1 Reply Latest reply on Oct 12, 2012 12:50 AM by 808842

    "error in processing the WS-Security security header" - calling ws OIPM

    803071
      Hi All,

      We are trying to integrate Ebiz and OIPM, when we send request from ebiz to AxfSolutionMediatorService WebService we are getting below error

      InvalidSecurity : error in processing the WS-Security security header

      <ns2:exception xmlns:ns2="http://jax-ws.dev.java.net/" class="javax.xml.ws.soap.SOAPFaultException" note="To disable this feature, set com.sun.xml.ws.fault.SOAPFaultBuilder.disableCaptureStackTrace system property to false">
      <message>InvalidSecurity : error in processing the WS-Security security header</message>
      <ns2:stackTrace>
      <ns2:frame class="oracle.imaging.common.WSSecurityHandler" file="WSSecurityHandler.java" line="134" method="throwSOAPFaultException"/>
      <ns2:frame class="oracle.imaging.common.WSSecurityHandler" file="WSSecurityHandler.java" line="119" method="processHeader"/>
      <ns2:frame class="oracle.imaging.axf.ws.AxfSolutionMediatorWS" file="AxfSolutionMediatorWS.java" line="66" method="getUserPrincipal"/>
      <ns2:frame class="oracle.imaging.axf.ws.AxfSolutionMediatorWS" file="AxfSolutionMediatorWS.java" line="54" method="execute"/>
      <ns2:frame class="sun.reflect.GeneratedMethodAccessor2261" line="unknown" method="invoke"/>
      <ns2:frame class="sun.reflect.DelegatingMethodAccessorImpl" file="DelegatingMethodAccessorImpl.java" line="25" method="invoke"/>
      <ns2:frame class="java.lang.reflect.Method" file="Method.java" line="597" method="invoke"/>
      <ns2:frame class="weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker" file="WLSInstanceResolver.java" line="92" method="invoke"/>
      <ns2:frame class="weblogic.wsee.jaxws.WLSInstanceResolver$WLSInvoker" file="WLSInstanceResolver.java" line="74" method="invoke"/>
      <ns2:frame class="com.sun.xml.ws.server.InvokerTube$2" file="InvokerTube.java" line="151" method="invoke"/>
      <ns2:frame class="com.sun.xml.ws.server.sei.EndpointMethodHandlerImpl" file="EndpointMethodHandlerImpl.java" line="268" method="invoke"/>
      <ns2:frame class="com.sun.xml.ws.server.sei.SEIInvokerTube" file="SEIInvokerTube.java" line="100" method="processRequest"/>
      <ns2:frame class="com.sun.xml.ws.api.pipe.Fiber" file="Fiber.java" line="866" method="__doRun"/>
      <ns2:frame class="com.sun.xml.ws.api.pipe.Fiber" file="Fiber.java" line="815" method="_doRun"/>
      <ns2:frame class="com.sun.xml.ws.api.pipe.Fiber" file="Fiber.java" line="778" method="doRun"/>
      <ns2:frame class="com.sun.xml.ws.api.pipe.Fiber" file="Fiber.java" line="680" method="runSync"/>
      <ns2:frame class="com.sun.xml.ws.server.WSEndpointImpl$2" file="WSEndpointImpl.java" line="403" method="process"/>
      <ns2:frame class="com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit" file="HttpAdapter.java" line="532" method="handle"/>
      <ns2:frame class="com.sun.xml.ws.transport.http.HttpAdapter" file="HttpAdapter.java" line="253" method="handle"/>
      <ns2:frame class="com.sun.xml.ws.transport.http.servlet.ServletAdapter" file="ServletAdapter.java" line="140" method="handle"/>
      <ns2:frame class="weblogic.wsee.jaxws.WLSServletAdapter" file="WLSServletAdapter.java" line="171" method="handle"/>
      <ns2:frame class="weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke" file="HttpServletAdapter.java" line="708" method="run"/>
      <ns2:frame class="weblogic.security.acl.internal.AuthenticatedSubject" file="AuthenticatedSubject.java" line="363" method="doAs"/>
      <ns2:frame class="weblogic.security.service.SecurityManager" file="SecurityManager.java" line="146" method="runAs"/>
      <ns2:frame class="weblogic.wsee.util.ServerSecurityHelper" file="ServerSecurityHelper.java" line="103" method="authenticatedInvoke"/>
      <ns2:frame class="weblogic.wsee.jaxws.HttpServletAdapter$3" file="HttpServletAdapter.java" line="311" method="run"/>
      <ns2:frame class="weblogic.wsee.jaxws.HttpServletAdapter" file="HttpServletAdapter.java" line="336" method="post"/>
      <ns2:frame class="weblogic.wsee.jaxws.JAXWSServlet" file="JAXWSServlet.java" line="95" method="doRequest"/>
      <ns2:frame class="weblogic.servlet.http.AbstractAsyncServlet" file="AbstractAsyncServlet.java" line="99" method="service"/>
      <ns2:frame class="javax.servlet.http.HttpServlet" file="HttpServlet.java" line="820" method="service"/>
      <ns2:frame class="weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction" file="StubSecurityHel

      per.java" line="227" method="run"/>
      <ns2:frame class="weblogic.servlet.internal.StubSecurityHelper" file="StubSecurityHelper.java" line="125" method="invokeServlet"/>
      <ns2:frame class="weblogic.servlet.internal.ServletStubImpl" file="ServletStubImpl.java" line="300" method="execute"/>
      <ns2:frame class="weblogic.servlet.internal.TailFilter" file="TailFilter.java" line="26" method="doFilter"/>
      <ns2:frame class="weblogic.servlet.internal.FilterChainImpl" file="FilterChainImpl.java" line="56" method="doFilter"/>
      <ns2:frame class="oracle.security.jps.ee.http.JpsAbsFilter$1" file="JpsAbsFilter.java" line="111" method="run"/>
      <ns2:frame class="java.security.AccessController" file="AccessController.java" line="native" method="doPrivileged"/>
      <ns2:frame class="oracle.security.jps.util.JpsSubject" file="JpsSubject.java" line="313" method="doAsPrivileged"/>
      <ns2:frame class="oracle.security.jps.ee.util.JpsPlatformUtil" file="JpsPlatformUtil.java" line="413" method="runJaasMode"/>
      <ns2:frame class="oracle.security.jps.ee.http.JpsAbsFilter" file="JpsAbsFilter.java" line="94" method="runJaasMode"/>
      <ns2:frame class="oracle.security.jps.ee.http.JpsAbsFilter" file="JpsAbsFilter.java" line="161" method="doFilter"/>
      <ns2:frame class="oracle.security.jps.ee.http.JpsFilter" file="JpsFilter.java" line="71" method="doFilter"/>
      <ns2:frame class="weblogic.servlet.internal.FilterChainImpl" file="FilterChainImpl.java" line="56" method="doFilter"/>
      <ns2:frame class="oracle.dms.servlet.DMSServletFilter" file="DMSServletFilter.java" line="136" method="doFilter"/>
      <ns2:frame class="weblogic.servlet.internal.FilterChainImpl" file="FilterChainImpl.java" line="56" method="doFilter"/>
      <ns2:frame class="weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction" file="WebAppServletContext.java" line="3715" method="wrapRun"/>
      <ns2:frame class="weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction" file="WebAppServletContext.java" line="3681" method="run"/>
      <ns2:frame class="weblogic.security.acl.internal.AuthenticatedSubject" file="AuthenticatedSubject.java" line="321" method="doAs"/>
      <ns2:frame class="weblogic.security.service.SecurityManager" file="SecurityManager.java" line="120" method="runAs"/>
      <ns2:frame class="weblogic.servlet.internal.WebAppServletContext" file="WebAppServletContext.java" line="2277" method="securedExecute"/>
      <ns2:frame class="weblogic.servlet.internal.WebAppServletContext" file="WebAppServletContext.java" line="2183" method="execute"/>
      <ns2:frame class="weblogic.servlet.internal.ServletRequestImpl" file="ServletRequestImpl.java" line="1454" method="run"/>
      <ns2:frame class="weblogic.work.ExecuteThread" file="ExecuteThread.java" line="209" method="execute"/>
      <ns2:frame class="weblogic.work.ExecuteThread" file="ExecuteThread.java" line="178" method="run"/>
      </ns2:stackTrace>
      </ns2:exception>


      The request which we are sending is

      <?xml version="1.0" encoding="utf-8"?><soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soap:Header><Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><UsernameToken> <Username>AXF</Username> <Password>AXF</Password> </UsernameToken> </Security></soap:Header><soap:Body><execute xmlns="http://service.axf.imaging.oracle/"><request xmlns=""><commandNamespace>UCM_Managed_Attachments</commandNamespace><conversationId></conversationId><requestParameters></requestParameters><role>guest</role><solutionNamespace>UCM_Managed_Attachments</solutionNamespace><systemName>Oracle</systemName><userContext><entry><key>RESP_ID</key><value>50554</value></entry><entry><key>RESP_APPL_ID</key><value>200</value></entry><entry><key>ORG_ID</key><value>204</value></entry><entry><key>USR_ID</key><value>1318</value></entry></userContext><username>operations</username></request></execute></soap:Body></soap:Envelope>

      Thanks in Advance,
      Rakesh.
        • 1. Re: "error in processing the WS-Security security header" - calling ws OIPM
          808842
          I know you've probably solved this but I'll post our working soap message below for others.

          <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:imag="http://imaging.oracle/">
          <soapenv:Header xmlns:ns0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
          <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
          <wsse:UsernameToken>
          <wsse:Username>Username</wsse:Username>
          <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Password</wsse:Password>
          </wsse:UsernameToken>
          </wsse:Security>
          </soapenv:Header>
          <soapenv:Body>
          <imag:getDocument>
          <documentId>4.IPM_004280</documentId>
          <sectionSet>
          <flags>HISTORY</flags>
          <flags>FIELDVALUES</flags>
          </sectionSet>
          </imag:getDocument>

          </soapenv:Body>
          </soapenv:Envelope>