"Timestamp Should Not Be In The Message" when using ssl type policies
(Doc ID 1552393.1)
Last updated on JANUARY 07, 2024
Applies to:
Oracle Web Services Manager - Version 11.1.1.4.0 and laterOracle SOA Suite - Version 11.1.1.3.0 and later
Information in this document applies to any platform.
Symptoms
Getting a "Timestamp should not be in the message" error when using oracle/wss_username_token_over_ssl_client_policy. The error stack is similar to the following:
ERROR
-----------------------
[2013-05-07T05:21:36.257-04:00] [soa_server1] [ERROR] [WSM-00279] [oracle.wsm.resources.security] [tid: orabpel.invoke.pool-4.thread-1] [userId: <anonymous>] [ecid: <ECID>] [WSM_POLICY_NAME: oracle/wss_username_token_over_ssl_client_policy] [APP: soa-infra] [composite_name: <COMPOSITE NAME>] [component_name: <COMPONENT NAME>] [component_instance_id: <COMPONENT INSTANCE ID>] The following Fault Message is received at the client side from the service:- [[
Timestamp should not be in the message .
The client side policy is:-
oracle/wss_username_token_over_ssl_client_policy.
...
}.
]]
[2013-05-07T05:21:36.287-04:00] [soa_server1] [ERROR] [] [oracle.integration.platform.blocks.soap] [tid: orabpel.invoke.pool-4.thread-1] [userId: <anonymous>] [ecid: <ECID>] [APP: soa-infra] [composite_name: <COMPOSITE NAME>] [component_name: <COMPONENT NAME>] [component_instance_id: <COMPONENT INSTANCE ID>] Unable to dispatch request to https://<HOSTNAME> due to exception[[
oracle.j2ee.ws.client.jaxws.JRFSOAPFaultException: Client received SOAP Fault from server : Timestamp should not be in the message
-----------------------
[2013-05-07T05:21:36.257-04:00] [soa_server1] [ERROR] [WSM-00279] [oracle.wsm.resources.security] [tid: orabpel.invoke.pool-4.thread-1] [userId: <anonymous>] [ecid: <ECID>] [WSM_POLICY_NAME: oracle/wss_username_token_over_ssl_client_policy] [APP: soa-infra] [composite_name: <COMPOSITE NAME>] [component_name: <COMPONENT NAME>] [component_instance_id: <COMPONENT INSTANCE ID>] The following Fault Message is received at the client side from the service:- [[
Timestamp should not be in the message .
The client side policy is:-
oracle/wss_username_token_over_ssl_client_policy.
...
}.
]]
[2013-05-07T05:21:36.287-04:00] [soa_server1] [ERROR] [] [oracle.integration.platform.blocks.soap] [tid: orabpel.invoke.pool-4.thread-1] [userId: <anonymous>] [ecid: <ECID>] [APP: soa-infra] [composite_name: <COMPOSITE NAME>] [component_name: <COMPONENT NAME>] [component_instance_id: <COMPONENT INSTANCE ID>] Unable to dispatch request to https://<HOSTNAME> due to exception[[
oracle.j2ee.ws.client.jaxws.JRFSOAPFaultException: Client received SOAP Fault from server : Timestamp should not be in the message
or
[soa_server1] [ERROR] [OWS-04086] [oracle.webservices.service] [tid: [ACTIVE].ExecuteThread: '0' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: <anonymous>] [ecid: <ECID>] [APP: soa-infra] [composite_name: <COMPOSIETE NAME>] [component_name: <COMPONENT NAME>] oracle.fabric.common.PolicyEnforcementException: InvalidSecurityToken : The security token is not valid.[[
at oracle.fabric.common.AbstractSecurityInterceptor.processResult(AbstractSecurityInterceptor.java:180)
at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:95)
at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:129)
at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:276)
at
...
Caused by: oracle.wsm.common.sdk.WSMException: InvalidSecurityToken : The security token is not valid.
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:259)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:832)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:425)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:344)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:291)
at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:1059)
at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:489)
at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
... 35 more
Caused by: oracle.wsm.security.SecurityException: WSM-00122 : Valid timestamp is not present in the message.
at oracle.wsm.security.policy.scenario.validator.GenericTimestampValidator.hasCreated(GenericTimestampValidator.java:171)
at oracle.wsm.security.policy.scenario.validator.GenericTimestampValidator.validate(GenericTimestampValidator.java:86)
at oracle.wsm.security.policy.scenario.util.WsmMessageSecurityUtils.verifyTimeStamp(WsmMessageSecurityUtils.java:200)
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:147)
... 44 more
]]
at oracle.fabric.common.AbstractSecurityInterceptor.processResult(AbstractSecurityInterceptor.java:180)
at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:95)
at oracle.integration.platform.common.InterceptorChainImpl.processRequest(InterceptorChainImpl.java:129)
at oracle.integration.platform.common.mgmt.InterceptorChainManager.processRequest(InterceptorChainManager.java:276)
at
...
Caused by: oracle.wsm.common.sdk.WSMException: InvalidSecurityToken : The security token is not valid.
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:259)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:832)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:41)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:425)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:344)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:291)
at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:102)
at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:1059)
at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:489)
at oracle.fabric.common.BindingSecurityInterceptor.processRequest(BindingSecurityInterceptor.java:94)
... 35 more
Caused by: oracle.wsm.security.SecurityException: WSM-00122 : Valid timestamp is not present in the message.
at oracle.wsm.security.policy.scenario.validator.GenericTimestampValidator.hasCreated(GenericTimestampValidator.java:171)
at oracle.wsm.security.policy.scenario.validator.GenericTimestampValidator.validate(GenericTimestampValidator.java:86)
at oracle.wsm.security.policy.scenario.util.WsmMessageSecurityUtils.verifyTimeStamp(WsmMessageSecurityUtils.java:200)
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:147)
... 44 more
]]
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |