web service WS-Security Policy authentication failure

erossing.26610 · March 11, 2016, 11:16pm

I have a web service provider in webMethods 9.7 that uses the Username_Signature_Encryption WS-Security Policy. I am able to authorize access based on message-level username/password when calling the service.

How can I log authentication and authorization failures to the web service? I have the IS Security Log enabled in IS Administrator with Generate Auditing Data on set to “Success or Failure” and everything checked under “Security Areas to Audit”. I don’t get any log entries for calls to the web service.

I do get log entries for other events like logging in to IS Administrator.

fml2 · March 12, 2016, 10:01am

It might be that everything works well. Just the audit data is written not to the server log but to a DB table. Consult the docs to find out where the audit data get written to.

erossing.26610 · March 14, 2016, 3:02pm

I can’t find any mention of security logging in the Web Services Developer Guide.

In IS Administrator, my security logger is configured to use the database. I have found the WSSECURITY table that has entries that exactly match what I see in Logs->Security.

If there is some special place logging message-level WS-Security failures, I can’t find it.

Topic		Replies	Views
wsse:FailedAuthentication webMethods , webMethods-BPMS , MWS-CAF-Task-Engine	3	5135	April 2, 2021
Ws security server log errors webMethods , Integration-Server-and-ESB	2	3272	April 2, 2021
Error accessing Integration services in MWS webMethods , Integration-Server-and-ESB , webMethods-Archive	1	987	September 3, 2021
Integration Server - Security Log webMethods , Integration-Server-and-ESB	9	2628	April 2, 2021
JAAS login with message level credentials has failed due to invalid credentials. webMethods , webMethods-General , Integration-Server-and-ESB	3	2625	April 2, 2021

web service WS-Security Policy authentication failure

Related topics