WSM Policy is Ignored on One Node in a Weblogic Cluster When Using JAX-WS Web Services

(Doc ID 1210110.1)

Last updated on MARCH 29, 2016

Applies to:

Oracle Web Services Manager - Version: and later   [Release: and later ]
Information in this document applies to any platform.


A WebLogic 10.3.3 domain containing a SOA Cluster has been configured as follows:
  • Machine A
    • AdminServer
    • soa_server1
    • bam_server1
  • Machine B:
    • soa_server2
    • bam_server2

On the soa_serverX, a custom application is deployed that contains a web service.  Attach a security policy (wss_username_token_service_policy for example) to this web service. The web service is protected by the policy when invoked on the first node (soa_server1), but an error occurs when invoked on the second node (soa_server2). The application has been targeted to the SOA Cluster.
The following error is what is returned from the second node:

oracle.sysman.emSDK.webservices.wsdlapi.SoapTestException: MustUnderstand headers:[{}Security] are not understood


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms