My Oracle Support Banner

SAML Audience URI Restrictions With OWSM Policy Attached to an OSB Proxy Service. (Doc ID 1663370.1)

Last updated on JULY 21, 2023

Applies to:

Oracle Web Services Manager - Version to [Release 11gR1]
Oracle Service Bus - Version to [Release 11g]
Information in this document applies to any platform.


An OSB (Oracle Service Bus) Proxy Service is secured with a SAML based OWSM (Oracle Web Services Manager) policy.

A client uses a SAML audience URI restriction with an absolute URI, similar to the following:

         <saml:Audience>http://<OSB HOST>:<PORT>/<PROXY URI></saml:Audience>

On an OSB Proxy Service secured with a SAML based OWSM policy, using such a SAML audience URI with an absolute URI fails with

Caused by: FAULT CODE: InvalidSecurityToken FAULT MESSAGE: Audience URI for SAML assertion is invalid.
       ... 70 more

or (in the OSB Test Console) with

BEA-386200: General web service security error



This problem is specific to Oracle Service Bus. The problem does not show up when the same OWSM policy is attached to a JAX-WS Web Service or a SOA composite.


To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document
 Solution Summary
 Patch installation instructions:
 Apply patch 17502332 (OSB)
 Apply patch 17581405 (OWSM)

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.