Calling ICS Integration Fails With Security Exception "oracle.wsm.common.sdk.WSMException: InvalidSecurity : error in processing the WS-Security security header" (Doc ID 2267154.1)

Last updated on MAY 23, 2017

Applies to:

Integration Cloud Service - Version N/A and later
Information in this document applies to any platform.

Symptoms

While calling ICS Integration , calls fails with the below security exception.

ERROR
-----------------------

###<May 15, 2017 2:20:09 PM UTC> <Error> <oracle.wsm.resources.security> <test.oraclecloud.com> <ics_server1> <[ACTIVE] ExecuteThread: '25' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <005Jt30ba2SA9T3_Rlt1id0004vI00008M> <1494858009224> <WSM-00254> <The current server time is "May 15, 2017 2:20:09 PM UTC", incoming message creation time is "May 15, 2017 1:20:07 PM UTC", configured agent expiry is 300 seconds, incoming message expiry is null seconds, effective message expiry (minimum of agent expiry and incoming message expiry) is 300 seconds, configured clock skew is 360 seconds. The acceptable time range is "May 15, 2017 1:14:07 PM UTC" to "May 15, 2017 1:31:07 PM UTC". The incoming message is before/after the acceptable time.>
####<May 15, 2017 2:20:09 PM UTC> <Error> <oracle.wsm.resources.enforcement> <test.oraclecloud.com> <ics_server1> <[ACTIVE] ExecuteThread: '25' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <005Jt30ba2SA9T3_Rlt1id0004vI00008M> <1494858009226> <WSM-07607> <Failure in execution of assertion {http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token-over-ssl executor class oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.>
####<May 15, 2017 2:20:09 PM UTC> <Error> <oracle.wsm.resources.enforcement> <test.oraclecloud.com> <ics_server1> <[ACTIVE] ExecuteThread: '25' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <005Jt30ba2SA9T3_Rlt1id0004vI00008M> <1494858009228> <WSM-07501> <Failure in Oracle WSM Agent processRequest, category=security, function=agent.function.service, application=osb, composite=null, modelObj=CoronaERPCloudInputWServices_CreateRequisitionTrigger_REQUEST-bindingQSService, policy=oracle/wss_username_token_over_ssl_service_policy, policyVersion=null, assertionName={http://schemas.oracle.com/ws/2006/01/securitypolicy}wss-username-token-over-ssl.>
####<May 15, 2017 2:20:09 PM UTC> <Error> <oracle.osb.security.api.security> <test.oraclecloud.com> <ics_server1> <[ACTIVE] ExecuteThread: '25' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <005Jt30ba2SA9T3_Rlt1id0004vI00008M> <1494858009230> <OSB-386019> <The proxy service operation selection algorithm returned an invalid operation name: null>
####<May 15, 2017 2:20:09 PM UTC> <Error> <oracle.osb.security.api.security> <test.oraclecloud.com> <ics_server1> <[ACTIVE] ExecuteThread: '25' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <005Jt30ba2SA9T3_Rlt1id0004vI00008M> <1494858009231> <OSB-387022> <An error occurred during web service security inbound request processing [error-code: SecurityHeaderUnmarshallingError, message-id: a429876.7da2d754.e.15b8da8c494.N7de5, proxy: CREATEREQUISITION_01/CORONATRIGGERERPCLOUDCONNECTIONPS, operation: null]
--- Error message:

oracle.wsm.common.sdk.WSMException: InvalidSecurity : error in processing the WS-Security security header
at oracle.wsm.security.policy.scenario.executor.WssUsernameTokenOverSSLScenarioExecutor.receiveRequest(WssUsernameTokenOverSSLScenarioExecutor.java:188)
at oracle.wsm.security.policy.scenario.executor.SecurityScenarioExecutor.execute(SecurityScenarioExecutor.java:652)
at oracle.wsm.policyengine.impl.runtime.AssertionExecutor.execute(AssertionExecutor.java:44)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeSimpleAssertion(WSPolicyRuntimeExecutor.java:515)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.executeAndAssertion(WSPolicyRuntimeExecutor.java:427)
at oracle.wsm.policyengine.impl.runtime.WSPolicyRuntimeExecutor.execute(WSPolicyRuntimeExecutor.java:374)
at oracle.wsm.policyengine.impl.PolicyExecutionEngine.execute(PolicyExecutionEngine.java:103)
at oracle.wsm.agent.WSMAgent.processCommon(WSMAgent.java:1276)
at oracle.wsm.agent.WSMAgent.processRequest(WSMAgent.java:566)
at oracle.j2ee.ws.common.wsm.SecurityAgentTube.processRequest(SecurityAgentTube.java:201)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
at com.sun.xml.ws.api.pipe.Fiber.access$100(Fiber.java:127)
at com.sun.xml.ws.api.pipe.Fiber$InterceptorHandler.execute(Fiber.java:965)
at com.sun.xml.ws.api.pipe.Fiber$InterceptorHandler.execute(Fiber.java:939)

 


STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Call an ICS integration from SOAPUI or any other client.


Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms