My Oracle Support Banner

"oracle.wsm.security.SecurityException: WSM-00265 : The Username token is missing in the security header" exception when invoking an ICS service from external clients (Doc ID 2133607.1)

Last updated on AUGUST 02, 2018

Applies to:

Integration Cloud Service - Version 15.3.1 and later
Autonomous Integration Cloud - Version 18.2.5 and later
Information in this document applies to any platform.

Symptoms


When invoking an ICS SOAP service from SOAPUI, the call fails with the below exception and ICS Monitoring is not showing any activity.

  com.bea.wli.sb.service.handlerchain.HandlerException: General web service security error
at com.bea.wli.sb.service.handlerchain.handlers.AbstractWssHandler.handleWssException(AbstractWssHandler.java:97)
at com.bea.wli.sb.service.disi.handlerchain.handlers.InboundWssPhase1DISIHandler.dispatch(InboundWssPhase1DISIHandler.java:113)
at com.bea.wli.sb.service.handlerchain.handlers.AbstractHandler.dispatch(AbstractHandler.java:131)
at com.bea.wli.sb.service.handlerchain.handlers.InboundMessageContentHandler.dispatch(InboundMessageContentHandler.java:170)
at com.bea.wli.sb.service.handlerchain.handlers.AbstractHandler.dispatch(AbstractHandler.java:131)
at com.bea.wli.sb.service.handlerchain.handlers.CheckAccessControl.dispatch(CheckAccessControl.java:65)
at com.bea.wli.sb.service.handlerchain.handlers.AbstractHandler.dispatch(AbstractHandler.java:131)
at com.bea.wli.sb.service.handlerchain.handlers.UpdateInboundTransportStatistics.dispatch(UpdateInboundTransportStatistics.java:64)
at com.bea.wli.sb.service.handlerchain.handlers.AbstractHandler.dispatch(AbstractHandler.java:131)
at com.bea.wli.sb.service.handlerchain.handlers.DefaultInboundErrorHandler.dispatch(DefaultInboundErrorHandler.java:44)
at com.bea.wli.sb.service.handlerchain.InboundHandlerChain.dispatch(InboundHandlerChain.java:134)
at com.bea.wli.sb.transports.TransportDispatcherClient.dispatch(TransportDispatcherClient.java:92)
..........
Caused by: com.bea.wli.sb.security.wss.WssHandlerException: General web service security error
at com.bea.wli.sb.security.wss.WssHandlerImpl.generateInboundRequestBLE(WssHandlerImpl.java:1499)
at com.bea.wli.sb.security.wss.WssHandlerImpl.handleInboundRequestException(WssHandlerImpl.java:1457)
..........
Caused by: com.bea.wli.sb.security.wss.WssException: oracle.wsm.security.SecurityException: WSM-00265 : The Username token is missing in the security header. Ensure that there is a Username token policy attached on the client side. Tokens found in the security header are :- [(wsu:Timestamp), ].
at com.bea.wli.sb.security.wss.wsm.WsmInboundHandler.handleRequestException(WsmInboundHandler.java:350)
at com.bea.wli.sb.security.wss.WssHandlerImpl.handleInboundRequestException(WssHandlerImpl.java:1442)
... 44 more
Caused by: oracle.wsm.security.SecurityException: WSM-00265 : The Username token is missing in the security header. Ensure that there is a Username token policy attached on the client side. Tokens found in the security header are :- [(wsu:Timestamp), ].
at oracle.wsm.security.policy.scenario.processor.UsernameTokenProcessor.verify(UsernameTokenProcessor.java:225)
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:204)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:642)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:44)

Changes

 

Cause

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Symptoms
Changes
Cause
Solution


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.