Nadim's Fusion Middleware Blog: SOA 12c SOAPUI : How to add OWSM WS-Security Username Token

Monday 4 December 2017

SOA 12c SOAPUI : How to add OWSM WS-Security Username Token

Lately I was trying to test a service that was using an OWSM Username Service Token policy using SOAPUI and was getting the below error:

<env:Fault xmlns:ns0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <faultcode>ns0:InvalidSecurity</faultcode>
         <faultstring>InvalidSecurity : error in processing the WS-Security security header</faultstring>
         <faultactor/>
</env:Fault>

I had added Basic Authorization with the required credentials.

Well the reason was quite simple.

I had not added the username token to the SOAP Header. Hence it was able to validate the security.

Here is what you must do:

Let the Basic Authorization be as is.
1. Right-click on your request message in SOAPUI
2. Select 'Add WSS Username Token'

3. Select Password Text and click on OK.

You can see that the Token is added to the Header

4. Test

Helpful? Please Comment.

Happy Learning!!

4 comments:

Nagaraj17 October 2018 at 11:05
Thank you, Adding Token was helpful and did the trick.
ReplyDelete
Replies
Anonymous23 June 2020 at 06:26
It was helpful. Thanks for the blog post.
ReplyDelete
Replies
Unknown13 April 2021 at 12:15
Thanks for sharing this great information I am impressed by the information that you have on this blog. Same as your blog i found another one Oracle SOA . Actually I was looking for the same information on internet for Oracle SOA and came across your blog. I am impressed by the information that you have on this blog. It shows how well you understand this subject, you can learn more aboutOracle SOA . By attending Oracle SOA Training .
ReplyDelete
Replies
Anonymous21 December 2022 at 05:31
Hi,
even after if I right click and select WSS Username Token and run the webservice, I'm still facing the same issue. can you please help me on this
ReplyDelete
Replies

Add comment

Blog Disclaimer

This is a personal blog. Any views or opinions represented in this blog are personal and belong solely to the blog owner and do not represent those of people, institutions or organizations that the owner may or may not be associated with in professional or personal capacity, unless explicitly stated. Any views or opinions are not intended to malign any religion, ethnic group, club, organization, company, or individual.

All content provided on this blog is for informational purposes only. The owner of this blog makes no representations as to the accuracy or completeness of any information on this site or found by following any link on this site. The owner will not be liable for any errors or omissions in this information nor for the availability of this information. The owner will not be liable for any losses, injuries, or damages from the display or use of this information.

Monday 4 December 2017

SOA 12c SOAPUI : How to add OWSM WS-Security Username Token

4 comments:

OSB 12c : Dynamic Routing to Business/Proxy Service