2 Replies Latest reply on May 6, 2012 12:32 PM by Melvin van der Kuijl

    WSM-00061 : Signature digest verification failure

    Melvin van der Kuijl
      Currently Im having some difficulties to decrypt a message that was encrypted using WSM_PolicyName: oracle/wss11_username_token_with_message_protection_service_policy.

      I've attached this policy to a SOA Suite 11g PS3 - SOAP Web service service and Im calling this service from a .Net client. It looks like the content of the response has some CR LF's or other invallid characters. I've already tried removing those using XSLT but no luck so far.

      Anyone faced the same problem and solved it. Any tips/tricks are also welcome.

      Here are some serverlogging snippets:

      oracle.wsm.security.SecurityException: WSM-00061 : Signature digest verification failure.
           at oracle.wsm.security.policy.scenario.processor.Wss11MessageSecurityProcessor.verify(Wss11MessageSecurityProcessor.java:401)
           at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.verify(Wss11X509TokenProcessor.java:647)
           at oracle.wsm.security.policy.scenario.executor.Wss11UsernameWithCertsScenarioExecutor.receiveRequest(Wss11UsernameWithCertsScenarioExecutor.java:134)
           at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:530)
           at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:608)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:335)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:282)
           at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
           at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:915)
           at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:436)
           at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
           at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:91)
           at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:232)
           at oracle.j2ee.ws.server.mgmt.runtime.SuperServerInterceptorPipeline.handleRequest(SuperServerInterceptorPipeline.java:153)
           at oracle.j2ee.ws.server.provider.management.AbstractProviderInterceptorPipeline.executeRequestInterceptorChain(AbstractProviderInterceptorPipeline.java:562)
           at oracle.j2ee.ws.server.provider.ProviderProcessor.executeInterceptorRequestChain(ProviderProcessor.java:902)
           at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:220)
           at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:185)
           at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:430)
           at oracle.integration.platform.blocks.soap.FabricProviderServlet.doPost(FabricProviderServlet.java:477)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
           at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
           at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
           at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
           at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
           at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
           at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
           at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
           at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

      ]]
      [2012-04-25T17:32:54.562+02:00] [soa_server1] [ERROR] [WSM-00006] [oracle.wsm.resources.security] [host: WNSB01] [nwaddr: xxx.xx.x.xx] [tid: [ACTIVE].ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JRe8ZthFg4K6yVaeMG1F^I150018nS,0] [WEBSERVICE_PORT.name: IObjectIS_pt] [APP: soa-infra] [WSM_OperationName: unknown] [J2EE_MODULE.name: fabric] [dcid: 26e72e9850f41d50:-6f3ca2ad:136ceebf996:-7fff-000000000000f8f5] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ObjectISService11MP_ep] [WSM_PolicyVersion: 3] [WSM_LogType: Request] [WSM_RemoteAddress: 172.18.3.49] [WSM_ServiceID: soa-infra/ObjectIS/ObjectISService11MP_ep] [WSM_PolicyName: oracle/wss11_username_token_with_message_protection_service_policy] [arg: oracle.wsm.security.SecurityException: WSM-00061 : Signature digest verification failure.] Error in receiving the request: oracle.wsm.security.SecurityException: WSM-00061 : Signature digest verification failure..
      [2012-04-25T17:32:54.562+02:00] [soa_server1] [TRACE:32] [] [oracle.wsm.security.policy.scenario.executor.Wss11UsernameWithCertsScenarioExecutor] [host: WNSB01] [nwaddr: 172.18.1.11] [tid: [ACTIVE].ExecuteThread: '12' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: 0000JRe8ZthFg4K6yVaeMG1F^I150018nS,0] [SRC_CLASS: oracle.wsm.security.policy.scenario.executor.Wss11UsernameWithCertsScenarioExecutor] [WSM_OperationName: unknown] [dcid: 26e72e9850f41d50:-6f3ca2ad:136ceebf996:-7fff-000000000000f8f5] [SRC_METHOD: receiveRequest] [J2EE_APP.name: soa-infra] [WEBSERVICE.name: ObjectISService11MP_ep] [WSM_LogType: Request] [WSM_PolicyName: oracle/wss11_username_token_with_message_protection_service_policy] [WEBSERVICE_PORT.name: IObjectIS_pt] [APP: soa-infra] [J2EE_MODULE.name: fabric] [WSM_PolicyVersion: 3] [WSM_RemoteAddress: 172.18.3.49] [WSM_ServiceID: soa-infra/ObjectIS/ObjectISService11MP_ep] Failed to receive request[[
      oracle.wsm.security.SecurityException: WSM-00061 : Signature digest verification failure.
           at oracle.wsm.security.policy.scenario.processor.Wss11MessageSecurityProcessor.verify(Wss11MessageSecurityProcessor.java:401)
           at oracle.wsm.security.policy.scenario.processor.Wss11X509TokenProcessor.verify(Wss11X509TokenProcessor.java:647)
           at oracle.wsm.security.policy.scenario.executor.Wss11UsernameWithCertsScenarioExecutor.receiveRequest(Wss11UsernameWithCertsScenarioExecutor.java:134)
           at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:530)
           at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:608)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:335)
           at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:282)
           at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
           at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:915)
           at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:436)
           at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
           at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:91)
           at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:232)
           at oracle.j2ee.ws.server.mgmt.runtime.SuperServerInterceptorPipeline.handleRequest(SuperServerInterceptorPipeline.java:153)
           at oracle.j2ee.ws.server.provider.management.AbstractProviderInterceptorPipeline.executeRequestInterceptorChain(AbstractProviderInterceptorPipeline.java:562)
           at oracle.j2ee.ws.server.provider.ProviderProcessor.executeInterceptorRequestChain(ProviderProcessor.java:902)
           at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:220)
           at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:185)
           at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:430)
           at oracle.integration.platform.blocks.soap.FabricProviderServlet.doPost(FabricProviderServlet.java:477)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
           at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
           at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
           at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
           at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at oracle.dms.wls.DMSServletFilter.doFilter(DMSServletFilter.java:330)
           at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3684)
           at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
           at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
           at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
           at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
           at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
           at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
           at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
           at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

      Regards,

      Melvin