rsulliv1
13 years agoOccasional Contributor
Oracle OWSM policies and SoapUI
Has anyone ever been able to use SoapUI against any oracle policies?
I'm looking for any info on building the WS-Security headers for the wss11_username_token_with_message_protection_service_policy policy.
I can provide more info when needed, but I'm either running into a failed security response with no underlying soap errors:
FailedCheck : failure in security check
or I get the same failed security response with:
org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: {http://www.w3.org/2003/05/soap-envelope}Body)
This is a description of the policy:
This policy enforces message-level protection (that is, message integrity and message confidentiality) and authentication for inbound SOAP requests in accordance with the WS-Security 1.1 standard. Messages are protected using WS-Security's Basic 128 suite of symmetric key technologies, specifically RSA key mechanisms for message confidentiality, SHA-1 hashing algorithm for message integrity, and AES-128 bit encryption. The keystore is configured through the security configuration. Credentials are provided through the UsernameToken WS-Security SOAP header. Only plain text mechanism is supported. The credentials are authenticated against the configured identity store. This policy can be attached to any SOAP-based endpoint.
Any assistance would be greatly appreciated!
I'm looking for any info on building the WS-Security headers for the wss11_username_token_with_message_protection_service_policy policy.
I can provide more info when needed, but I'm either running into a failed security response with no underlying soap errors:
FailedCheck : failure in security check
or I get the same failed security response with:
org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: {http://www.w3.org/2003/05/soap-envelope}Body)
This is a description of the policy:
This policy enforces message-level protection (that is, message integrity and message confidentiality) and authentication for inbound SOAP requests in accordance with the WS-Security 1.1 standard. Messages are protected using WS-Security's Basic 128 suite of symmetric key technologies, specifically RSA key mechanisms for message confidentiality, SHA-1 hashing algorithm for message integrity, and AES-128 bit encryption. The keystore is configured through the security configuration. Credentials are provided through the UsernameToken WS-Security SOAP header. Only plain text mechanism is supported. The credentials are authenticated against the configured identity store. This policy can be attached to any SOAP-based endpoint.
Any assistance would be greatly appreciated!