My Oracle Support Banner

SAML Authentication with Oracle 11g SP2 Security Header Order Certificate Exception: Referenced Security Token Could not be Retrieved (Doc ID 1343013.1)

Last updated on FEBRUARY 03, 2019

Applies to:

Oracle Web Services Manager - Version 11.1.1.4.0 and later
Information in this document applies to any platform.

Symptoms


When calling a .NET web service from a SOA Composite with a OWSM message security policy, a security failure is received back from the service. It says it cannot find the certificate even though it is installed on the server. It was determined that the order of the Signature and BinarySecurityToken elements in the header is causing the problem. The error received is:

<soap:Header>
<wsa:Action>
http://schemas.xmlsoap.org/ws/2004/03/addressing/fault</wsa:Action>
<wsa:MessageID>
uuid:1752a20f-05cb-492d-9b73-39d250e566a4</wsa:MessageID>
<wsa:RelatesTo>
uuid:fb2c2f49-b922-4624-8fec-2ef957434b49</wsa:RelatesTo>
<wsa:To>
http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:To>
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-6473026f-5f6f-43ed-816a-6eb2cb44b29c">

<wsu:Created>2011-07-12T00:09:42Z</wsu:Created>
<wsu:Expires>2011-07-12T00:14:42Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode xmlns:code="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
code:SecurityTokenUnavailable</faultcode>
<faultstring>Referenced security token could not be
retrieved</faultstring>
<faultactor>
http://sdpfesweb.aescf.us.aexp.com/PT_Recovery_SPE04353/InquireAccountV2.asmx</faultactor>
</soap:Fault>
</soap:Body>
</soap:Envelope>

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Cause
Solution
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.