Products | Versions |
---|---|
TIBCO ActiveMatrix BusinessWorks | 5.14.0, 5.13.x |
Sometimes after migrating our BW Project to BW 5.13 or BW 5.14 you could face the following error:
------------
Caused by: com.tibco.spin.soap.security.WssProcessorException: The inbound message does not conform to the policy. Error code = 180004 Exception Processing on Username Token: An invalid security token was provided (An error happened processing a Username Token {0})
at com.tibco.spin.soap.security.WSSecurityHeaderProcessor.enforceSecurityPolicy(Unknown Source)
at com.tibco.spin.soap.security.WSSecurityHeaderProcessor.process(Unknown Source)
------------
One possible reason for this error is that the EncodingType in Nonce element is missing from the client request.
This is a sample Client Request without EncodingType
========
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxxxxxxxxxxx</wsse:Password>
<wsse:Nonce/>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
========