Friday, July 1, 2016

OSB authentication error message with oracle/wss_username_token_service_policy

You can attach the oracle/wss_username_token_service_policy OWSM policy to an OSB proxy service to enforce authentication.

If authentication fails, the caller will receive the following exception:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Body>
      <soapenv:Fault>
         <faultcode>soapenv:Server</faultcode>
         <faultstring>BEA-386200: General web service security error</faultstring>
         <detail>
            <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
               <con:errorCode>BEA-386200</con:errorCode>
               <con:reason>General web service security error</con:reason>
               <con:location>
                  <con:path>request-pipeline</con:path>
               </con:location>
            </con:fault>
         </detail>
      </soapenv:Fault>
   </soapenv:Body>
</soapenv:Envelope>

The osb_server1-diagnostic.log file show the following entries:
[2016-06-22T11:18:37.668-04:00] [gateway_server1] [ERROR] [WSM-00069] [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 01d0797cabcbcd11:74991fef:15399c6a040:-8000-000000000004b0d9,0] [APP: XBus Kernel] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] The security header is missing. Ensure that there is a valid security policy attached at the client side, and the policy is enabled. 
[2016-06-22T11:18:37.669-04:00] [gateway_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [tid: [ACTIVE].ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 01d0797cabcbcd11:74991fef:15399c6a040:-8000-000000000004b0d9,0] [APP: XBus Kernel] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00069 : The security header is missing. Ensure that there is a valid security policy attached at the client side, and the policy is enabled.. 
[2016-06-22T11:18:37.669-04:00] [gateway_server1] [ERROR] [WSM-07607] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 01d0797cabcbcd11:74991fef:15399c6a040:-8000-000000000004b0d9,0] [APP: XBus Kernel] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenScenarioExecutor. 
[2016-06-22T11:18:37.669-04:00] [gateway_server1] [ERROR] [WSM-07602] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 01d0797cabcbcd11:74991fef:15399c6a040:-8000-000000000004b0d9,0] [APP: XBus Kernel] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] Failure in WS-Policy Execution due to exception. 
[2016-06-22T11:18:37.669-04:00] [gateway_server1] [ERROR] [WSM-07501] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '15' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 01d0797cabcbcd11:74991fef:15399c6a040:-8000-000000000004b0d9,0] [APP: XBus Kernel] [WSM_POLICY_NAME: oracle/wss_username_token_service_policy] Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=XBus Kernel, composite=null, modelObj=bpelprocess1_client_ep, policy=oracle/wss_username_token_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token.


Applicable Versions:
  • Oracle Service Bus (OSB) 11g





No comments: