Is there a SAML 2.0 OWSM Service Policy That Does Not Enforce An SSL Check?

(Doc ID 2415126.1)

Last updated on JUNE 27, 2018

Applies to:

Oracle Web Services Manager - Version 12.1.3.0.0 and later
Information in this document applies to any platform.

Goal

Attempting to use the "oracle/wss_saml20_token_bearer_over_ssl_service_policy" OWSM policy from a local proxy.

As it is a local proxy (not SSL), the following error message occurs:

 oracle.wsm.security.policy.scenario.policycompliance.PolicyComplianceException: WSM-00042 : The request must be made over SSL.
  at oracle.wsm.security.policy.scenario.executor.WssSamlTokenBearerOverSSLScenarioExecutor.receiveRequest(WssSamlTokenBearerOverSSLScenarioExecutor.java:179)

Is there a policy similar to the "oracle/wss_saml20_token_bearer_over_ssl_service_policy" OWSM policy that will not check SSL?
 

Solution

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms