SOAP message security fault:FailedCheck error

Similar Messages

• SOAP message security

  Hello,
  1) Could you please suggest best way to handle PI web service with regard to security. We are exposing PI to use web services from external system.As the external system are not part of our DMZ and do not reside in our network what is the best approach to configure the SOAP sender and receiver channels.
  2) Also When we give the WSDL to external parties normally the PI host would be local would there be any issues wrt security should the network team open up ports for them or map the local host to public host.
  Thanks.

  About Soap Security, refer to the below documents & help, about SSL configuration for SOAP Adapter (Security Checks):
  http://help.sap.com/saphelp_nw04/helpdata/en/fc/5ad93f130f9215e10000000a155106/content.htm
  HTTP & SSL
  http://help.sap.com/saphelp_nw04/helpdata/en/14/ef2940cbf2195de10000000a1550b0/content.htm
  How to use Client Authentication with SOAP Adapter
  http://www.sdn.sap.com/irj/scn/weblogs?blog=/pub/wlg/3721

• Hi Guys, I have completely lost access to Gmail and all Google accounts via Firefox - error message "secure connection failed Error code: sec_error_bad_der

  I have been a long time Firefox user and this is the first time I am truly baffled. Now if I try to log into gmail or any google account on my main PC I just get an error message as below.
  Secure Connection Failed
  An error occurred during a connection to accounts.google.com. security library: improperly formatted DER-encoded message. (Error code: sec_error_bad_der)
  The page you are trying to view cannot be shown because the authenticity of the received data could not be verified.
  Please contact the website owners to inform them of this problem.
  I have tried reinstalling, clearing cache, clearing cookies, and just about every other thing I can think of but to no avail. I can access through IE and also via firefox on my other PCs but no joy on my main PC. Please help as this one is stumping me.
  Many thanks for your help.

  Sorry I forgot to add my system is Win 7 64 home premium

• Accepting a SOAP message that contains fault elements

  Hi,
  I am trying to create a webservice that will accept a valid soap messages that
  contains faults. Actual functionality required is to accept a valid soap message
  with or without faults. For this, I created separate methods in my java class
  (one for normal flow and one that will handle fault elements) that implements
  my web service. I need to manipulate the soap message for both cases. Hence, I
  created separate handlers to do this task. I created two handler chains in my
  web-services.xml one for handling soap messages that contains faults and one for
  handling soap messages that doesn't contain faults. The web services was successfully
  deployed and works fine for soap messages that doesn't contain fault. But, if
  I send a soap message with faults the client (that calls my webservice) is not
  even hitting my web service. It gets a HTTP
  500. Can anybody help me on this ?
  Thanks,
  Ganesh Balachandran

  Hi Ganesh,
  Which version of weblogic server you are using? Can you turn on verbose in
  client side? You can give a "-Dweblogic.webservice.verbose=true" to client
  side JVM. We need to see what your soap message with fault looks like.
  Thanks,
  -Neal
  "Ganesh" <[email protected]> wrote in message
  news:[email protected]..
  >
  Hi,
  I am trying to create a webservice that will accept a valid soap messagesthat
  contains faults. Actual functionality required is to accept a valid soapmessage
  with or without faults. For this, I created separate methods in my javaclass
  (one for normal flow and one that will handle fault elements) thatimplements
  my web service. I need to manipulate the soap message for both cases.Hence, I
  created separate handlers to do this task. I created two handler chains inmy
  web-services.xml one for handling soap messages that contains faults andone for
  handling soap messages that doesn't contain faults. The web services wassuccessfully
  deployed and works fine for soap messages that doesn't contain fault. But,if
  I send a soap message with faults the client (that calls my webservice) isnot
  even hitting my web service. It gets a HTTP
  500. Can anybody help me on this ?
  Thanks,
  Ganesh Balachandran

• Signing a soap message seems to not work in jwsdp14

  I'm trying to sign a soap message according to the latest oasis specifications (http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf) using the libraries provided with jwsdp14 (mainly xmlsec.jar).
  As far as I know, there is not yet documention/example about this specific issue.
  The following is the code I have to sign a soap message: it seems to work fine because the signed soap message respects the above specifications... but what I notice is that the digest and the signature values it contains are always the same, I mean: if i change the source soap message, the signed soap message in output is always the same!
  Any clue??
  import com.sun.org.apache.xml.security.Init;
  import com.sun.org.apache.xml.security.signature.XMLSignature;
  import com.sun.org.apache.xml.security.transforms.Transforms;
  import com.sun.org.apache.xml.security.utils.Constants;
  import com.sun.xml.wss.*;
  import com.sun.xml.wss.reference.DirectReference;
  import org.w3c.dom.Document;
  import javax.xml.soap.SOAPHeader;
  import javax.xml.soap.SOAPMessage;
  import javax.xml.soap.SOAPBody;
  import java.io.File;
  import java.io.FileInputStream;
  import java.io.FileOutputStream;
  import java.security.PrivateKey;
  import java.security.cert.X509Certificate;
  public class Main {
  public static void main(String[] args) {
  // The file from which we will load the sample SOAP message
  String fileName = "F:\\SampleSoapMessage.xml";
  // Store the WSSE signed message here
  String signatureFileName = "F:\\SignedSampleSoapMessage.xml";
  try {
  // Initialize the apache libraries
  Init.init();
  // Obtain security elements from the keystore
  PrivateKey privateKey = MySecurityUtils.getPrivateKey();
  X509Certificate cert = MySecurityUtils.getCertificate();
  // Obtain a sample SOAPMessage from a file
  FileInputStream fis = new FileInputStream(new File(fileName));
  Document doc = XMLUtil.toDOMDocument(fis);
  SOAPMessage message = MyFileUtils.getMessageFromFile(doc);
  SOAPHeader header = message.getSOAPHeader();
  SOAPBody body = message.getSOAPBody();
  // Set the wsu:Id attribute to the Body
  XMLUtil.setWsuIdAttr(body, "MyId");
  // Create a WSSE context for the SOAP message
  SecurableSoapMessage sssm = new SecurableSoapMessage(message);
  // Create a security header for the message (<wsse:Security>)
  SecurityHeader sh = sssm.findOrCreateSecurityHeader();
  // Insert the certificate (<wsse:BinarySecurityToken>)
  X509SecurityToken stoken = new X509SecurityToken(header.getOwnerDocument(), cert, "X509TokenRef");
  sh.insertHeaderBlock(stoken);
  // Insert the keyinfo referring to the certificate (<ds:KeyInfo>)
  KeyInfoHeaderBlock kihb = new KeyInfoHeaderBlock(header.getOwnerDocument());
  SecurityTokenReference secTR = new SecurityTokenReference(header.getOwnerDocument());
  DirectReference dirRef = new DirectReference();
  dirRef.setURI("#X509TokenRef");
  secTR.setReference(dirRef);
  kihb.addSecurityTokenReference(secTR);
  //sh.insertHeaderBlock(kihb);
  // Insert the Signature block (<ds:Signature>)
  SignatureHeaderBlock shb = new SignatureHeaderBlock(header.getOwnerDocument(), XMLSignature.ALGO_ID_SIGNATURE_RSA);
  Transforms transforms = new Transforms(header.getOwnerDocument());
  transforms.addTransform(Transforms.TRANSFORM_C14N_EXCL_OMIT_COMMENTS);
  shb.addSignedInfoReference("#MyId", transforms, Constants.ALGO_ID_DIGEST_SHA1);
  shb.addChildElement(kihb.getAsSoapElement());
  sh.insertHeaderBlock(shb);
  // Digest all References (#MyId) in the SignedInfo, calculate the signature value
  // and set it in the SignatureValue Element
  shb.sign(privateKey);
  // Add the signature data to the header element
  header.addChildElement(sh.getAsSoapElement());
  // Save the signed SOAP message
  FileOutputStream fos = new FileOutputStream(new File(signatureFileName));
  message.writeTo(fos);
  message.writeTo(System.out);
  } catch (Exception exc) {
  exc.printStackTrace();
  System.out.println("An error has occurred : " + exc.toString());
  PS: Classes MySecurityUtils and MyFileUtils are not included since they have nothing interesting.
  The sample input sopa message is:
  <?xml version="1.0" encoding="UTF-8"?>
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
  <Intestazione>
  </Intestazione>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  and the output signed sample message is:
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header>
  <wsse:Security SOAP-ENV:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  <ds:SignedInfo>
  <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
  <ds:Reference URI="#MyId">
  <ds:Transforms>
  <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
  </ds:Transforms>
  <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
  <ds:DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</ds:DigestValue>
  </ds:Reference>
  </ds:SignedInfo>
  <ds:SignatureValue>
  YdKNSPWnx630AYeZ6AXVco1b0RMo8C3WWbziq7C009gg4nhknEZmH0ds78y328SgAlAAVR6Swwok
  HE3OWgL8TZ1Ks0IimmmDd8/XIb2KlfiqnUNtTjGjUn9FLQEv/CMbmrCr7EO9rf/N+0cyAyGzrKo5
  ieEQhtZy9uZAKh2mrmM=
  </ds:SignatureValue>
  <ds:KeyInfo>
  <wsse:SecurityTokenReference>
  <wsse:Reference URI="#X509TokenRef"/>
  </wsse:SecurityTokenReference>
  </ds:KeyInfo></ds:Signature><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="X509TokenRef">MIIDITCCAsugAwIBAgIQIdu5EMFuQntM5IBOMeFcETANBgkqhkiG9w0BAQUFADCBqTEWMBQGA1UE
  ChMNVmVyaVNpZ24sIEluYzFHMEUGA1UECxM+d3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5L1Rl
  c3RDUFMgSW5jb3JwLiBCeSBSZWYuIExpYWIuIExURC4xRjBEBgNVBAsTPUZvciBWZXJpU2lnbiBh
  dXRob3JpemVkIHRlc3Rpbmcgb25seS4gTm8gYXNzdXJhbmNlcyAoQylWUzE5OTcwHhcNMDQwODA1
  MDAwMDAwWhcNMDQwODE5MjM1OTU5WjBhMQswCQYDVQQGEwJJVDENMAsGA1UECBMEUk9NQTENMAsG
  A1UEBxQEcm9tYTEOMAwGA1UEChQFaXNzcGExDjAMBgNVBAsUBWNoaWVmMRQwEgYDVQQDFAt3d3cu
  dGVzdC5pdDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtIsomDk9VthgMorPmG0dAwqLtTBi
  U69liwopwrnAbtzIiO56R9yh4tXvG9+QWtEFRcDHVwWi9YdaHQFCvjymnNYDUHkpJsWp11nIAfOA
  k+d9v1YDje4S6oba7tsIJSEkUu7LQ888Q3cGt/KUaEu6b0lZJ5zY9slK0onUPeTB3e8CAwEAAaOB
  0TCBzjAJBgNVHRMEAjAAMAsGA1UdDwQEAwIFoDBCBgNVHR8EOzA5MDegNaAzhjFodHRwOi8vY3Js
  LnZlcmlzaWduLmNvbS9TZWN1cmVTZXJ2ZXJUZXN0aW5nQ0EuY3JsMFEGA1UdIARKMEgwRgYKYIZI
  AYb4RQEHFTA4MDYGCCsGAQUFBwIBFipodHRwOi8vd3d3LnZlcmlzaWduLmNvbS9yZXBvc2l0b3J5
  L1Rlc3RDUFMwHQYDVR0lBBYwFAYIKwYBBQUHAwEGCCsGAQUFBwMCMA0GCSqGSIb3DQEBBQUAA0EA
  Y66OqTOpHcpNUPlD4A38s8bPIIjrf+C+Wv08lUj+DGN5pm+gBWdbWEGaQmqU8fPPtGrQnHz2NAUr
  ZmLaEw/qKw==</wsse:BinarySecurityToken></wsse:Security></SOAP-ENV:Header>
  <SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="MyId">
  <aTag>
  <aChild>a value</aChild>
  </aTag>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  NOTE: Check the value of <ds:SignatureValue> and <ds:DigestValue>: they never change even if I change the body of the source message.

  Quoting Farrukh's reply to this question on java.net -
  I can share some examples of how I have used JWSDP 1.4 and XML DSIG API to sign and verify a "standalone" soap message with and without mime attachments.
  Please see the following Utility class written for the freebXML Registry project [1] for an example of how to do what you seek:
  http://cvs.sourceforge.net/viewcvs.py/ebxmlrr/omar/src/java/org/freebxml/omar/common/security/SecurityUtil.java?view=markup
  See methods signSOAPMessage(...), signPayload(...), verifySOAPMessage(...) and verifyPayloadSignature(...)
  What you are trying to do is definitely doable and has been done with JWSDP 1.4. In my experience XML DSIG API met my needs very well.
  Best of luck.
  [1] freebXML Registry Project:
  http://ebxmlrr.sourceforge.net
  ---------------------------------------------------------------------------------

• Processing of soap message

  some help is required on the SOAP processing
  <SOAP-ENV:Envelope xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <SOAP-ENV:Body>
  <getPricedAvailability xmlns="http://www.openuri.org/" xmlns:tget="http://www.ba.com/schema/tGetPricedAvailabilityV1">
  <tget:GetPricedAvailabilityRequest>
  <Name>ian</Name>
  ....i need to add a tag name[in between the two tags] <asl>US </asl>
  <age>1234</age>
  </tget:GetPricedAvailabilityRequest>
  </getPricedAvailability>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope
  Can any one suggest or send me the piece of code which does this..
  i tried to add the tag by using the below code but in vain it didn't happen ...it is not adding in between the 2 tags.
  it is adding after <age>.... Can any one help me in this...Is there is any other way of parsing the SOAP message is possible
  SOAPMessageContext smc = (SOAPMessageContext)mc;
  SOAPMessage sm = smc.getMessage();
  SOAPEnvelope env = sm.getSOAPPart().getEnvelope();
  SOAPBody body = env.getBody();
  javax.xml.soap.Name sName;
  System.out.println(" Entering callEndTag #########################################");
  System.out.println("body"+body +" "+"env"+env);
  if ( body != null ){
  java.util.Iterator childElems = body.getChildElements();
  SOAPElement child;
  int i=0;
  // iterate through child elements
  while (childElems.hasNext())
  System.out.println("childElems" +childElems);
  Object elem = childElems.next();
  System.out.println("elem" +elem);
  if(elem instanceof SOAPElement )
  // get child element and its name
  child = (SOAPElement) elem;
  sName = child.getElementName();
  if (sName.getLocalName().equals("getPricedAvailability"))
  childElems = child.getChildElements();
  while (childElems.hasNext())
  // get next child element
  elem = childElems.next();
  if(elem instanceof SOAPElement )
  child = (SOAPElement) elem;
  sName = child.getElementName();
  if (sName.getLocalName().equals("GetPricedAvailabilityRequest"))
  {childElems = child.getChildElements();
                                                 sName = child.getElementName();
                                                 System.out.println("SNAME inSIDE IF  LOOP" +sName);
                                                 System.out.println("If Elem is a) instance ====After");
                                                 if (childElems.hasNext())
                                                    // get next child element
                                                     elem = childElems.next();
                                                     System.out.println("If Elem is a) instance  == before");
                                                    if(elem instanceof SOAPElement )
                                                        System.out.println("If Elem is a) instance ====After");
                                                        System.out.println("before type cast" );  
                                                        child = (SOAPElement) elem;
                                                        sName = child.getElementName();
                                                        System.out.println("Start adding process added end date" +sName);
                                                        SOAPElement fResponse12 =  child.addChildElement(env.createName("EndDate-- ==child ")); 
                                                        fResponse12.addAttribute(env.createName("xmlns"),   
                                                        fResponse12.addTextNode(strEndDate );
  ((SOAPMessageContext)mc).setMessage(sm);

  Hi Experts,
  I'm trying to protect a web service deployed in jcaps 5.1.1, using SAML assertions against an Access Manager 7/7.1, the web services clients are both, web and standalone applications, I also have read netbeans tutorials, that expose how to implement identity webservices using AppServer 9.1 + AccessManager 7.1 using the SAML Holder of key and other security mechanisms, but this implementation requiere modifications to the server.policy file to add support to SOAP message security providers and HttpServlet message security providers, the addition of a library called amwebservicesprovider.jar to the classpath suffix (this library implements the jsr-196 java Authentication Service Provider Interface for Containers) and aditional configuration required in the AM side that is not detailed in the tutorials.
  Could someone guide me on how to protect the acces to a web services deployed in the jcaps logicalhost based on AM roles assigned to users?
  Any help is aprecciated
  Juan

• SOAP message format after signing

  Experts,
  Can any one tell me the format of the soap message after the message is signed with certificate issued by third party?
  I am getting signed soap message as follows :
  - <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
  - <SOAP:Header>
  - <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP:mustUnderstand="1">
    <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-6" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIE1TCCA72gAwIBAgICGyQwDQYJKoZIhvcNAQEFBQAwWjELMAkGA1UEBhMCU0ExDTALBgNVBAoTBFNBTUExGzAZBgNVBAsTElNBTUEgZVRydXN0IENlbnRlcjEfMB0GA1UEAxMWU0FNQSBTdGFnaW5nIFNoYXJlZCBDQTAeFw0wODA5MTYxMDUyNDJaFw0xMDA5MTYxMDUyMzdaMIGUMQswCQYDVQQGEwJTQTEoMCYGA1UEChMfTkNCQiAtIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuazEoMCYGA1UECxMfTkNCQiBXZWIgUmVnaXN0cmF0aW9uIEF1dGhvcml0eTELMAkGA1UECxMCSVQxJDAiBgNVBAMTG2UtZGhxLXMyMDF3ZWIuc2VjLnNlLmNvbS5zYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2JDBfb/o41YV7/JOBKa0H/zCIF6Szpn5oEEPjIu63UoD2t3uKZgL0pDpKTrl8hNgSfnbePsn9te0sqmstflIUV8OYv6VCUKIL6ZsxcZliFP7LTWcN7VHa5J80zwJpuZI0lSOTmssRfTczT5wbRiJuf/z/ZUsc9VvP7hMT93Vc0CAwEAAaOCAewwggHoMIIBPAYDVR0gBIIBMzCCAS8wggErBg0rBgEEAYGHHQEBBgUBMIIBGDCB1QYIKwYBBQUHAgIwgcgagcVUaGlzIGNlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3VlZCBieSBTQU1BIGVUcnVzdCBDZW50ZXIgb24gYmVoYWxmIG9mIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuayAoTkNCQikuIE5laXRoZXIgU0FNQSBub3IgTkNCQiBhY2NlcHQgYW55IGxpYWJpbGl0eSBmb3IgYW55IGNsYWltIGV4ZXB0IGFzIGV4cHJlc3NseSBwcm92aWRlZCBpbiB0aGlzIENQLjABggrBgEFBQcCARYyaHR0cDovL3d3dy5lVHJ1c3RjZW50ZXIuY29tLnNhL2RvY3Mvcm9vdGNhX2Nwcy5wZGYwMAYIKwYBBQUHAQEEJDAiMCAGCCsGAQUFBzABhhRodHRwOi8vMTAuMTMxLjEuNjo4MDALBgNVHQ8EBAMCA7gwJwYDVR0lBCAwHgYIKwYBBQUHAwQGCCsGAQUFBwMHBggrBgEFBQcDATAfBgNVHSMEGDAWgBSgYJsSh4qnwzTjhepPMHVJj9ncDAdBgNVHQ4EFgQUXWMeLP/opd8VqdnCf/xSX0/dD8wDQYJKoZIhvcNAQEFBQADggEBAJ2Pjv0V8ke9Vxe4FAOVJ7Hi67STUnad6gIIeT2wTUYwZD9dFf2g4NJnqJ2SF3Q9QKw5rBofU1SjuFw11hnQ3G3UK6Erkn7klS0/vVrAEAg55nzDhYPU3uZyVoobJmtLgNk507U7qkIL86p8tPCDlZoN23od1RG8uAP4K3TyiYgFozVA9tUIUGDDFbqOSACZ6tSrXDzHTfmA2l7zz4tizi/yX57SLjg3kIXKWfwo3nOEJm9xGL/4PyxaXQlNsd3srBrYl9/L78563ExKJ0UvnqKTjvuhRIsm3+E9eFhYAq1Wd/xBIXKPZEK8VwcrEQJqBnEi/2RL0jDULYMR8=</wsse:BinarySecurityToken>
  - <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsu-targetID-eed81bc1-2818-11de-a649-000e0cf559d1">
    <wsu:Created ValueType="xsd:dateTime">2009-04-13T10:50:41Z</wsu:Created>
    <wsu:Expires ValueType="xsd:dateTime">2009-04-13T10:55:41Z</wsu:Expires>
    </wsu:Timestamp>
  - <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
  - <ds:SignedInfo>
    <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
  - <ds:Reference URI="#wsuid-body-eed81bc0-2818-11de-cc6a-000e0cf559d1">
  - <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    </ds:Transforms>
    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
    <ds:DigestValue>ybxqsfOoHwh8eItwlr2GgCzrN8Y=</ds:DigestValue>
    </ds:Reference>
  - <ds:Reference URI="#wsu-targetID-eed81bc1-2818-11de-a649-000e0cf559d1">
  - <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    </ds:Transforms>
    <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
    <ds:DigestValue>Kdki/tVoqS6zmkF7x8nA19QouzM=</ds:DigestValue>
    </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>a60173OR4QNYvp/0nEFjPaR2wR6glTj1FQO31YNGn0NR5XKuB2Ye3dfsfwfB6bdDEmXwvOcEfNln grH7hjoItDC1z8luCpXjs7Gy2viF4XCOdgqxC6MnFOwdZpKodrjESYTjzsNUiXcHUEntGzv4Ry8U zCEw9lLT7koAcTXk/NM=</ds:SignatureValue>
  - <ds:KeyInfo>
  - <wsse:SecurityTokenReference>
    <wsse:Reference URI="#sap-6" />
    </wsse:SecurityTokenReference>
    </ds:KeyInfo>
    </ds:Signature>
    <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-6" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIE1TCCA72gAwIBAgICGyQwDQYJKoZIhvcNAQEFBQAwWjELMAkGA1UEBhMCU0ExDTALBgNVBAoTBFNBTUExGzAZBgNVBAsTElNBTUEgZVRydXN0IENlbnRlcjEfMB0GA1UEAxMWU0FNQSBTdGFnaW5nIFNoYXJlZCBDQTAeFw0wODA5MTYxMDUyNDJaFw0xMDA5MTYxMDUyMzdaMIGUMQswCQYDVQQGEwJTQTEoMCYGA1UEChMfTkNCQiAtIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuazEoMCYGA1UECxMfTkNCQiBXZWIgUmVnaXN0cmF0aW9uIEF1dGhvcml0eTELMAkGA1UECxMCSVQxJDAiBgNVBAMTG2UtZGhxLXMyMDF3ZWIuc2VjLnNlLmNvbS5zYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2JDBfb/o41YV7/JOBKa0H/zCIF6Szpn5oEEPjIu63UoD2t3uKZgL0pDpKTrl8hNgSfnbePsn9te0sqmstflIUV8OYv6VCUKIL6ZsxcZliFP7LTWcN7VHa5J80zwJpuZI0lSOTmssRfTczT5wbRiJuf/z/ZUsc9VvP7hMT93Vc0CAwEAAaOCAewwggHoMIIBPAYDVR0gBIIBMzCCAS8wggErBg0rBgEEAYGHHQEBBgUBMIIBGDCB1QYIKwYBBQUHAgIwgcgagcVUaGlzIGNlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3VlZCBieSBTQU1BIGVUcnVzdCBDZW50ZXIgb24gYmVoYWxmIG9mIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuayAoTkNCQikuIE5laXRoZXIgU0FNQSBub3IgTkNCQiBhY2NlcHQgYW55IGxpYWJpbGl0eSBmb3IgYW55IGNsYWltIGV4ZXB0IGFzIGV4cHJlc3NseSBwcm92aWRlZCBpbiB0aGlzIENQLjABggrBgEFBQcCARYyaHR0cDovL3d3dy5lVHJ1c3RjZW50ZXIuY29tLnNhL2RvY3Mvcm9vdGNhX2Nwcy5wZGYwMAYIKwYBBQUHAQEEJDAiMCAGCCsGAQUFBzABhhRodHRwOi8vMTAuMTMxLjEuNjo4MDALBgNVHQ8EBAMCA7gwJwYDVR0lBCAwHgYIKwYBBQUHAwQGCCsGAQUFBwMHBggrBgEFBQcDATAfBgNVHSMEGDAWgBSgYJsSh4qnwzTjhepPMHVJj9ncDAdBgNVHQ4EFgQUXWMeLP/opd8VqdnCf/xSX0/dD8wDQYJKoZIhvcNAQEFBQADggEBAJ2Pjv0V8ke9Vxe4FAOVJ7Hi67STUnad6gIIeT2wTUYwZD9dFf2g4NJnqJ2SF3Q9QKw5rBofU1SjuFw11hnQ3G3UK6Erkn7klS0/vVrAEAg55nzDhYPU3uZyVoobJmtLgNk507U7qkIL86p8tPCDlZoN23od1RG8uAP4K3TyiYgFozVA9tUIUGDDFbqOSACZ6tSrXDzHTfmA2l7zz4tizi/yX57SLjg3kIXKWfwo3nOEJm9xGL/4PyxaXQlNsd3srBrYl9/L78563ExKJ0UvnqKTjvuhRIsm3+E9eFhYAq1Wd/xBIXKPZEK8VwcrEQJqBnEi/2RL0jDULYMR8=</wsse:BinarySecurityToken>
    <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-6" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIE1TCCA72gAwIBAgICGyQwDQYJKoZIhvcNAQEFBQAwWjELMAkGA1UEBhMCU0ExDTALBgNVBAoTBFNBTUExGzAZBgNVBAsTElNBTUEgZVRydXN0IENlbnRlcjEfMB0GA1UEAxMWU0FNQSBTdGFnaW5nIFNoYXJlZCBDQTAeFw0wODA5MTYxMDUyNDJaFw0xMDA5MTYxMDUyMzdaMIGUMQswCQYDVQQGEwJTQTEoMCYGA1UEChMfTkNCQiAtIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuazEoMCYGA1UECxMfTkNCQiBXZWIgUmVnaXN0cmF0aW9uIEF1dGhvcml0eTELMAkGA1UECxMCSVQxJDAiBgNVBAMTG2UtZGhxLXMyMDF3ZWIuc2VjLnNlLmNvbS5zYTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2JDBfb/o41YV7/JOBKa0H/zCIF6Szpn5oEEPjIu63UoD2t3uKZgL0pDpKTrl8hNgSfnbePsn9te0sqmstflIUV8OYv6VCUKIL6ZsxcZliFP7LTWcN7VHa5J80zwJpuZI0lSOTmssRfTczT5wbRiJuf/z/ZUsc9VvP7hMT93Vc0CAwEAAaOCAewwggHoMIIBPAYDVR0gBIIBMzCCAS8wggErBg0rBgEEAYGHHQEBBgUBMIIBGDCB1QYIKwYBBQUHAgIwgcgagcVUaGlzIGNlcnRpZmljYXRlIGhhcyBiZWVuIGlzc3VlZCBieSBTQU1BIGVUcnVzdCBDZW50ZXIgb24gYmVoYWxmIG9mIE5hdGlvbmFsIENvbW1lcmNpYWwgQmFuayAoTkNCQikuIE5laXRoZXIgU0FNQSBub3IgTkNCQiBhY2NlcHQgYW55IGxpYWJpbGl0eSBmb3IgYW55IGNsYWltIGV4ZXB0IGFzIGV4cHJlc3NseSBwcm92aWRlZCBpbiB0aGlzIENQLjABggrBgEFBQcCARYyaHR0cDovL3d3dy5lVHJ1c3RjZW50ZXIuY29tLnNhL2RvY3Mvcm9vdGNhX2Nwcy5wZGYwMAYIKwYBBQUHAQEEJDAiMCAGCCsGAQUFBzABhhRodHRwOi8vMTAuMTMxLjEuNjo4MDALBgNVHQ8EBAMCA7gwJwYDVR0lBCAwHgYIKwYBBQUHAwQGCCsGAQUFBwMHBggrBgEFBQcDATAfBgNVHSMEGDAWgBSgYJsSh4qnwzTjhepPMHVJj9ncDAdBgNVHQ4EFgQUXWMeLP/opd8VqdnCf/xSX0/dD8wDQYJKoZIhvcNAQEFBQADggEBAJ2Pjv0V8ke9Vxe4FAOVJ7Hi67STUnad6gIIeT2wTUYwZD9dFf2g4NJnqJ2SF3Q9QKw5rBofU1SjuFw11hnQ3G3UK6Erkn7klS0/vVrAEAg55nzDhYPU3uZyVoobJmtLgNk507U7qkIL86p8tPCDlZoN23od1RG8uAP4K3TyiYgFozVA9tUIUGDDFbqOSACZ6tSrXDzHTfmA2l7zz4tizi/yX57SLjg3kIXKWfwo3nOEJm9xGL/4PyxaXQlNsd3srBrYl9/L78563ExKJ0UvnqKTjvuhRIsm3+E9eFhYAq1Wd/xBIXKPZEK8VwcrEQJqBnEi/2RL0jDULYMR8=</wsse:BinarySecurityToken>
    </wsse:Security>
    </SOAP:Header>
  - <SOAP:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-body-eed81bc0-2818-11de-cc6a-000e0cf559d1">
  - <ns0:MasterData xmlns:ns0="http://s24dh043/SA2SEC/WSD/SATOSEC">
  - <MasterData_Input>
    <PARTNER_ID>XYZ</PARTNER_ID>
    </MasterData_Input>
    </ns0:MasterData>
    </SOAP:Body>
    </SOAP:Envelope>
  In the above soap envelope tag "BinarySecurityToken" repeated thrice. So is it the standard method or I am missing any configuration. Becacuse our partner(webmethods) understands only one occurance of "BinarySecurityToken" in soap message.
  Edited by: Santhosh on Apr 13, 2009 1:42 PM

  Hi ,
  Just a few pointers:
  "Element caching should not be used at the top levels of an XML document by a generic encoder, since it is
  unlikely that the full document would be repeated. With SOAP, it is typically wise to start element caching at the
  third level, i.e. leave Envelope and Body alone. Of course, if the encoder has more knowledge of the messages
  sent, going further up may pay off."
  regards
  joel

• WSM Sign Message - BinarySecurityToken ordering in Soap message

  Hi,
  We are trying to send X509 signed messages to a remote client who is using WSE 3.0. WSM is using a Reference URI in SecurtiyTokenReference which relates to a BinarySecurityToken. Currently the BinarySecurityToken follows the SecurityTokenReference in the SOAP message we are sending. The 3rd party has asked we ensure the BST comes first in SOAP:
  Has anybody come accross this before or have any suggestions for OWSM on how to make this happen?
  *{color:#ff0000}Currently:{color}*
  &lt;?xml version="1.0" encoding="UTF-8" ?&gt;
  &lt;soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
  &lt;soap:Header&gt;
  &lt;wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1"&gt;
  &lt;dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"&gt;
  &lt;dsig:SignedInfo&gt;
  &lt;dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /&gt;
  &lt;dsig:Reference URI="#_1wUgSgZOxWwla32XNs9alA22"&gt;
  &lt;dsig:Transforms&gt;
  &lt;dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;/dsig:Transforms&gt;
  &lt;dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /&gt;
  &lt;dsig:DigestValue&gt;it3C2jxQsyJg3cu4lJw1bi1yE50=&lt;/dsig:DigestValue&gt;
  &lt;/dsig:Reference&gt;
  &lt;dsig:Reference URI="#_FZT6dshZtCCekjthPWe1BQ22"&gt;
  &lt;dsig:Transforms&gt;
  &lt;dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;/dsig:Transforms&gt;
  &lt;dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /&gt;
  &lt;dsig:DigestValue&gt;KRsvU/IqWlCPd8ywrmO3EAg5TTg=&lt;/dsig:DigestValue&gt;
  &lt;/dsig:Reference&gt;
  &lt;/dsig:SignedInfo&gt;
  &lt;dsig:SignatureValue&gt;KW8qS+50jy8CQeH9dfZCOAT0yWIUJpRysEOG+yucD6wj7VgRA8VXQLkn9yuG+G85ndVXyydCDrFyapJNL8MyEa3XI/oYWaB2Q2OFCg+ctxm7wbkwN+Wgdh/nxOp9Wls447wxfwiBF9N8XIWmGwyKa103rixazzIf1l1vny7cw+M=&lt;/dsig:SignatureValue&gt;
  {color:#ff0000}&lt;dsig:KeyInfo&gt;
  &lt;wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"&gt;
  &lt;wsse:Reference URI="#BST-1PYIu9y1RAUXT74Pde0XvQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /&gt;
  &lt;/wsse:SecurityTokenReference&gt;
  &lt;/dsig:KeyInfo&gt;
  &lt;/dsig:Signature&gt;
  &lt;wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-1PYIu9y1RAUXT74Pde0XvQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"&gt;*token in here+*&lt;/wsse:BinarySecurityToken&gt;{color}
  Should be:
  &lt;?xml version="1.0" encoding="UTF-8" ?&gt;
  &lt;soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"&gt;
  &lt;soap:Header&gt;
  &lt;wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soap:mustUnderstand="1"&gt;
  &lt;dsig:Signature xmlns="http://www.w3.org/2000/09/xmldsig#" xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"&gt;
  &lt;dsig:SignedInfo&gt;
  &lt;dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /&gt;
  &lt;dsig:Reference URI="#_1wUgSgZOxWwla32XNs9alA22"&gt;
  &lt;dsig:Transforms&gt;
  &lt;dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;/dsig:Transforms&gt;
  &lt;dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /&gt;
  &lt;dsig:DigestValue&gt;it3C2jxQsyJg3cu4lJw1bi1yE50=&lt;/dsig:DigestValue&gt;
  &lt;/dsig:Reference&gt;
  &lt;dsig:Reference URI="#_FZT6dshZtCCekjthPWe1BQ22"&gt;
  &lt;dsig:Transforms&gt;
  &lt;dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /&gt;
  &lt;/dsig:Transforms&gt;
  &lt;dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /&gt;
  &lt;dsig:DigestValue&gt;KRsvU/IqWlCPd8ywrmO3EAg5TTg=&lt;/dsig:DigestValue&gt;
  &lt;/dsig:Reference&gt;
  &lt;/dsig:SignedInfo&gt;
  &lt;dsig:SignatureValue&gt;KW8qS+50jy8CQeH9dfZCOAT0yWIUJpRysEOG+yucD6wj7VgRA8VXQLkn9yuG+G85ndVXyydCDrFyapJNL8MyEa3XI/oYWaB2Q2OFCg+ctxm7wbkwN+Wgdh/nxOp9Wls447wxfwiBF9N8XIWmGwyKa103rixazzIf1l1vny7cw+M=&lt;/dsig:SignatureValue&gt;
  {color:#ff0000}&lt;wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="BST-1PYIu9y1RAUXT74Pde0XvQ22" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"&gt;*token in here+*&lt;/wsse:BinarySecurityToken&gt;
  &lt;dsig:KeyInfo&gt;
  &lt;wsse:SecurityTokenReference xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"&gt;
  &lt;wsse:Reference URI="#BST-1PYIu9y1RAUXT74Pde0XvQ22" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /&gt;
  &lt;/wsse:SecurityTokenReference&gt;
  &lt;/dsig:KeyInfo&gt;
  &lt;/dsig:Signature&gt;{color}

  This is registered as BUG 8359856 with Oracle Support.

• "Consumer Fault tracking - Error notification" whe...

  I have been trying to track a fault online for 48 hours and every time I try, I get this error message:
  "Consumer Fault tracking - Error notification
  Sorry we cant complete your request at the moment due to technical error. Please try again"
  I am trying to track this fault on behalf of my elderly parents who are without landline and internet and cannot afford to make 0800 calls on their PAYG mobile.
  They live in a remote location and need to know when their service will be restored.
  How do I find out?

  It s very strange you are having this problem I have myself rechecked the site this morning and still have no problems logging in to the site all I can currently suggest is calling from another phone or 
  I suggest you contact the forum mods they should be able to get this problem sorted for you this is a link to them http://bt.custhelp.com/app/contact_email/c/4951
  They normally reply by email or phone directly to you within 3 working days they will take personal ownership of your problem until resolved and will keep you informed of progress
  They are a UK based BT specialist team who have a good record at getting problems solved
  This is a customer to customer self help forum the only BT presence here are the forum moderators
  If you want to say thanks for a helpful answer,please click on the Ratings star on the left-hand side If the reply answers your question then please mark as ’Mark as Accepted Solution’

• SOAP adapter engine with system error, problem with fault message.

  HI,
  I have IDOC -> PI -> SOAP scenario.
  Idoc to PI is async. I have no problem in receiving the idoc in PI. The message mapping is carried out and sent to the adapter engine. I can also see the technical routing payload. It is sucessful at XML monitoring in SXMB_MONI.
  The error is at PI -> SOAP.
  I have wsdl provided by the receiver webservice. Which I have imported.
  And created a service interface against this wsdl. I tried changing it to both sync and async.
  I have also provided fault message.
  I have set a receiver soap communication channel and provided the target URL like "http://xxx/services" and soap
  action = processDocument. Also provided user id and password.
  I have a
  Sender Agreement
  Receiver determination
  Interface determination
  Receiver Agreement
  I check in RWB adapter engine, this message goes to system error. The error log is as shown at the bottom.
  When I see the message content, the SOap document shows me the details about IDOC, Instead I feel it should match
  with the wsdl, where they have specified the corresponding interface name and address location etc.Please correct me.
  How does the receiver know which service interface is it? The Service Interface which I created in the ER is
  different from the WSDL, Does this have to be same? I see that the soap document in the adapter engine has the
  Service interface name which I created in the  ER. Where in the document the Reciever interface name is sent?
  Where can I see the generated soap document for the receiver?
  Is there some setting/configuration required in PI for this to work?
  I tried using the tcpgw to see the error. If I dont provide the service interface name in the communication channel
  then I get the following error in the TCPGW. "The service cannot be found for the endpoint reference"
  When I provide the service interface name in the communication channel I get a valid fault message.
  Similarly
  When I use SOAPUI, I can see the fault exception being return. The adapter engine doesnot show an equivalent message
  instead it goes into system error as shown at the bottom. I guess this is expected, if so what is the work around? (I found this weblog /people/alessandro.guarneri/blog/2011/01/10/soap-fault-in-sap-pi-hijack-it, do I need to implement this? Or use ALEAUD?
  The fault message what I see in SOAPUI has the below format.
  <soapenv:Fault xmlns:axis2ns1="http://schemas.xmlsoap.org/soap/envelope/">
           <faultcode>axis2ns1:Server</faultcode>
           <faultstring>nested exception is: psdi.util.MXApplicationException: BMXAA7136E - Validation failed when the
                              database default values were set. See the associated message for more information.
             BMXAA4190E - Country NZ is not in the value list.</faultstring>
           <detail>
              <Exception>org.apache.axis2.AxisFault: nested exception is: psdi.util.MXApplicationException: BMXAA7136E
                        - Validation failed when the database default values were set. See the associated message for more information.
       BMXAA4190E - Country NZ is not in the value list.
              /Exception>
           </detail>
    </soapenv:Fault>
  And the fault message in my ER service interface is stanadard datatype ExchangeFaultData, which is different from
  the above. Is this the problem? Can I change the data type here to be the same as above?
  Audit log in the RWB adapter engine.
  Time Stamp Type Description
  30.09.2011 15:10:57 Information MP: processing local module Localejbs/sap.com/com.sap.aii.af.soapadapter/XISOAPAdapterBean
  30.09.2011 15:10:57 Information SOAP: request message entering the adapter with user J2EE_GUEST
  30.09.2011 15:10:57 Information SOAP: completed the processing
  30.09.2011 15:10:57 Information SOAP: sending a delivery error ack ...
  30.09.2011 15:10:57 Information SOAP: sent a delivery error ack
  30.09.2011 15:10:57 Error MP: exception caught with cause
  com.sap.engine.interfaces.messaging.api.exception.MessagingException
  30.09.2011 15:10:57 Error Adapter Framework caught exception: null
  30.09.2011 15:10:57 Error Delivering the message to the application using connection
  SOAP_http://sap.com/xi/XI/System failed, due to:
  com.sap.engine.interfaces.messaging.api.exception.MessagingException.
  30.09.2011 15:10:57 Information The message status was set to WAIT.
  30.09.2011 15:10:57 Information The asynchronous message was successfully scheduled to be delivered at Fri Sep 30
  15:15:57 NZDT 2011.

  I tried changing it to both sync and async.
  I have also provided fault message.
  dont feel that you need to do above steps.
  I have a
  Sender Agreement
  ideally you dont need a sender agreement (and a channel) for IDOC --> PI flow.
  When I see the message content, the SOap document shows me the details about IDOC
  this is fine...you may see fields as seen in EDI_DC40 of the IDOC...
  How does the receiver know which service interface is it?
  receiver need not know about the SI created in PI.
  The Service Interface which I created in the ER is
  different from the WSDL, Does this have to be same?
  you should the WSDL (external definition) as the Request Message in your service interface.
  Is there some setting/configuration required in PI for this to work?
  nothing specific...AFAIK
  I have set a receiver soap communication channel and provided the target URL like "http://xxx/services" and soap action
  can you open the URL from Internet explorer...from your machine or from the machine which is in the same network as your PI server?
  Things to check:
  WSDL structure in PI and in target system is exactly the same.
  does the target system require mesage in SOAP format (SOAP envelope - SOAP Header + SOAP body)?
  target system is up and running?

• OWSM SAML Verify step problem: Missing Security Header in SOAP message

  I'm having a problem with SAML steps. From gateway log:
  2008-09-17 13:21:32,987 INFO [HTTPThreadGroup-58] saml.InsertSAMLSVStep - User attributes map set to generate the attribute assertions: null
  2008-09-17 13:21:33,034 INFO [HTTPThreadGroup-60] saml.SAMLProcessor - Assertion Major Version :1 , Minor Version :1
  2008-09-17 13:21:33,034 WARNING [HTTPThreadGroup-60] saml.SAMLProcessor - SAML Assertion verification error: An invalid token was provided
  2008-09-17 13:21:33,034 WARNING [HTTPThreadGroup-60] saml.VerifySAMLStep - SAML Token verification failed:
  2008-09-17 13:21:33,096 SEVERE [HTTPThreadGroup-58] wssecurity.OSDTWSSecurity - Missing Security Header in SOAP message
  2008-09-17 13:21:33,096 WARNING [HTTPThreadGroup-58] wssecurity.SecurityBaseStep - Failure while applying XML Security
  FAULT CODE: InvalidSecurity FAULT MESSAGE: Missing WS Security header in the SOAP message
  at com.cfluent.policysteps.security.wssecurity.OSDTWSSecurity.decryptVerify(OSDTWSSecurity.java:369)
  at com.cfluent.policysteps.security.wssecurity.DecryptStep.performXmlSecurity(DecryptStep.java:131)
  at com.cfluent.policysteps.security.wssecurity.SecurityBaseStep.execute(SecurityBaseStep.java:238)
  at com.cfluent.pipelineengine.container.DefaultPipeline.executeStep(DefaultPipeline.java:124)
  but the wsse:Security header with SAML assertion IS confirmed in the incoming message log. Anybody seen this issue?

  Below is the log of the incoming message just prior to the failing SAML Verify step:
  <?xml version="1.0" encoding="UTF-8" ?>
  - <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:ns0="http://exception.common.periop.gehc.com" xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:ns2="http://www.patient.patientmanager.periop.gehc.com/service/" xmlns:ns3="http://entity.common.periop.gehc.com" xmlns:ns4="http://entity.patient.patientmanager.periop.gehc.com" xmlns:ns5="http://entity.allergy.patientmanager.periop.gehc.com" xmlns:ns6="http://pdo.domain.customizer.periop.gehc.com" xmlns:ns7="http://entity.cases.scheduler.periop.gehc.com" xmlns:ns8="http://entity.insurance.patientmanager.periop.gehc.com">
  - <env:Header>
  - <ns1:Security>
  - <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="158RBY2QvCFPiTqdXYWh9A22" IssueInstant="2008-09-17T19:58:43Z" Issuer="GE" xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion">
  <saml:Conditions NotBefore="2008-09-17T19:58:13Z" NotOnOrAfter="2008-09-17T19:59:43Z" />
  - <saml:AuthenticationStatement AuthenticationInstant="2008-09-17T19:58:43Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
  - <saml:Subject>
  <saml:NameIdentifier NameQualifier="www.ge.com" Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified">gowri</saml:NameIdentifier>
  - <saml:SubjectConfirmation>
  <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod>
  </saml:SubjectConfirmation>
  </saml:Subject>
  </saml:AuthenticationStatement>
  </saml:Assertion>
  </ns1:Security>
  </env:Header>
  - <env:Body>
  - <ns2:getPatient>
  <ns2:patientId>137115</ns2:patientId>
  </ns2:getPatient>
  </env:Body>
  </env:Envelope>

• Error while posting SOAP message

  I am trying to post a SOAP message but I keep getting this error. Can anybody help me on this. I tried using ALTOVA spy and SOAP Ui but the result is the same error.
       <SOAP:Body>
            <SOAP:Fault>
                 <faultcode>SOAP:Server</faultcode>
                 <faultstring>Server Error</faultstring>
                 <detail>
                      <s:SystemError xmlns:s="http://sap.com/xi/WebService/xi2.0">
                           <context>XIAdapter</context>
                           <code>ADAPTER.JAVA_EXCEPTION</code>
                           <text><![CDATA[
  com.sap.aii.af.service.cpa.CPAObjectNotFoundException: Couldn't retrieve binding for the given channelId: Binding:CID=null;
  *     at com.sap.aii.af.service.cpa.impl.lookup.AbstractLookupManager.getBindingByChannelId*(AbstractLookupManager.java:173)
       at com.sap.aii.adapter.soap.web.MessageServlet.doPost(MessageServlet.java:431)
  Scenario is SOAP Sender and IDOC reciever.

  I tried reconfiguring also.
  When I test from Integration Engine in RWB using the test message it is sucsseful. Infact I can see the IDOC too.
  But when the basis guy tested with Adapter engine in RWB using the test tool, it gives the following error:
  Error While Sending Message: Additional error text from response: com.sap.engine.interfaces.messaging.api.exception.ConfigException: ConfigException in XI protocol handler. Failed to determine a receiver agreement for the given message. Root cause: com.sap.aii.af.service.cpa.CPAObjectNotFoundException: Couldn't retrieve outbound binding for the given P/S/A values: FP=;TP=;FS=BusComp_Siebel1;TS=;AN=SI_Sales_Order_OB_Async;ANS=http://trm.com:o2b:SalesOrderCreate; in the current context [Unknown].
  Any idea where is the problem.
  When we tried the WSN step we are facing this error in the very first step.
  WSDL1.1, WSDL 2.0 definition element expected. Found [html: null] .
  Edited by: Chandra Gunapati on Oct 7, 2009 10:00 PM

• Need better info on error when sending a SOAP message - logger ALL

  Hi all!
  I am calling a UCM content server CheckIn WS from JDeveloper 11g 1.1.1.1.0 (jspx). I've used the WS Data Control and a WSDL for this, and have most of it down besided the CustomMetaData part.
  I need to pass in a value for one of the custom metadata fields and when i try to override the parameters of the operation to include it, i get this error - i doubt that this is all the info i get.
  I've tried setting the logger.xml levels to ALL (C:\oracle\Middleware\jdeveloper\modules\oracle.odl_11.1.1\server_config\logging.xml) - nothing changed.
  Sep 25, 2009 6:45:58 AM org.apache.myfaces.trinidadinternal.config.upload.UploadRequestWrapper setCharacterEncoding
  WARNING: Unable to set request character encoding to windows-1252, because request parameters have already been read.
  Sep 25, 2009 6:45:58 AM org.apache.myfaces.trinidadinternal.config.upload.UploadRequestWrapper setCharacterEncoding
  WARNING: Unable to set request character encoding to windows-1252, because request parameters have already been read.
  Sep 25, 2009 6:45:58 AM oracle.adf.controller.faces.lifecycle.FacesPageLifecycle addMessage
  WARNING: ADF: Adding the following JSF error message: Encountered an internal error creating the SOAP request for the operation.
  oracle.adf.model.adapter.AdapterException: DCA-40008: Encountered an internal error creating the SOAP request for the operation.
       at oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider.setParameters(SOAPProvider.java:656)
       at oracle.adfinternal.model.adapter.webservice.provider.soap.SOAPProvider.execute(SOAPProvider.java:302)
       at oracle.adfinternal.model.adapter.webservice.WSDataControl.invokeOperation(WSDataControl.java:251)
       at oracle.adf.model.bean.DCBeanDataControl.invokeMethod(DCBeanDataControl.java:427)
       at oracle.adf.model.binding.DCInvokeMethod.callMethod(DCInvokeMethod.java:256)
       at oracle.jbo.uicli.binding.JUCtrlActionBinding.doIt(JUCtrlActionBinding.java:1437)
       at oracle.adf.model.binding.DCDataControl.invokeOperation(DCDataControl.java:2120)
       at oracle.adf.model.bean.DCBeanDataControl.invokeOperation(DCBeanDataControl.java:464)
       at oracle.adf.model.adapter.AdapterDCService.invokeOperation(AdapterDCService.java:307)
       at oracle.jbo.uicli.binding.JUCtrlActionBinding.invoke(JUCtrlActionBinding.java:693)
       at oracle.adf.controller.v2.lifecycle.PageLifecycleImpl.executeEvent(PageLifecycleImpl.java:394)
       at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding._execute(FacesCtrlActionBinding.java:217)
       at oracle.adfinternal.view.faces.model.binding.FacesCtrlActionBinding.execute(FacesCtrlActionBinding.java:201)
       at view.backing.CheckIn.cb1_action(CheckIn.java:209)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:597)
       at com.sun.el.parser.AstValue.invoke(AstValue.java:157)
       at com.sun.el.MethodExpressionImpl.invoke(MethodExpressionImpl.java:283)
       at org.apache.myfaces.trinidad.component.MethodExpressionMethodBinding.invoke(MethodExpressionMethodBinding.java:46)
       at com.sun.faces.application.ActionListenerImpl.processAction(ActionListenerImpl.java:102)
       at org.apache.myfaces.trinidad.component.UIXCommand.broadcast(UIXCommand.java:190)
       at javax.faces.component.UIViewRoot.broadcastEvents(UIViewRoot.java:475)
       at javax.faces.component.UIViewRoot.processApplication(UIViewRoot.java:756)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._invokeApplication(LifecycleImpl.java:673)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:273)
       at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.execute(LifecycleImpl.java:165)
       at javax.faces.webapp.FacesServlet.service(FacesServlet.java:265)
       at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
       at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
       at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:292)
       at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:191)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:85)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
       at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:54)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:420)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:247)
       at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:157)
       at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.security.jps.wls.JpsWlsFilter$1.run(JpsWlsFilter.java:96)
       at java.security.AccessController.doPrivileged(Native Method)
       at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
       at oracle.security.jps.wls.util.JpsWlsUtil.runJaasMode(JpsWlsUtil.java:146)
       at oracle.security.jps.wls.JpsWlsFilter.doFilter(JpsWlsFilter.java:140)
       at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:70)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:202)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
       at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
       at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3588)
       at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
       at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
       at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2200)
       at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2106)
       at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1428)
       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
       at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
  Here is my bean code:
  HashMap primaryFile = new HashMap();
  primaryFile.put("fileContent", bFile);
  primaryFile.put("fileName", uploadedFile.getFilename());
  operationBinding.getParamsMap().put("primaryFile", primaryFile);
  HashMap customMetadataPropertyRoom = new HashMap();
  customMetadataPropertyRoom.put("name", "xRoom");
  customMetadataPropertyRoom.put("value", "SOME ROOM!");
  HashMap customDocMetadata = new HashMap();
  customDocMetadata.put("property", customMetadataPropertyRoom);
  operationBinding.getParamsMap().put("CustomDocMetaData", customDocMetadata);
  The one with the fileContent and fileName works good since it's only one level deep, but it seems that i can't do the same logic with the 2 levels deep.
  *<CustomMetaData>*
  *<property>*
  <name>
  <value>
  </property>
  </CustomMetaData>
  Please help - i've did not get a minut of sleep and it's already 7 AM :((( It's not the first time i a having all nighters while doing JDeveloper...so little resources on line...
  I hope someone can help me out quickly since i am on a short deadline.
  Btw, i used the wizard and the wizard did not generate any stubs like the axis does, so i assume it's all integrated...

  Hi all!
  Just to post the solution to this if anyone ever runs accross this thread...
  For some reason i had it bad the first time, don't have time right now to see why but here is what worked for me:
  HashMap primaryFile = new HashMap();
  primaryFile.put("fileContent", bFile);
  primaryFile.put("fileName", uploadedFile.getFilename());
  operationBinding.getParamsMap().put("primaryFile", primaryFile);
  HashMap customDocMetadata = new HashMap();
  HashMap [] properties = new HashMap[1];
  HashMap customMetadataPropertyRoom = new HashMap();
  customMetadataPropertyRoom.put("name", "xRoom");
  customMetadataPropertyRoom.put("value", "SOME ROOM");
  properties[0] = customMetadataPropertyRoom;
  customDocMetadata.put("property", properties);
  operationBinding.getParamsMap().put("CustomDocMetaData", customDocMetadata);
  Basically an unbounded wsdl type is an array of objects (HashMaps), makes sense, i thought i had it like this before, must have messed up somewhere...
  Good luck all!

• SAAJServet error when sending a SOAP message on 10.1.2

  Hi,
  We have deployed a server application in OC4J 10.1.2 with a servlet listening for SOAP messages (SAAJ 1.2). If we use Standalone OC4J with SSL enabled and HTTPS communication between client app and server, it works fine, but when we move it to an Application Server environment where client goes HTTPS to the frontend HTTP_Server and then AJP to the OC4J, the following exception appears on the application.log:
  07/03/27 17:48:36 application/gpm-0.1: Servlet error
  javax.servlet.ServletException: SAAJ POST failed Unable to internalize message
  at com.sun.xml.messaging.soap.server.SAAJServlet.doPost(SAAJServlet.java:212)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:760)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.ResourceFilterChain.doFilter(ResourceFilterChain.java:65)
  at oracle.security.jazn.oc4j.JAZNFilter.doFilter(Unknown Source)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.ServletRequestDispatcher.invoke(ServletRequestDispatcher.java:663)
  at com.evermind[Oracle Application Server Containers for J2EE 10g (10.1.2.0.2)].server.http.ServletRequestDispatcher.forwardInternal(ServletRequestDispatcher.java:330)
  at com.evermind
  Any ideas what can go wrong here, or where else to look?
  Message was edited by:
  [email protected]

  The standalone OC4J is 10.1.3, sorry. Nevertheless, we include all the libraries we use (saaj and dependencies) in the appliaction .ear archive that we deploy in both environments. May be a configuration issue?

• PI 7.0 SOAP message reply HTTP 500 and after the fault message

  Hello Everybody,
  I have the scenario RFC -> XI -> SOAP in synchronous mode.
  I use for the mapping XSLT because I have to put some dynamic data comming from the RFC in the header of envelope.
  At level of adapter receiver SOAP , I flag the "do not use envelop"
  In normal, that works .
  When the is an fonctionnal error in SOAP service, it sends me back an error HTTP 500 and afterwards the fault message in a soap envelop format. In that case, how can I pass over this error to treat the envelop because in adapter, it is stopped and it returns a short dump to the RFC.
  Is there somebody who can help me with this problem ?
  Thanks in adavance for your answers .
  Regards.
  Eric.

  Hi,
  In case of a SOAP error while processing the request, the SOAP HTTP server MUST issue an HTTP 500 "Internal Server Error" response and include a SOAP message in the response containing a SOAP Fault element
  Thanks,
  RamuV