Does UTL_DBWS Have Support For WS-Security? (Doc ID 953798.1)

Last updated on AUGUST 31, 2016

Applies to:

Web Services - Version 10.1.3.0.0 to 10.1.3.5
Information in this document applies to any platform.
***Checked for relevance on 05-Oct-2012***
This problem can occur on any platform.

Symptoms

You are attempting to call a WSS (WS-Security) enabled web service from PL/SQL using the UTL_DBWS package.

The WSS-enabled web service requires a WSSE header of the form:

<soapenv:Header> 
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> 
<wsse:UsernameToken wsu:Id="UsernameToken-9187190" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> 
<wsse:Username>SCOTT</wsse:Username> 
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TIGER</wsse:Password> 
<wsse:Nonce>qN3QTsDa5kHaAiz3Tm9kyA==</wsse:Nonce> 
<wsu:Created>2009-05-20T15:33:59.275Z</wsu:Created> 
</wsse:UsernameToken> 
</wsse:Security> 
</soapenv:Header> 

Using this same approach you can successfully call an unsecured web service. However the call to a WSS-enabled web service fails with: 

ORA29532: Java call terminated by uncaught Java exception:
javax.xml.rpc.soap.SOAPFaultException: com.sun.xml.wss.XWSSecurityException:
Message does not conform to configured policy [ AuthenticationTokenPolicy(S) ]:
No Security Header found;
nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: Message does not conform to configured policy [ AuthenticationTokenPlicy(S) ]:
No Security Header found

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms