1 Reply Latest reply on May 20, 2013 9:25 PM by Alan-652261-Oracle

    InvalidSecurity Error while accessing Webservice


      I am getting an "*InvalidSecurity*" error while accessing webservice.

      Below is the error, which I got while invoking the webservice :

      <faultstring>InvalidSecurity : error in processing the WS-Security security header</faultstring>


      Edited by: 1005832 on May 14, 2013 6:16 AM
        • 1. Re: InvalidSecurity Error while accessing Webservice
          The error was generated on the endpoint and indicates that the SOAP request message had incorrect WS-Security information in its headers. The SOAP response message you included doesn't contain specific information about what is wrong (we wouldn't want to reveal too much to hackers, of course!).

          Without seeing the SOAP request message and the WS-SecurityPolicy that the endpoint requires, it's impossible to tell what's wrong.
          Other important information:
          - what version of WLS are you running?
          - is the endpoint a WLS JAX-WS or a WLS JAX-RPC web service?
          - is WS-Security configured using native WLS WS-Security (e.g. @Policy) or using OWSM WS-Security (i.e. @SecurityPolicy)?
          - what specific policy is being used to enforce security at the endpoint (the advertised WSDL for the endpoint should contain this)