Unable To Send Encrypted Password For Inbound Integration Using #PASSWORDDIGEST

(Doc ID 1339400.1)

Last updated on AUGUST 25, 2017

Applies to:

Oracle Global Trade Management - Version 6.2.1 and later
Information in this document applies to any platform.

Symptoms


When invoking the Web Service “IntGtmXmlService” for Restricted party Screening using the “#PasswordDigest” attribute to send the password as encrypted, the following exception is Received:

ERROR
-----------------------
<TransmissionAckReason>EXCEPTION</TransmissionAckReason>
<StackTrace>Authentication Failed for user DOMAIN.USER

at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:39)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:27)
at java.lang.reflect.Constructor.newInstance(Constructor.java:513)
at glog.util.exception.GLException.factory(GLException.java:435)
at glog.util.exception.GLException.factory(GLException.java:411)
at glog.database.security.GLSecurityException.factory(GLSecurityException.java:40)
at glog.database.security.SecurityUserImpl.authenticate(SecurityUserImpl.java:214)
at glog.database.security.SecurityUtil.authenticateUser(SecurityUtil.java:79)
at glog.database.security.SecuritySessionBean.authenticateUser(SecuritySessionBean.java:172)
at glog.database.security.SecuritySessionServerSideEJBWrapper.authenticateUser(SecuritySessionServerSideEJBWrapper.java:741)
at glog.database.security.SecuritySessionHome_snlvan_EOImpl.authenticateUser(SecuritySessionHome_snlvan_EOImpl.java:547)
at glog.util.remote.NamingDirectory.get(NamingDirectory.java:176)
at glog.util.remote.NamingDirectory.get(NamingDirectory.java:223)
at glog.util.remote.NamingDirectory.get(NamingDirectory.java:235)
at glog.integration.servlet.WMHelper.process(WMHelper.java:29)
at glog.integration.webservice.intxml.IntXmlService.processString(IntXmlService.java:300)
at glog.integration.webservice.intxml.IntXmlService.process(IntXmlService.java:74)
at gtm.integration.webservice.intgtmxml.IntGtmXmlService.process(IntGtmXmlService.java:29)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at weblogic.webservice.component.javaclass.JavaClassInvocationHandler.invoke(JavaClassInvocationHandler.java:134)
at weblogic.webservice.core.handler.InvokeHandler.handleRequest(InvokeHandler.java:105)
at weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:144)
at weblogic.webservice.core.DefaultOperation.process(DefaultOperation.java:551)
at weblogic.webservice.server.Dispatcher.process(Dispatcher.java:204)
at weblogic.webservice.server.Dispatcher.doDispatch(Dispatcher.java:175)
at weblogic.webservice.server.Dispatcher.dispatch(Dispatcher.java:97)
at weblogic.webservice.server.WebServiceManager.dispatch(WebServiceManager.java:101)
at weblogic.webservice.server.servlet.WebServiceServlet.serverSideInvoke(WebServiceServlet.java:321)
at weblogic.webservice.server.servlet.ServletBase.doPost(ServletBase.java:454)
at weblogic.webservice.server.servlet.WebServiceServlet.doPost(WebServiceServlet.java:292)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3686)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)

STEPS
-----------------------
The issue can be reproduced at will with the following steps:
1. Create an envelope xml header with the following tags using the encrypted password:

<TransmissionHeader>
<TransmissionType>SERVICE</TransmissionType>
<UserName>DOMAIN.314704</UserName>
<Password Type="#PasswordDigest">GT2sgCSGE8Q1kHH59fIQQsVDkSs=</Password>
</TransmissionHeader>
2. Post xml to OTM.
3. Note the error received.

Cause

Sign In with your My Oracle Support account

Don't have a My Oracle Support account? Click to get started

My Oracle Support provides customers with access to over a
Million Knowledge Articles and hundreds of Community platforms