Web service client handler with SAML token is not called when security policy is applied
Last updated on APRIL 06, 2018
Applies to:Oracle Weblogic Server - Version 10.3 and later
Information in this document applies to any platform.
***Checked for relevance on 09-Nov-2012***
When trying to use Webservice client handler as a way to insert a SAML token to the SOAP header for Webservice authentication, it is noticed that if security policy is applied to the Webservice, then the client handler is not called. The below exception is thrown on client side instead:
There is no workaround for this issue.
Steps to replicate the issue:
- Use clientgen with clientChainFile attribute to generate client stub for Webservice.
- Apply the following security policy, sample as below:
... ... ...
<wssp:SecurityToken TokenType="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-2004-01-saml-token-profile-1.0#SAMLAssertionID">"
... ... ...
- Then, write test client to invoke the above Webservice, and the below SOAP fault will be thrown:
weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
- Remove the security policy from the webservice. Run the test client again, and it will work.
Sign In with your My Oracle Support account
Don't have a My Oracle Support account? Click to get started
My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms