Web service client handler with SAML token is not called when security policy is applied
(Doc ID 1286684.1)
Last updated on JANUARY 29, 2022
Applies to:Oracle WebLogic Server - Version 10.3 and later
Information in this document applies to any platform.
When trying to use Webservice client handler as a way to insert a SAML token to the SOAP header for Webservice authentication, it is noticed that if security policy is applied to the Webservice, then the client handler is not called. The below exception is thrown on client side instead:
There is no workaround for this issue.
Steps to replicate the issue:
- Use clientgen with clientChainFile attribute to generate client stub for Webservice.
- Apply the following security policy, sample as below:
... ... ...
<wssp:SecurityToken TokenType="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile-1.0#SAMLAssertionID">"
... ... ...
- Then, write test client to invoke the above Webservice, and the below SOAP fault will be thrown:
weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
- Remove the security policy from the webservice. Run the test client again, and it will work.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document