Securing proxy services

Similar Messages

• The Secure Store Service application Secure Store Service Proxy is not accessible

  I am working on setting up a new SharePoint 2013 Farm for our external web site which is currently running on 2010 SharePoint. Because this is an External Website for our organization we have an internally available Publishing Site and there is an Web App
  Extension to provide Anon Access to users using the www address. Currently I am doing everything on a single server for testing with HOSTS entries to loop back so I can test with real host headers and not impact the 2010 prod environment. We will be setting
  up 2 more WFEs with a NLB before moving this into prod but it isn't there yet. We brought the Site Collection Databases over but are still running in 2010 mode for now.
  I migrated a copy of the Secure Store Database over from 2010 and had it put on the 2013 Farm's Database Server. Set up Secure Store and the Secure Store Proxy. I went into the Secure Store Proxy in CA and refreshed the Key with the proper Pass Phrase. After
  doing that I could see the Target Application IDs listed. Everything was looking good so I went off to test. If I am on the publishing site I can go to a page that has the solution on it and it operates as expected. It does a query to a non SharePoint database
  and returns information filtered based on the search parameters. The only odd thing I see is if I click on the "Site Actions" I get a message "An error has occurred with the data fetch. Please refresh page and retry." Need to look into
  that more but it only happens on pages that have these solutions. Maybe a clue. If I go to the Anonymous Access page (www......) and try and use the solution, it immediately (way too quick to appear like it is doing anything) comes back with "The security
  token request cannot be completed."
  If I dig through the usage logs I am finding the following.
  The Secure Store Service application Secure Store Service Proxy is not accessible. The full exception text is: The security token request cannot be completed.
  Unexpected exception from endpoint address : https://[Servername]:32844/4e87fd3aabb640fb8cc3ed52188cf5c0/SecureStoreService.svc/https
  Logging unknown/unexpected client side exception: InvalidOperationException. This will cause this application server to be removed from the load balancer queue. Exception: System.InvalidOperationException: The security token request cannot be completed.
      at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForServiceContext(Uri contextUri)     at Microsoft.SharePoint.SPChannelFactoryOperations.InternalCreateChannelActingAsLoggedOnUser[TChannel](ChannelFactory`1 factory, EndpointAddress
  address, Uri via)     at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.GetChannel(Uri address)     at Microsoft.Office.SecureStoreService.Server.SecureStoreServiceApplicationProxy.Execute[T](String operationName,
  Boolean validateCanary, ExecuteDelegate`1 operation).
  Initially I was fighting a firewall issue because it wasn't working (different errors) on both sides. Had Network Engineers open firewall ports needed and now it works on the publishing side. Still the same error on the Anon side. I suspect I have missed
  something when it comes to configuring the Secure Store to allow access to anonymous connections.
  Let me know if you need any more information but that should paint a pretty good picture as to how things are set up.
  Thanks for any help on this one. Searches haven't found much that has helped so far.

  Hi Sennister,
  I recommend to verify the things below:
  Did this issue occur with all the pages in the anonymous side?
  Check if the Claims to Windows Token Service is started.
  Change the <identity impersonate="true" /> in the web.config to see if the issue still occurs.
  Thanks,
  Victoria
  Forum Support
  Please remember to mark the replies as answers if they help and unmark them if they provide no help. If you have feedback for TechNet Subscriber Support, contact
  [email protected]
  Victoria Xia
  TechNet Community Support

• OWSM 11g: Invoking a secured web service through a java proxy service

  Hi All,
  I am trying to call a secured bpel service which is expecting a username token password. I have created a java proxy service for the same. I now need to add the username token to the same. Can anyone please guide me in this regard.
  Thanks in advance.

  Just to add some pointers,
  I added the following code to the proxy still the soap headers is not getting propagated.
  OrderBookingAndShipment orderBookingAndShipment = orderbookingandshipment_client_ep.getOrderBookingAndShipment_pt();
  String username = "OWSM_11g";
  String password = "password";
  List credProviders = new ArrayList();
  //client side UsernameToken credential provider
  CredentialProvider cp = new ClientUNTCredentialProvider(username.getBytes(),password.getBytes());
  credProviders.add(cp);
  Map<String,Object> context = ((BindingProvider) orderBookingAndShipment).getRequestContext();
  context.put(WSSecurityContext.CREDENTIAL_PROVIDER_LIST,credProviders);

• WS-Security and proxy service: Unable to add security token for identity

  What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
  I did simple "hello word" proxy service and tried to apply custom policy binding.
  WS-Policy is next:
  <wsp:Policy wsu:Id="WS-Policy-Siebel"
       xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
       xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
       xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
       <wssp:Identity
            xmlns:wssp="http://www.bea.com/wls90/security/policy">
            <wssp:SupportedTokens>
                 <wssp:SecurityToken
                      TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
                      <wssp:UsePassword
                           Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
                 </wssp:SecurityToken>
            </wssp:SupportedTokens>
       </wssp:Identity>
  </wsp:Policy>
  Process WS-Security is setted to "yes".
  While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
  But at the end I get the fault:
  Soap fault:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header/>
  <env:Body>
  <env:Fault>
  <faultcode>env:Server</faultcode>
  <faultstring>Unable to add security token for identity</faultstring>
  </env:Fault>
  </env:Body>
  </env:Envelope>
  In console:
  <09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
  ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
  --- Error message:
  <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
  able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
  weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
  at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
  at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
  Truncated. see log file for complete stacktrace
  Incoming soap message is:
  <soapenv:Envelope      xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security      soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken      wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>testuser</wsse:Username>
  <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  <soapenv:Body>
  <wss:NewOperation      xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
  <in>string</in>
  </wss:NewOperation>
  </soapenv:Body>
  </soapenv:Envelope>
  Edited by: Andrey L. on Jun 9, 2010 5:55 PM

  I thought you were getting that exception when accessing the proxy.
  No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
  Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
  Are you getting this exception when routing to a business service which is configured for WS-Security ??
  I don't use business service in this test project - only simple proxy service with all logic inside.
  PS transformation in replace action is very simple too:
  (:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
  (:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
  declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
  declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
  declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
  as element(ns0:NewOperationResponse) {
  <ns0:NewOperationResponse>
  <out>Hello, { data($newOperation1/in) }!</out>
  </ns0:NewOperationResponse>
  declare variable $newOperation1 as element(ns0:NewOperation) external;
  xf:Hello($newOperation1)
  Edited by: Andrey L. on Jun 10, 2010 12:21 PM

• Invoking secure proxy from service callout or route actions in OSB

  Secure proxy is the one which uses WS-Security Username token for authentication before request is processed. Is there any way we can call secure proxy from non-secure proxy. While calling secure-proxy (during service callout or route), I assume header and body will be passed to the secure proxy before secure proxy verifies the user from wsse:security element. While calling secure proxy, I am receiving an error that "General outbound security error. BEA-386400". Is any example that you can show of calling secure-proxy from service callout or route actions
  I am preparing the following header in non-secure proxy message flow diagram before invoking secure proxy.
  <soap-env:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsu:Timestamp>
  <wsu:Created>2012-03-31T18:34:53.081-05:00</wsu:Created>
  <wsu:Expires>2012-04-25T23:34:53.081-05:00</wsu:Expires>
  </wsu:Timestamp>
  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:Username>Testuser</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testpassword</wsse:Password>
  <wsse:Nonce>7hoJIy00p+hwk/QiWpxT+Ndpr+4=</wsse:Nonce>
  <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/></wsse:UsernameToken>
  </wsse:Security>
  </soap-env:Header>

  Go back to
  compare Routing action versus Service Callout action versus Publish action?

• Creating Proxy service over a secured BPEL process

  Hi,
  I have a BPEL process project A which I have secured using oracle/wss_username_token_service_policy
  Now, I want to expose it over OSB as a proxy service.
  After registering the WSDL, I tried to create Business Service over it.
  It gave me a warning:
  [OSB Kernel:398133]WSSP 1.2 policy assertions (Web Services Security Policy 1.2) are not allowed on this service.
  What is the best approach to take.
  Thanks.

  Get the wsdl of the OSB proxy service and create webservice parnerlink in BPEL based on this wsdl to invoke the service
  To form the wsdl url, copy the Endpoint URI  configured to the proxy service(just click on the proxy service in the console) from the sbconsole  - /ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService
  Pre append <<protocol://OSB Hostname:OSB Port>>  - http://localhost:8000/   and post append with ?WSDL
  The final WSDL url look like  - http://localhost:8000/ATHGPUM_GlidePathService/ProxyService/ATHGPUM_GlidePathProxyService?WSDL
  Regards
  Albin I

• SAML Validation Error  - Proxy Service - Process WS-Security Header

  I am testing a Proxy Service that inspects the WS-Security Header which contains a WS-Policy for a SAML Assertion sender-vouches. The SAML Assertion that is produced is valid according to the oassis schema, but ALSB 2.6 returns a SOAP Fault that the SAML Assertion is not valid. Is there any next steps I should take to diagnose the problem? Also, are there any good tools available for validating a SAML Assertion?
  Here is the response of the ALSB 2.6 running on WebLogic 9.2. It is a simple proxy service we use to test whether SAML is working correctly or not. The client correctly sends the sender-voucher with the username/password/certificate alias and so forth.
  <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
  <soapenv:Body>
  <soapenv:Fault
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <axis2ns1:Code xmlns:axis2ns1="http://www.w3.org/2003/05/soap-envelope">
  <axis2ns1:Value>soapenv:Sender</axis2ns1:Value>
  <axis2ns1:Subcode>
  <axis2ns1:Value>wsse:InvalidSecurityToken</axis2ns1:Value>
  </axis2ns1:Subcode>
  </axis2ns1:Code>
  <axis2ns2:Reason xmlns:axis2ns2="http://www.w3.org/2003/05/soap-envelope">
  <axis2ns2:Text xml:lang="en-US"
  >Security token failed to validate. weblogic.xml.crypto.wss.SecurityTokenValidateResult@563c52a[status: false][msg The SAML token is not valid.]</axis2ns2:Text>
  </axis2ns2:Reason>
  </soapenv:Fault>
  </soapenv:Body>
  </soapenv:Envelope>
  Thanks,
  Jay Blanton

  Hi, Pls send your client code to my mail [email protected]

• SSL Inbound Security in Proxy service

  Hi All,
  I have a requirement as follows:
  I am developing a proxy service which can be consumed by external client. I need to implement SSL security for the client to consume the proxy. Any docs which explains step by step implementation of SSL in Proxy service. Thanks in advance.
  Regards,
  Rohan.

  SSL is not enabled at proxy level. You need to enable SSL at your OSB servers. Please refer -
  http://docs.oracle.com/cd/E17904_01/web.1111/e13707/ssl.htm#i1200848
  Regards,
  Anuj

• Change security policy on passthrough proxy-service?

  I've an business-service which is secured by a OWSM policy. The business-service is exposed as a proxy-passthrough (a long with the OWSM policy).
  Is it possible to change the security policy for the proxy-service (which is exposing the OWSM policy secured business service) to some other policy or 'just' basic authentication??
  Cheers
  Søren
  Edited by: user4177402 on 2013-02-21 23:03

  Try using quotation marks:
  gpedit.msc /gpcomputer:"target"
  MCTS - Please remember to click “Mark as Answer” on the post that helps you, and to click “Unmark as Answer” if a marked post does not actually answer your question. This can be beneficial to other community members reading the thread.
  http://mariusene.wordpress.com/

• Security: web services on WLS 8.5, ALSB and proxy on 9.1

  Hi everyone, here's my current situation. I've got some web services running on WLS 8.5, and I've imported them as Business Services into ALSB. The web services themselves are not secured, but I modified the WSDLs so that I could create proxy services which enforce the security.
  The security enforcement works when I test it through ALSB test console. However, now I'm trying to create a client web service to invoke the proxy. The client is being made using Workshop running on 8.5 server.
  I can get the client to successfully invoke the proxy with no policies attached. Then I made a proxy with BEA's Auth.xml required for inbound messages. The keystores are identical on both the proxy server and the client server.
  <input>
  <wsp:Policy>
  <wsp:PolicyReference URI="policy:Auth.xml"/>
  </wsp:Policy>
  <soap:body use="literal"/>
  </input>
  I imported the WSDL into workshop and created a java control from it. I attached a WSSE policy file to the control:
  <wsSecurityOut>
  <encryption>
  <encryptionKey>
  <alias>flcoi1</alias>
  </encryptionKey>
  </encryption>
  </wsSecurityOut>
  Added this control into a blank web service. The only error being returned from the server is:
  com.bea.control.ServiceControlException: SERVICE FAULT:
  Code:java.lang.NullPointerException
  String:null
  Detail:
  END SERVICE FAULT
  with no further explanations. Does someone know what would cause this exception? Or if it's even possible to do what I'm trying (between WLS 8 and 9)?

  Hi!
  In my tries to get security to work between WL 8.x to ALSB I realized that WL 8.x don't have support for WS-Security (and therfore WS-Policy) that ALSB uses, but maybe there are some workarounds...
  /Patrik

• Error when trying to access a secured web service from Forms 10g 10.1.2.3

  Hello,
  I'm trying to access a secured web service from Forms10g 10.1.2.3 but i'm getting the next error when pressing the button the first time:
  java.rmi.RemoteException: ; nested exception is: HTTP transport error: javax.xml.soap.SOAPException:
  java.security.PrivilegedActionException: javax.xml.soap.SOAPException: Bad response: 401 UnauthorizeWhen i press the button a second time i got this error:
  javax.xml.rpc.soap.SOAPFaultException: The SOAP request is invalid. The required node 'Envelope' is missingThis is the code i have in my button:
  DECLARE
  jo ora_java.jobject;
  pdfObject ora_java.jobject;
  pdf     varchar2(900);
  rv varchar2(100);
  ex ora_java.jobject;
  BEGIN
  JO := SEARCHSOAPCLIENT.new;
  SEARCHSOAPCLIENT.setUsername(JO,'weblogic');
  SEARCHSOAPCLIENT.setPassword(JO,'welcome1');
  pdfObject := SEARCHSOAPCLIENT.quicksearch(JO,'1234',NULL);
  pdf := SEARCHSOAPCLIENT.tostring(pdfObject);
  message(pdf);
  message(' ');
  EXCEPTION
  WHEN ORA_JAVA.JAVA_ERROR then
  message('Unable to call out to Java, ' ||ORA_JAVA.LAST_ERROR);
  WHEN ORA_JAVA.EXCEPTION_THROWN then
  ex := ORA_JAVA.LAST_EXCEPTION;
  :error := Exception_.toString(ex);
  END;When i run it from JDeveloper it works, this is a portion of java code the proxy web service has:
  import oracle.webservices.transport.ClientTransport;
  import oracle.webservices.OracleStub;
  import javax.xml.rpc.ServiceFactory;
  import javax.xml.rpc.Stub;
  public class SearchSoapClient {
      private webservicesproxywebcontent.proxy.SearchSoap _port;
      public SearchSoapClient() throws Exception {
          ServiceFactory factory = ServiceFactory.newInstance();
          _port = ((webservicesproxywebcontent.proxy.Search)factory.loadService(webservicesproxywebcontent.proxy.Search.class)).getSearchSoap();
          this.setUsername("weblogic");
          this.setPassword("welcome1");
          System.out.println("callling from _port "+ _port.quickSearch("1234234", null));
       * @param args
      public static void main(String[] args) {
          try {
              webservicesproxywebcontent.proxy.SearchSoapClient myPort = new webservicesproxywebcontent.proxy.SearchSoapClient();
              System.out.println("calling " + myPort.getEndpoint());
          } catch (Exception ex) {
              ex.printStackTrace();
       * delegate all operations to the underlying implementation class.
      public QuickSearchResult quickSearch(String queryText, IdcPropertyList extraProps) throws java.rmi.RemoteException {
          return _port.quickSearch(queryText, extraProps);
      }Also the secured web service was generated from Webcenter Content 11.1.1.6 that is why it's a secured web service.
  Kind Regards
  Carlos

  Without going into any technical discussion about the code, my first question is what JDK version was used to create this which was imported into the form? Understand that Forms 10 runs on JDK 1.4.2, so if you used any newer JDK version, likely there will be problems.

• Report and Alert don't executed in the error handler with a JMS proxy service

  Hi,
  I'm working with OSB 11.1.1.4.0 and I'm facing a problem with the error handler of my JMS proxy service.
  My error handler contains two main elements :
  - a Report action
  - an Alert with a JMS destination defined
  When the business service failed the message remain in the queue. It's the expected behavior.
  The problem is :
  - the report is missing
  - the alert is raised but missing in the JMS destination defined in the Alert setting.
  I've noticed if I add a Reply with Failure or Success, Report and Alert are successfully executed.
  Unfortunately the message don't remain in the JMS queue.
  What can I do in order to have my report/alert done and the JMS transaction rollback in order to keep the message in the queue ?
  I've already met this problem in the past with alsb v3 and my solution was to add Service Callout in the error handler in order to externalize these actions.
  This solution is not convenient and I hope another solution is possible.

  Inventorying workgroups can be difficult, especially when it comes to remote access and network security. Because workgroups are not centrally managed, some of the items discussed in this
  wiki article on preparing your workgroup environment may require you to visit each machine individually.
  For non-domain credentials, you do not use the <systemname>\<user> format, you simply enter the user name. Regarding how to enter the credentials, if you have an account that uses the same username and password on all machines and is an administrator
  on all of those machines, then you can enter that in the All computers credentials page of the wizard. You can also do this if they are different user names. However, if some machines have an account with the same user name, such as Administrator,
  but different passwords on each machine, you will need to use the Manually enter computer names discovery method, and then enter the information for each group or each machine.
  As you can tell, workgroup environments can quickly negate any benefit that the agentless inventory nature of MAP provides.
  Please remember to click "Mark as Answer" on the post that helps you, and to click
  "Unmark as Answer" if a marked post does not actually answer your question. Please
  VOTE as HELPFUL if the post helps you. This can be beneficial to other community members reading the thread.

• Browser based InfoPath form deployed on a Claims based Web Application calling a Secure Web Service via Data Connection

  hi,
  We have a Browser based InfoPath Form deployed on a Claims based Web Application. We are tyring to call WCF Services that are secure using Certificates via the Data Connections on Infopath Form.
  Earlier we used to get the Data in BCS External List via the WCF Services and the Data Connections used to get the Data from the BCS External List. Due to Performance Issues, we want to remove the BCS External List and straightaway call the secure WCF Services
  via the Data Connections.
  Have anyone implemented this scenario.
  Thanks
  Ram
  Thanks Ram

  Hi Ram,
  As these are browser based InfoPath forms, you have two options 
  1) Deploy as sandboxed forms
  In this case you have to create a secure store application id and then set the credentials for that account.
  You then have to export the data connection to Data connections library and modify the .udcx file to utilize the newly created secure store application id.
  This may sometime give issues related to sandboxed code service. You have to give permissions on the secure store for the user account which the sandboxed code service is running.
  2) Deploy as administrator approved forms
  This would be ideal way of doing things as you have full control over the web request if you write code behind InfoPath forms.
  3) Deploy as a Hybrid solution
  a) Write a full trust proxy solutions (extend SPProxyOperation class and override execute method) and make the web request call inside this and return the response
  b) Invoke above operation from the sandboxed InfoPath form's code behind by SPUtility.RegisteredProxyOperation(four part assembly name, operation args)
  Hope this helps.
  Thanks,
  Srikanth

• Secure Store Service Application takes a lot of time and does not create the database

  Hi everybody,
  I was trying to configure sharepoint performance point and I was following the instruction. After I created the performance point services application I tried to creat the secure store service application. When I do this, the progress window stays open forever
  even after 2 hours. If I close the window, I will see that the secure store service and proxy app is created and the application pool also is created in IIS but the database is not and the application service is stopped. even when I want to delete it, it's
  the same story and the progress window stays until I close it manually. Nothing has been logged in the event viewer because it doesn't throw any exceptions.
  I don't think that I have permission issues on the database server side because I have created the performance point service app and the database is there. I have used the same credentials to crete the secure store.
  I have restarted the secure store service and IIS for many times and even the server itself.
  I'm wondering if anybody has had this issue because I couldn't find anything on the web.
  Thanks,
  Edwin 

  Alex, please ignore my previous answer. I found more information in the ULS. At the time that I started creating the service application by power shell these things are logged and they are repeated several times:
     it starts with:
  11/13/2013 15:19:55.52 PowerShell.exe (0x1698)                
  0x170C
  Secure Store Service          
  Secure Store                  
  esj6 High    
  Creating Secure Store Service Application 'Secure Store Service Application'.
  c402af0c-5ff6-4995-83b8-3f95210a8b3d
  11/13/2013 15:19:55.54 PowerShell.exe (0x1698)                
  0x170C
  Secure Store Service          
  Secure Store                  
  esj9 Medium  
  Creating "database object" 'SP_SecureStore' for application. At this time database is not created.
  c402af0c-5ff6-4995-83b8-3f95210a8b3d
  11/13/2013 15:19:55.54 PowerShell.exe (0x1698)                
  0x170C
  Secure Store Service          
  Secure Store                  
  esk0 Medium  
  Saving "database object" 'SP_SecureStore' in the config db.
  c402af0c-5ff6-4995-83b8-3f95210a8b3d
  11/13/2013 15:19:55.83 w3wp.exe (0x0944)                      
  0x0DB4
  Secure Store Service          
  Secure Store                  
  d4gx Verbose
  BackgroundTasks instance accesed.
  11/13/2013 15:19:55.83 SPUCWorkerProcessProxy.exe (0x13A0)    
  0x02B0
  Secure Store Service          
  Secure Store                  
  d4gx Verbose
  BackgroundTasks instance accesed.
  11/13/2013 15:19:55.83 PowerShell.exe (0x1698)                
  0x1740
  Secure Store Service          
  Secure Store                  
  f7wk Verbose
  StartTracker called for secure store ''
  11/13/2013 15:19:55.83 PowerShell.exe (0x1698)                
  0x1740
  Secure Store Service          
  Secure Store                  
  f7wl Verbose
  Tracker not started because call not made from Service Host.
  11/13/2013 15:19:55.83 WebAnalyticsService.exe (0x0A6C)        
  0x1B88 Secure Store Service          
  Secure Store                  
  f7wk Verbose
  StartTracker called for secure store ''
  Finally it says:
  11/13/2013 15:19:55.90 PowerShell.exe (0x1698)                
  0x170C
  Secure Store Service          
  Secure Store                  
  esk9 High    
  Secure Store Service Application 'Secure Store Service Application' created.
  c402af0c-5ff6-4995-83b8-3f95210a8b3d

• Error while executing the proxy service

  Hi,
  I have a procedure which uses a database link to access my tables. And business service will invoke this procedure through JCA.
  We have created a datasource (Driver : non - XA for Service connections). However, while executing the proxy service it gives me below error.
  Do i need to change the type of driver. Can anybody please help me on this.
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header xmlns:com1="com:gm:vehicleengineering:engineeringworkorder:ewostatus:types:ewostatusschema:1:0" xmlns:com="com:gm:common:utilities:types:servicecontrol:1:0">
  <com:ServiceControl>
  <com:Service>EWOStatus</com:Service>
  <com:Version>1.0</com:Version>
  <com:ConsumerID>CID</com:ConsumerID>
  <com:MessageID>MID</com:MessageID>
  <com:SentTimeStamp>2008-09-28T21:49:45</com:SentTimeStamp>
  </com:ServiceControl>
  </soapenv:Header>
  <soapenv:Body>
  <soapenv:Body>
  <com:ServiceFault xmlns:com="com:gm:common:utilities:types:servicefault:1:0">
  <com:FaultCode>SOAFLT-999</com:FaultCode>
  <com:FaultString>GeneralError</com:FaultString>
  <com:FaultActor>Server</com:FaultActor>
  <com:FaultDetail>Invoke JCA outbound service failed with connection error, exception: com.bea.wli.sb.transports.jca.JCATransportException: oracle.tip.adapter.sa.api.JCABindingException: oracle.tip.adapter.sa.impl.fw.ext.org.collaxa.thirdparty.apache.wsif.WSIFException: servicebus:/WSDL/VehicleEngineering/EngineeringWorkOrder/EWOStatus/V1/WSDL/jcaEWOStatus_1_0_0 [ GetEWOStatus_ptt::GetEWOStatus(InputParameters,OutputParameters) ] - WSIF JCA Execute of operation 'GetEWOStatus' failed due to: Interaction processing error.
  Error while processing the execution of the SP_GETEWOSTATUS API interaction.
  An error occurred while processing the interaction for invoking the SP_GETEWOSTATUS API. Cause: Exception [EclipseLink-4002] (Eclipse Persistence Services - 2.0.2.v20100323-r6872): org.eclipse.persistence.exceptions.DatabaseException
  Internal Exception: java.sql.SQLException: Internal error: Cannot obtain XAConnection java.lang.ClassCastException: oracle.jdbc.driver.T4CConnection
       at weblogic.jdbc.jta.DataSource.getXAConnectionFromPool(DataSource.java:1684)
       at weblogic.jdbc.jta.DataSource.getConnection(DataSource.java:439)
       at weblogic.jdbc.jta.DataSource.connect(DataSource.java:396)
       at weblogic.jdbc.common.internal.RmiDataSource.getConnection(RmiDataSource.java:355)
       at org.eclipse.persistence.sessions.JNDIConnector.connect(JNDIConnector.java:126)
       at org.eclipse.persistence.sessions.JNDIConnector.connect(JNDIConnector.java:94)
       at org.eclipse.persistence.sessions.DatasourceLogin.connectToDatasource(DatasourceLogin.java:162)
       at org.eclipse.persistence.internal.databaseaccess.DatasourceAccessor.connectInternal(DatasourceAccessor.java:327)
       at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.connectInternal(DatabaseAccessor.java:295)
       at org.eclipse.persistence.internal.databaseaccess.DatasourceAccessor.reconnect(DatasourceAccessor.java:558)
       at org.eclipse.persistence.internal.databaseaccess.DatabaseAccessor.reconnect(DatabaseAccessor.java:1437)
       at org.eclipse.persistence.internal.databaseaccess.DatasourceAccessor.incrementCallCount(DatasourceAccessor.java:303)
       at oracle.tip.adapter.db.DBConnection.getTopLinkSQLConnection(DBConnection.java:335)
       at oracle.tip.adapter.db.transaction.DBTransaction.beginInternal(DBTransaction.java:126)
       at oracle.tip.adapter.db.sp.SPInteraction.executeStoredProcedure(SPInteraction.java:93)
       at oracle.tip.adapter.db.DBInteraction.execute(DBInteraction.java:248)
       at oracle.tip.adapter.sa.impl.fw.wsif.jca.WSIFOperation_JCA.performOperation(WSIFOperation_JCA.java:534)
       at oracle.tip.adapter.sa.impl.JCABindingReferenceImpl.request(JCABindingReferenceImpl.java:257)
       at com.bea.wli.sb.transports.jca.binding.JCATransportOutboundOperationBindingServiceImpl.invoke(JCATransportOutboundOperationBindingServiceImpl.java:150)
       at com.bea.wli.sb.transports.jca.JCATransportEndpoint.sendRequestResponse(JCATransportEndpoint.java:209)
       at com.bea.wli.sb.transports.jca.JCATransportEndpoint.send(JCATransportEndpoint.java:170)
       at com.bea.wli.sb.transports.jca.JCATransportProvider.sendMessageAsync(JCATransportProvider.java:572)
       at sun.reflect.GeneratedMethodAccessor771.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.wli.sb.transports.Util$1.invoke(Util.java:83)
       at $Proxy142.sendMessageAsync(Unknown Source)
       at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageAsync(LoadBalanceFailoverListener.java:152)
       at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageToServiceAsync(LoadBalanceFailoverListener.java:603)
       at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageToService(TransportManagerImpl.java:560)
       at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageAsync(TransportManagerImpl.java:426)
       at com.bea.wli.sb.pipeline.PipelineContextImpl.dispatch(PipelineContextImpl.java:501)
       at stages.routing.runtime.RouteRuntimeStep.processMessage(RouteRuntimeStep.java:128)
       at com.bea.wli.sb.stages.StageMetadataImpl$WrapperRuntimeStep.processMessage(StageMetadataImpl.java:346)
       at com.bea.wli.sb.pipeline.RouteNode.doRequest(RouteNode.java:106)
       at com.bea.wli.sb.pipeline.Node.processMessage(Node.java:67)
       at com.bea.wli.sb.pipeline.PipelineContextImpl.execute(PipelineContextImpl.java:922)
       at com.bea.wli.sb.pipeline.Router.processMessage(Router.java:214)
       at com.bea.wli.sb.pipeline.MessageProcessor.processRequest(MessageProcessor.java:99)
       at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:591)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
       at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:590)
       at com.bea.wli.sb.transports.TransportManagerImpl.receiveMessage(TransportManagerImpl.java:375)
       at com.bea.wli.sb.transports.CoLocatedMessageContext$1.run(CoLocatedMessageContext.java:164)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at weblogic.security.Security.runAs(Security.java:61)
       at com.bea.wli.sb.util.security.SecurityUtils.runAs(SecurityUtils.java:58)
       at com.bea.wli.sb.transports.CoLocatedMessageContext.send(CoLocatedMessageContext.java:157)
       at com.bea.wli.sb.transports.http.wls.HttpTransportProvider.sendMessageAsync(HttpTransportProvider.java:215)
       at sun.reflect.GeneratedMethodAccessor771.invoke(Unknown Source)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.bea.wli.sb.transports.Util$1.invoke(Util.java:83)
       at $Proxy122.sendMessageAsync(Unknown Source)
       at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageAsync(LoadBalanceFailoverListener.java:152)
       at com.bea.wli.sb.transports.LoadBalanceFailoverListener.sendMessageToServiceAsync(LoadBalanceFailoverListener.java:603)
       at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageToService(TransportManagerImpl.java:560)
       at com.bea.wli.sb.transports.TransportManagerImpl.sendMessageAsync(TransportManagerImpl.java:426)
       at com.bea.wli.sb.pipeline.PipelineContextImpl.dispatch(PipelineContextImpl.java:501)
       at stages.routing.runtime.RouteRuntimeStep.processMessage(RouteRuntimeStep.java:128)
       at com.bea.wli.sb.stages.StageMetadataImpl$WrapperRuntimeStep.processMessage(StageMetadataImpl.java:346)
       at com.bea.wli.sb.pipeline.RouteNode.doRequest(RouteNode.java:106)
       at com.bea.wli.sb.pipeline.Node.processMessage(Node.java:67)
       at com.bea.wli.sb.pipeline.PipelineContextImpl.execute(PipelineContextImpl.java:922)
       at com.bea.wli.sb.pipeline.Router.processMessage(Router.java:214)
       at com.bea.wli.sb.pipeline.MessageProcessor.processRequest(MessageProcessor.java:99)
       at com.bea.wli.sb.pipeline.RouterManager$1.run(RouterManager.java:591)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at com.bea.wli.sb.security.WLSSecurityContextService.runAs(WLSSecurityContextService.java:55)
       at com.bea.wli.sb.pipeline.RouterManager.processMessage(RouterManager.java:590)
       at com.bea.wli.sb.transports.TransportManagerImpl.receiveMessage(TransportManagerImpl.java:375)
       at com.bea.wli.sb.transports.http.generic.RequestHelperBase$1.run(RequestHelperBase.java:152)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:147)
       at com.bea.wli.sb.transports.http.generic.RequestHelperBase.securedInvoke(RequestHelperBase.java:151)
       at com.bea.wli.sb.transports.http.wls.HttpTransportServlet.service(HttpTransportServlet.java:127)
       at weblogic.servlet.FutureResponseServlet.service(FutureResponseServlet.java:25)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:821)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3686)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Thanks,
  Chandana

  Make sure that you are using non-xa datasources and in DBAdapter outbound connection pool configuration provide the data source JNDI in "dataSourceName" property instead of "xADataSourceName" property. Update the DBAdapter after changing configuration.
  Regards,
  Anuj