Error During Outlook Plugin SSO Login: WSM-00008 The security token cannot be authenticated (Doc ID 2257436.1)

Last updated on APRIL 20, 2017

Applies to:

Oracle Fusion Sales Cloud Service - Version 11.1.11.1.0 and later
Information in this document applies to any platform.

Symptoms

On : 11.1.11.1.0 version, Microsoft Outlook

User gets error during Outlook plugin SSO login

While login to Outlook plugin - SSO, user is getting error ""Failed to login using given user info. Please re-enter your user info and try again."

ERROR
-----------------------
""Failed to login using given user info. Please re-enter your user info and try again."

Sales server Log file shows:
[2017-03-30T13:01:55.100+00:00] [SalesServer_HA] [ERROR] [OWS-04115] [oracle.webservices.service] [tid: [ACTIVE].ExecuteThread: '10' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 005Iz9C8WNfEcLW5Pz4Eyd0002Fx0007Ab,0:3] [APP: SalesApp#V2.0] An error occurred for port: {http://xmlns.oracle.com/apps/outlookEdition/connector/requestHandlerService/}OutlookRequestHandlerServiceSoapHttpPort: oracle.fabric.common.PolicyEnforcementException: FailedAuthentication : The security token cannot be authenticated..
[2017-03-30T13:03:05.255+00:00] [SalesServer_HA] [ERROR] [WSM-07618] [oracle.wsm.resources.enforcement] [tid: [ACTIVE].ExecuteThread: '14' for queue: 'weblogic.kernel.Default (self-tuning)'] [userId: anonymous] [ecid: 005Iz9GKKM2EWNW5Pzp2id00073E00039J,0:3] [APP: SalesApp#V2.0] [J2EE_APP.name: SalesApp_V2.0] [J2EE_MODULE.name: outlookEditionConnector] [WEBSERVICE.name: OutlookRequestHandlerService] [WEBSERVICE_PORT.name: OutlookRequestHandlerServiceSoapHttpPort] [WSM_POLICY_NAME: oracle/wss11_saml_or_username_token_with_message_protection_service_policy] Failed to execute the assertion "WSSecurity Saml Token With Confirmation method Bearer Over SSL " in the conditional policy. FailedAuthentication : The security token cannot be authenticated.[[
oracle.wsm.common.sdk.WSMException: FailedAuthentication : The security token cannot be authenticated.
at oracle.wsm.security.policy.scenario.executor.WssSamlTokenBearerOverSSLScenarioExecutor.receiveRequest(WssSamlTokenBearerOverSSLScenarioExecutor.java:168)

Caused by: oracle.wsm.security.SecurityException: WSM-00008 : Web service authentication failed.
at oracle.wsm.security.jps.JpsManager.authenticate(JpsManager.java:245)
at oracle.wsm.security.jps.JpsManager.samlAuthenticate(JpsManager.java:384)
at oracle.wsm.security.policy.scenario.processor.WssSaml11TokenProcessor.authenticateSamlToken(WssSaml11TokenProcessor.java:400)
at oracle.wsm.security.policy.scenario.processor.WssSaml11TokenProcessor.authenticate(WssSaml11TokenProcessor.java:253)
at oracle.wsm.security.policy.scenario.processor.WssSamlTokenProcessor.verify(WssSamlTokenProcessor.java:468)
at oracle.wsm.security.policy.scenario.executor.WssSamlTokenBearerOverSSLScenarioExecutor.receiveRequest(WssSamlTokenBearerOverSSLScenarioExecutor.java:132)
... 58 more
Caused by: javax.security.auth.login.LoginException: <Firstname Lastname>
at oracle.security.jps.internal.jaas.module.saml.JpsAbstractSAMLLoginModule.login(JpsAbstractSAMLLoginModule.java:128)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:747)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:184)
at javax.security.auth.login.LoginContext$4.run(LoginContext.java:673)
at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:670)
at javax.security.auth.login.LoginContext.login(LoginContext.java:578)
at oracle.wsm.security.jps.JpsManager.authenticate(JpsManager.java:237)
... 63 more
Caused by: javax.security.auth.login.FailedLoginException: [Security:090304]Authentication Failed: User <Firstname Lastname> javax.security.auth.login.FailedLoginException: [Security:090302]Authentication Failed: User <Firstname Lastname> denied
at weblogic.security.providers.authentication.LDAPAtnLoginModuleImpl.login(LDAPAtnLoginModuleImpl.java:261)
at com.bea.common.security.internal.service.LoginModuleWrapper$1.run(LoginModuleWrapper.java:110)
at com.bea.common.security.internal.service.LoginModuleWrapper.login(LoginModuleWrapper.java:106)
at sun.reflect.GeneratedMethodAccessor298845.invoke(Unknown Source)

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Try to login to Outlook plugin using SSO credentials

BUSINESS IMPACT
-----------------------
The issue has the following business impact:
Due to this issue, users cannot login to Outlook plugin using SSO

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms