Exception with WS Policy : Unable to access Web Service with X509 certifiacte<Urgent>

Hi

I am getting below exception while trying to consume a web service with X509 certifiacte.

I am getting following exception when trying to use WS Policy

com.wm.app.b2b.server.ServiceException: org.apache.axis2.AxisFault: SOAP header missing
at pub.clientimpl.wssClient(clientimpl.java:2945)
at pub.clientimpl.soapClient(clientimpl.java:1299)
at sun.reflect.GeneratedMethodAccessor302.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at com.wm.app.b2b.server.JavaService.baseInvoke(JavaService.java:439)
at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:643)
at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:46)
at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:243)
at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
at com.wm.app.b2b.server.invoke.PipelineProcessor.process(PipelineProcessor.java:171)
at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:276)
at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:363)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:547)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:386)
at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:234)
at com.wm.app.b2b.server.BaseService.invoke(BaseService.java:194)
at com.wm.lang.flow.FlowInvoke.invoke(FlowInvoke.java:324)
at com.wm.lang.flow.FlowState.invokeNode(FlowState.java:584)
at com.wm.lang.flow.FlowState.step(FlowState.java:444)
at com.wm.lang.flow.FlowState.invoke(FlowState.java:409)
at com.wm.app.b2b.server.FlowSvcImpl.baseInvoke(FlowSvcImpl.java:1057)
at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:643)
at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:46)
at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:243)
at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
at com.wm.app.b2b.server.invoke.PipelineProcessor.process(PipelineProcessor.java:171)
at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:276)
at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:363)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:547)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:386)
at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:234)
at com.wm.app.b2b.server.BaseService.invoke(BaseService.java:194)
at com.wm.lang.flow.FlowInvoke.invoke(FlowInvoke.java:324)
at com.wm.lang.flow.FlowState.invokeNode(FlowState.java:584)
at com.wm.lang.flow.FlowState.step(FlowState.java:444)
at com.wm.lang.flow.FlowState.invoke(FlowState.java:409)
at com.wm.app.b2b.server.FlowSvcImpl.baseInvoke(FlowSvcImpl.java:1057)
at com.wm.app.b2b.server.invoke.InvokeManager.process(InvokeManager.java:643)
at com.wm.app.b2b.server.util.tspace.ReservationProcessor.process(ReservationProcessor.java:46)
at com.wm.app.b2b.server.invoke.StatisticsProcessor.process(StatisticsProcessor.java:44)
at com.wm.app.b2b.server.invoke.ServiceCompletionImpl.process(ServiceCompletionImpl.java:243)
at com.wm.app.b2b.server.invoke.ValidateProcessor.process(ValidateProcessor.java:51)
at com.wm.app.b2b.server.invoke.PipelineProcessor.process(PipelineProcessor.java:171)
at com.wm.app.b2b.server.ACLManager.process(ACLManager.java:276)
at com.wm.app.b2b.server.invoke.DispatchProcessor.process(DispatchProcessor.java:30)
at com.wm.app.b2b.server.AuditLogManager.process(AuditLogManager.java:363)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:547)
at com.wm.app.b2b.server.invoke.InvokeManager.invoke(InvokeManager.java:386)
at com.wm.app.b2b.server.ServiceManager.invoke(ServiceManager.java:234)
at com.wm.app.b2b.server.comm.DefaultServerRequestHandler.handleMessage(DefaultServerRequestHandler.java:119)
at com.wm.app.b2b.server.HTTPMessageHandler.process(HTTPMessageHandler.java:160)
at com.wm.app.b2b.server.HTTPDispatch.handleRequest(HTTPDispatch.java:181)
at com.wm.app.b2b.server.Dispatch.run(Dispatch.java:354)
at com.wm.util.pool.PooledThread.run(PooledThread.java:131)
at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.axis2.AxisFault: SOAP header missing
at org.apache.rampart.util.RampartUtil.setFaultCodeAndThrowAxisFault(RampartUtil.java:2286)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:111)
at org.apache.axis2.engine.Phase.invoke(Phase.java:325)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:265)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:164)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at com.softwareag.wsstack.client.impl.WSOperationClientImpl.execute(WSOperationClientImpl.java:65)
at com.wm.app.b2b.server.wss.wssClientImpl.invokeWebService(wssClientImpl.java:282)
at pub.clientimpl.wssClient(clientimpl.java:2804)
… 59 more
Caused by: org.apache.rampart.RampartException: SOAP header missing
at org.apache.rampart.RampartEngine.process(RampartEngine.java:161)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:100)

Please check the attached policy bleow . . . . .
I am not sure what is missing in the policy ?

<wsp:Policy wsu:Id=“Signature_RSA_1” Name=“X509 Authentication and Signature”
xmlns:wsu=“[URL]http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd[/URL]”
xmlns:wsp=“[URL]http://schemas.xmlsoap.org/ws/2004/09/policy[/URL]”>

wsp:ExactlyOne
wsp:All
<sp:AsymmetricBinding xmlns:sp=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702[/URL]”>
wsp:Policy
sp:InitiatorToken
wsp:Policy
<sp:X509Token sp:IncludeToken=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient[/URL]”>
wsp:Policy
<sp:WssX509V1Token11 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
sp:RecipientToken
wsp:Policy
<sp:X509Token sp:IncludeToken=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never[/URL]”>
wsp:Policy
<sp:WssX509V1Token11 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>

sp:AlgorithmSuite
wsp:Policy
sp:Basic256/
</wsp:Policy>
</sp:AlgorithmSuite>

sp:Layout
wsp:Policy
sp:Lax/
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss11 xmlns:sp=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702[/URL]”>
sp:Policy

</sp:Policy>
</sp:Wss11>
<sp:Wss10 xmlns:sp=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702[/URL]”>
sp:Policy

</sp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp=“[URL]http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702[/URL]”>
<sp:Body />
</sp:SignedParts>

</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>

Regards
Tarun

i guess the error means the request you are sending is missing some fields that is defined in the policy.
So, just check the SOAP env you are sending and compare it with the policy.

Thanks for your suggestion ,

But I am not able to figure out what i need to do around this.

I have installed Keystore on Integration server and provided KeyStore alias and password as input in auth> message> user field

Can you suggest me if i need some changes in policy or what else shall i provide as input in request .

Regards
Tarun

Hi Mittal, I have similar problem with 8.2 sp2. did you find any solution for this problem?

In my case the problem was because the response message was not signed/encrypted. In 8.2 i couldn’t specify not to apply the policies on response. However i could do that with 9.5 designer on 8.2.2 IS (apply polices only on request) it worked perfect

Hi D.C

I am experiencing the same issue on 8.2.2 designer and IS. Does anyone know what the solution is. I am sending a signed request with X509 Authentication Signature policy. But I am getting Missing SOAP header error on the response back.

Please any help!!!

How do i write a custom policy for X509 Authentication Signature only on request and not on reply.

My problem is the standard out of box policy(X509 Authentication Signature) applies policy both on request and response. Since my partner doesn’t send a signed response, it SOAP response is failing on my side with error:

SOAP header missing in SOAP response

I did talk to my partner about this and hes said that they cannot send a signed request, so my out of box policy will not work.

I m using designer 8.2.2

Hi all,

I am experiencing the same issue on 8.2.2 designer and IS too. Could someone solve this problem?
I am getting Missing SOAP Header but in backend logs I can see the correct Response.
I am using X509 Authentication Signature policy.

Thanks and Regards!
Diego

Dear All,

There are so many who are facing this issue on 8.2.2. If someone has solution kindly share which is really helpful to many.

Thanks,

in Designer, when you assigning a policy, there are 3 checkboxes on the right side: Input, Output, Fault.
you can use it to control if or not encrypt response or fault case.

Hello all,

In 8.2.2 version there is not directly supported selecting the operation (input/output/fault) using chekboxes. I think this feature is avaiable since version 9.6.
Furthermore you can manually modify the wsdl as described in this post:([url]http://tech.forums.softwareag.com/techjforum/posts/list/54455.page[/url]) to “emulate” this feature.

Regards,
Diego.