When A SOAP Message is Sent To A Weblogic Service The SOAP Envelope Is Altered By OWSM
(Doc ID 2254926.1)
Last updated on MARCH 13, 2019
Applies to:Oracle Service Bus - Version 184.108.40.206.0 and later
Information in this document applies to any platform.
When a SOAP message is sent to an OSB flow with OWSM policies enabled by selecting "From OWSM Policy Store" on the security tab of the OSB proxy, the SOAP envelope is altered by OWSM: an extra namespace declaration is added.
This extra namespace causes the server to be unable to verify the canonicalized signatures using WS-Security.
Use do not have to attach a policy to get the extra namespace. If disabling OWSM by selecting "No Policies" there is no additional namespace added.
To verify, log an inbound message in the OSB pipeline. Adding a policy will also induce this behavior, but a policy is not needed.
Note that if the SOAP envelope in test SOAP message is defined with a namespace of 'env', then OWSM does not add one. However, this is not an acceptable workaround. Simply using env as the prefix is not sufficient as we have to expose these services to many clients and ensure interoperability.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document