Unable To Sign Header Sub-Element In OWSM

(Doc ID 2291262.1)

Last updated on JULY 28, 2017

Applies to:

Oracle Web Services Manager - Version and later
Information in this document applies to any platform.


In OWSM, there is a necessity to sign a header sub-element a custom web service header when communicating with a particular web service gateway.

In this example, it is necessary to sign the gwsxns:ConsumerApplicationID header only in each web service request.

<soapenv:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
    <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
        <gwsxns:GWSXHeader xmlns:gwsxns="http://www.gwsx.sg/gwsx/request/audit">

As an attempt, a change was made in the policy to add the header inside of the signed-parts element.  This doesn't work.

<orasp:msg-security ..>
                <orasp:header orasp:name="ConsumerApplicationID" orasp:namespace="http://www.gwsx.sg/gwsx/request/audit"/>

Another approach taken was to define it as signed element, which also doesn't work.
<orasp:msg-security ...">
            <orasp:element orasp:name="ConsumerApplicationID" orasp:namespace="http://www.gwsx.sg/gwsx/request/audit"/>
The only process that will allow customization of the signed header is to define the entire gwsxns:GWSXHeader header in the signed-parts element:
        <orasp:header orasp:name="GWSXHeader " orasp:namespace="http://www.gwsx.sg/gwsx/request/audit"/>
Is it possible to fulfill the requirement and if so, how can it be accomplished?


Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms