1 Reply Latest reply: Feb 7, 2013 3:15 AM by 928435 RSS

    Incorrect security policy being applied to callback port. Is it a bug ?

    928435
      I am applying security policies on asynchronous BPEL process. Request port is configured with oracle/wss11_username_token_with_message_protection_service_policy and oracle/wsaddr_policy. Callback port is configured with oracle/wss11_username_token_with_message_protection_client_policy. However during execution the callback process fails with PolicyEnforcementException with the message that "oracle/wss11_username_token_with_message_protection_service_policy" cannot be applied to callback port.

      Following is my service definition in the composite.xml file:
      <service name="recruitment_client_ep"
      ui:wsdlLocation="RecruitmentService.wsdl">
      <interface.wsdl interface="http://xmlns.demo.com/RecruitmentService/RecruitmentService#wsdl.interface(RecruitmentServiceRequest)"
      callbackInterface="http://xmlns.demo.com/RecruitmentService/RecruitmentService#wsdl.interface(RecruitmentServiceCallback)"/>
      <binding.ws port="http://xmlns.demo.com/RecruitmentService/RecruitmentService#wsdl.endpoint(recruitment_client_ep/recruitmentServiceRequestPort)">
      <wsp:PolicyReference URI="oracle/wsaddr_policy"
      orawsp:category="addressing" orawsp:status="enabled"/>
      <wsp:PolicyReference URI="oracle/wss11_username_token_with_message_protection_service_policy"
      orawsp:category="security" orawsp:status="enabled"/>
      <property name="oracle.webservices.http.headers">invocationSource</property>
      </binding.ws>
      <callback>
      <binding.ws port="http://xmlns.demo.com/RecruitmentService/RecruitmentService#wsdl.endpoint(recruitment_client_ep/recruitmentServiceCallbackPort)">
      <wsp:PolicyReference URI="oracle/wss11_username_token_with_message_protection_client_policy"
      orawsp:category="security" orawsp:status="enabled"/>
      <property name="keystore.recipient.alias" type="xs:string" many="false">samlKey</property>
      </binding.ws>
      </callback>
      </service>

      I am using SOA 11.1.1.6.0 on WLS 10.3.6 with patchset 10.3.6.0.3.

      What could be reason for it ? Please reply.