RBAC Authorisation Fails with oracle.wsm.common.sdk.WSMException: GenericFault : generic error Using OWSM 12c on REST Service
(Doc ID 2172652.1)
Last updated on FEBRUARY 06, 2024
Applies to:
Oracle Web Services Manager - Version 12.2.1.0.0 and laterInformation in this document applies to any platform.
Symptoms
A REST service is deployed on Weblogic Server. This service is exposed through OSB to a client application as a REST Proxy Service.
On OSB, the requirement is to implement role-based authorization.
The authenticated identity is propagated using SAML to the backend service.
There appears to be no way to authorize a (role-based) REST service access using OWSM. The existing authorization policy (oracle/binding_authorization_permitall_policy) does not seem to work for REST services.
An exception occurs during execution of the role-based authorization assertion. By receiving the response (401 in this case), OWSM raises the following WSMException:
Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=Service Bus Kernel, composite=null, modelObj=null, policy=test/rest_authorization_service_policy, policyVersion=1,
assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}binding-authorization.
oracle.wsm.common.sdk.WSMException: GenericFault : generic error
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.checkIfGuardAllows(WSPolicyRuntimeExecutor.java:622)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:510)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:438)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:385)
Changes
Cause
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Symptoms |
| Changes |
| Cause |
| Solution |
| References |