Skip to Main Content
Forums

Oracle Database Discussions

Announcement

For appeals, questions and feedback about Oracle Forums, please email oracle-forums-moderators_us@oracle.com. Technical questions should be asked in the appropriate category. Thank you!

Interested in getting your voice heard by members of the Developer Marketing team at Oracle? Check out this post for AppDev or this post for AI focus group information.

Security Data : No WS-Security Header - UTL_HTTP for HTTPS calls -Oracle 9i

Rich VNov 20 2010 — edited Nov 20 2010
Hello,

I have a SOAP requests to transmitt a on the fly parsed XML file to UTL_HTTP to connect to a SSL connection. Oracle Wallet is installed and connectivity is working as expected. However, in the SOAP response I am getting
Security Data : No WS-Security Header I am not sure what I am missing? How can I resolve this error?

Below is the SOAP response that shows this error.
 <?xml version="1.0" encoding="utf-8" ?> 
- <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
- <soap:Header>
- <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
- <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-17449452">
  <wsu:Created>2010-11-20T05:03:40.568Z</wsu:Created> 
  </wsu:Timestamp>
  </wsse:Security>
  </soap:Header>
- <soap:Body>
- <soap:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:c="urn:schemas-asource-com:transaction-data-1.0">
  <faultcode>wsse:InvalidSecurity</faultcode> 
  <faultstring>Security Data : No WS-Security Header</faultstring> 
  </soap:Fault>
  </soap:Body>
  </soap:Envelope>
Below is my compete code that generated above response.
BEGIN
         soap_request :=
               '<?xml version="1.0" encoding="utf-8"?>
                   <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns1="urn:schemas-asource-com:transaction-data-1.31">
<SOAP-ENV:Header xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-
secext-1.0.xsd">
<wsse:Security SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>NPCOMMERCE_DEV</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wssusername-
token-profile-1.0#PasswordText">Il/vJa0jat7929f8xxklPjYZIMy5eBCqBMILeGaC+E/1NfIWv+I2KfgghlhkSOaN6rme70OQHEo3e4LJMlWvfC7UfYaN9bqyQwYACmrDFpoiQYCOS+XLnRshhLHMio5VY4+P3C/25tCEH4lBAMRjP1LmjIvZI/h4YJ/65x8OQrqO7tdggZ/KAgvOiNc1GSU+NhkgzLl4EKoEwgt4ZoL4T/U18ha/4jYp+CCGWGRI5o3quZ7vQ5AcSjd7gskyVa98LtR9ho31urJDBgAKasMWmiJBgI5L5cudGyGEscyKjlVjj4/cL/bm0IQfiUEAxGM/UuaMi9kj+Hhgn/rnHw5Cug==</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>'
            || '<SOAP-ENV:Body>'
            || '<ns1:requestMessage>'
            || '<ns1:merchantID>'
            || 'ACOMM_DEV'
            || '</ns1:merchantID>'
            || '<ns1:merchantReferenceCode>'
            || lv_sequence
            || '</ns1:merchantReferenceCode>'
            || '<ns1:billTo>'
            || '<ns1:firstName>'
            || p_cc_holder_name_first
            || '</ns1:firstName>'
            || '<ns1:lastName>'
            || p_cc_holder_name_last
            || '</ns1:lastName>'
            || '<ns1:street1>'
            || 'XXX Charleston Road'
            || '</ns1:street1>'
            || '<ns1:city>'
            || 'Mountain View'
            || '</ns1:city>'
            || '<ns1:state>'
            || 'CA'
            || '</ns1:state>'
            || '<ns1:postalCode>'
            || '94043'
            || '</ns1:postalCode>'
            || '<ns1:country>'
            || 'US'
            || '</ns1:country>'
            || '<ns1:email>'
            || 'null@asource.com'
            || '</ns1:email>'
            || '</ns1:billTo>'
            || '<ns1:item id="0">'
            || '<ns1:unitPrice>'
            || 12.34
            || '</ns1:unitPrice>'
            || '<ns1:quantity>'
            || 2
            || '</ns1:quantity>'
            || '</ns1:item>'
            || '<ns1:purchaseTotals>'
            || '<ns1:currency>'
            || 'USD'
            || '</ns1:currency>'
            || '</ns1:purchaseTotals>'
            || '<ns1:card>'
            || '<ns1:accountNumber>'
            || 111111111111111
            || '</ns1:accountNumber>'
            || '<ns1:expirationMonth>'
            || 12
            || '</ns1:expirationMonth>'
            || '<ns1:expirationYear>'
            || 2020
            || '</ns1:expirationYear>'
            || '</ns1:card>'
            || '<ns1:ccAuthService run="true"/>'
            || '</ns1:requestMessage>'
            || '</SOAP-ENV:Body>'
            || '</SOAP-ENV:Envelope>';
      EXCEPTION
         WHEN OTHERS
         THEN
            errx := SQLERRM;
            raise_application_error (-20003, errx);
      END;

      BEGIN
         UTL_HTTP.set_wallet
                            ('file:/p01/oracle/prj1db/9.2.0/appsutil/wallet',
                             'p4ssword'
                            );
      EXCEPTION
         WHEN OTHERS
         THEN
            errx := SQLERRM;
            raise_application_error (-20004, errx);
      END;

      BEGIN
         http_req :=
            UTL_HTTP.begin_request ('https://rvcotest.ss.com/commerce/999/tProcessor',
                                    'POST',
                                    'HTTP/1.1'
                                   );
      EXCEPTION
         WHEN OTHERS
         THEN
            errx := SQLERRM;
            raise_application_error (-20005, errx);
      END;

      BEGIN
         UTL_HTTP.set_header (http_req, 'Content-Type', 'text/xml');
         UTL_HTTP.set_header (http_req,
                              'Content-Length',
                              LENGTH (soap_request)
                             );
         UTL_HTTP.set_header (http_req,
                              'SOAPAction',
                              'xmlns="urn:rvcotest.ss.com/commerce/999/tProcessor"'
                             );
      EXCEPTION
         WHEN OTHERS
         THEN
            errx := SQLERRM;
            raise_application_error (-20006, errx);
      END;

      BEGIN
         UTL_HTTP.write_text (http_req, soap_request);
         http_resp := UTL_HTTP.get_response (http_req);
         UTL_HTTP.read_text (http_resp, soap_respond);
         UTL_HTTP.end_response (http_resp);
      EXCEPTION
         WHEN UTL_HTTP.end_of_body
         THEN
            UTL_HTTP.end_response (http_resp);
         WHEN OTHERS
         THEN
            errx := SQLERRM;
            raise_application_error (-20007, errx);
      END;

Comments

Fahd.Mirza
Hi,
Check this doc ID 825843.1 at the MOS.
Rich V
Thank you Fahd for quick response.

I have gone through the note. So, it seems that I have to put a Header tag with username and password. But such tag definitions do not exist neither in my WSDL nor in my XSD that gets validation on destination server. In that case what do I do? :(

-R
1 - 2
Locked Post
New comments cannot be posted to this locked post.

Post Details

Locked on Dec 18 2010
Added on Nov 20 2010
#general-database-discussions
2 comments
991 views