2 Replies Latest reply: Jan 22, 2013 3:51 PM by BK574 RSS

    Error: Client received SOAP Fault from server : InvalidSecurity

    BK574
      Hi All,

      I am getting the following error when I am invoking the provider ABCS "Client received SOAP Fault from server : InvalidSecurity : error in processing the WS-Security security header". I am invoking Provider ABCS service from EBS Service. The service doesn't have any username and password (its a plain service created by me), but still I am getting this error. Did i do any thing wrong during deployment?

      Thanks,
        • 1. Re: Error: Client received SOAP Fault from server : InvalidSecurity
          BK574
          following is the stack trace.
          Failed to execute the assertion "WSSecurity SAML Token" in the conditional policy. InvalidSecurity : error in processing the WS-Security security header[[
          oracle.wsm.common.sdk.WSMException: InvalidSecurity : error in processing the WS-Security security header
               at oracle.wsm.security.policy.scenario.executor.Wss10SamlTokenScenarioExecutor.receiveRequest(Wss10SamlTokenScenarioExecutor.java:156)
               at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:562)
               at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
               at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:669)
               at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeXorAssertion(WSPolicyRuntimeExecutor.java:480)
               at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:340)
               at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:294)
               at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
               at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:1001)
               at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:470)
               at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
               at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:128)
               at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:276)
               at oracle.j2ee.ws.server.mgmt.runtime.SuperServerInterceptorPipeline.handleRequest(SuperServerInterceptorPipeline.java:165)
               at oracle.j2ee.ws.server.provider.management.AbstractProviderInterceptorPipeline.executeRequestInterceptorChain(AbstractProviderInterceptorPipeline.java:576)
               at oracle.j2ee.ws.server.provider.ProviderProcessor.executeInterceptorRequestChain(ProviderProcessor.java:921)
               at oracle.j2ee.ws.server.WebServiceProcessor.processRequest(WebServiceProcessor.java:231)
               at oracle.j2ee.ws.server.WebServiceProcessor.doService(WebServiceProcessor.java:193)
               at oracle.j2ee.ws.server.WebServiceServlet.doPost(WebServiceServlet.java:485)
               at oracle.integration.platform.blocks.soap.FabricProviderServlet.doPost(FabricProviderServlet.java:528)
               at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
               at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
               at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
               at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
               at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:301)
               at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
               at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
               at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:119)
               at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:315)
               at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:442)
               at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:103)
               at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:171)
               at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
               at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
               at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:139)
               at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
               at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3730)
               at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3696)
               at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
               at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
               at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2273)
               at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2179)
               at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1490)
               at weblogic.work.ExecuteThread.execute(ExecuteThread.java:256)
               at weblogic.work.ExecuteThread.run(ExecuteThread.java:221)
          Caused by: oracle.wsm.security.SecurityException: WSM-00069 : The security header is missing. Ensure that there is a valid security policy attached at the client side, and the policy is enabled.
               at oracle.wsm.security.policy.scenario.processor.WssSamlTokenProcessor.verify(WssSamlTokenProcessor.java:586)
               at oracle.wsm.security.policy.scenario.processor.WssSamlTokenProcessor.verify(WssSamlTokenProcessor.java:572)
               at oracle.wsm.security.policy.scenario.executor.Wss10SamlTokenScenarioExecutor.receiveRequest(Wss10SamlTokenScenarioExecutor.java:137)
               ... 44 more

          There is no username and password for the service, but still i am getting this SAML token error, don't know why.
          • 2. Re: Error: Client received SOAP Fault from server : InvalidSecurity
            BK574
            I solved the issue, the issue is because of composite name. Our company server has some reserved keywords like prov, req, EBS etc.. Hence whenever a composite is named with this words then it is raising the above error.

            Thanks,