREe5k2LSGiga4d16xt6KhwRKtsfgsaYwd
  FrmReportsInteg3: Added domain ".xxxxx.de" to cookie
  FrmReportsInteg3: Generated Cookie String: userid=TXuSTNV2BEvREe5k2LSGiga4d16xt6KhwRKtsfgsaYwd; domain=.xxxxx.de; path=/reports/
  FrmReportsInteg3: IE Cookie Set
  MfG D.Pfitzner

  Ich habe die Lösung selber gefunden (nach mehreren Stunden suchen).
  Ein SYNCHRONIZE vor WEB.SHOW_DOCUMENT hat mein Problem behoben!
  MfG Dirk Pfitzner
  Sorry, my next message is in english.

• Calling a Axis2 Secure Web Service with JDeveloper 11g

  We are attempting call a Blackboard (Axis2) web service using Oracle JDeveloper 11g. We are currently unable to generate the security header required, could anyone please point me in the right direction?
  I have following the following steps highlighting my issue. What steps might I be missing? Should I have created a keystore? Should I implement this with the metro stack? Any help or suggestions to go in a different direction would be greatly appreciated.
  1. Install JDeveloper 11.1.1.5.0 (accept defaults)
  2. Open JDeveloper
  3. Create a Project by selecting File > New > Generic Project > Finish
  4. Right-click newly created project and select New
  a. Select Web Services in the Categories
  b. Select Web Service Proxy, then Next
  c. Next
  d. Select JAX-WS Style, then Next
  e. Enter http://gpstc.blackboard.com/webapps/ws/services/Context.WS?wsdl for the WSDL Document URL, then Next
  f. Next
  g. Remove “:80” from the Endpoint URL in each row, the first row should be http://gpstc.blackboard.com/webapps/ws/services/Context.WS, then Next
  h. Next
  i. I don’t see an option for WSSOAP12Binding which this webservice utilizes, so I selected “oracle/wss11_username_token_with_message_protection_client_policy”
  j. Next
  k. Finish
  5. As a test, add the following code after “// Add your code to call the desired methods.”
  GetServerVersionResponse myv = new GetServerVersionResponse();
  myv = contextWSPortType.getServerVersion(new GetServerVersion());
  System.out.println(myv.toString());
  6. Run the Project
  7. Received the following exception “Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: WSDoAllReceiver: Incoming message does not contain required Security header"
  Currently running JDeveloper 11g with Oracle WebLogic Server 11gR1
  Attempting to connect to Blackboard, Release 9.1.50119.0
  Thanks, Adam Ham

  Hi,
  Did you configure the Axis2 in Jdeveloper?
  Best Regards
  Sunny

• Securing Web Services with Access Manager

  Hello All
  I have installed the java_app_platform_sdk-5_04-windows.exe that comes with Acces Manager 7.1.
  I want to secure a webservice, so I have created a webapplication (with netbeans 6) with a webservice inside. I have also create a web client application that calls the webservice. The providers are configured in the server and I have enabled the soap security .
  When I use anonymous authentication everything works fine, but if I used any other security method the following exception arises:
  [#|2008-04-29T09:41:07.343+0200|SEVERE|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=21;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=1a997eb3-6287-41f4-a540-0b9c86841683;|AMServerAuthModule.validateRequest: Failed in Securing the Request.|#]
  [#|2008-04-29T09:41:07.375+0200|WARNING|sun-appserver9.1|javax.enterprise.system.stream.err|_ThreadID=21;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=1a997eb3-6287-41f4-a540-0b9c86841683;|java.lang.reflect.InvocationTargetException
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.sun.identity.agents.jsr196.as9soap.AMServerAuthModule.validateRequest(AMServerAuthModule.java:173)
       at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1179)
       at com.sun.enterprise.webservice.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:168)
       at com.sun.enterprise.webservice.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:129)
       at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
       at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
       at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
       at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
       at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
       at com.sun.enterprise.webservice.JAXWSServlet.doPost(JAXWSServlet.java:159)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
       at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:290)
       at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
       at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
       at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
       at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
  Caused by: com.sun.identity.wss.security.SecurityException: Unsupported security mechanism.
       at com.sun.identity.wss.security.handler.SOAPRequestHandler.validateRequest(SOAPRequestHandler.java:232)
       ... 46 more
  |#]
  [#|2008-04-29T09:41:07.390+0200|SEVERE|sun-appserver9.1|javax.enterprise.system.core.security|_ThreadID=21;_ThreadName=httpSSLWorkerThread-8080-0;_RequestID=1a997eb3-6287-41f4-a540-0b9c86841683;|SEC2002: Container-auth: wss: Error validating request
  com.sun.enterprise.security.jauth.AuthException: Validating Request failed
       at com.sun.identity.agents.jsr196.as9soap.AMServerAuthModule.validateRequest(AMServerAuthModule.java:188)
       at com.sun.enterprise.security.jmac.config.GFServerConfigProvider$GFServerAuthContext.validateRequest(GFServerConfigProvider.java:1179)
       at com.sun.enterprise.webservice.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:168)
       at com.sun.enterprise.webservice.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:129)
       at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:595)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:554)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:539)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:436)
       at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
       at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:444)
       at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
       at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
       at com.sun.enterprise.webservice.JAXWSServlet.doPost(JAXWSServlet.java:159)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:738)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:831)
       at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:290)
       at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632)
       at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577)
       at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571)
       at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080)
       at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568)
       at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:263)
       at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask(DefaultReadTask.java:214)
       at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265)
       at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
  Caused by: java.lang.reflect.InvocationTargetException
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.sun.identity.agents.jsr196.as9soap.AMServerAuthModule.validateRequest(AMServerAuthModule.java:173)
       ... 41 more
  Caused by: com.sun.identity.wss.security.SecurityException: Unsupported security mechanism.
       at com.sun.identity.wss.security.handler.SOAPRequestHandler.validateRequest(SOAPRequestHandler.java:232)
       ... 46 more
  |#]
  It�s says something about th security mechanism is not supported. But I don�t know why. �Any idea?
  Thank you

  Hello again,
  I am not using ssl. I am using the usernametoken or de saml-voucer mechanish and It happens in both. But with the anonymous mechanism doesnt happen.
  ...