My Oracle Support Banner

RBAC Authorisation Fails with oracle.wsm.common.sdk.WSMException: GenericFault : generic error Using OWSM 12c on REST Service (Doc ID 2172652.1)

Last updated on MARCH 11, 2021

Applies to:

Oracle Web Services Manager - Version and later
Information in this document applies to any platform.


A REST service is deployed on Weblogic Server. This service is exposed through OSB to a client application as a REST Proxy Service.
On OSB, the requirement is to implement role-based authorization.
The authenticated identity is propagated using SAML to the backend service.

There appears to be no way to authorize a (role-based) REST service access using OWSM. The existing authorization policy (oracle/binding_authorization_permitall_policy) does not seem to work for REST services.
An exception occurs during execution of the role-based authorization assertion. By receiving the response (401 in this case), OWSM raises the following WSMException:

Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=Service Bus Kernel, composite=null, modelObj=null, policy=test/rest_authorization_service_policy, policyVersion=1,
oracle.wsm.common.sdk.WSMException: GenericFault : generic error
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.checkIfGuardAllows(
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(
  at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(





To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!

In this Document

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.