IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only
Back to discussions
Expand all | Collapse all

web service WS-Security Policy authentication failure

  • 1.  web service WS-Security Policy authentication failure

    Posted Fri March 11, 2016 06:16 PM

    I have a web service provider in webMethods 9.7 that uses the Username_Signature_Encryption WS-Security Policy. I am able to authorize access based on message-level username/password when calling the service.

    How can I log authentication and authorization failures to the web service? I have the IS Security Log enabled in IS Administrator with Generate Auditing Data on set to “Success or Failure” and everything checked under “Security Areas to Audit”. I don’t get any log entries for calls to the web service.

    I do get log entries for other events like logging in to IS Administrator.


    #API-Management
    #soa
    #webMethods


  • 2.  RE: web service WS-Security Policy authentication failure

    Posted Sat March 12, 2016 05:02 AM

    It might be that everything works well. Just the audit data is written not to the server log but to a DB table. Consult the docs to find out where the audit data get written to.


    #API-Management
    #webMethods
    #soa


  • 3.  RE: web service WS-Security Policy authentication failure

    Posted Mon March 14, 2016 11:02 AM

    I can’t find any mention of security logging in the Web Services Developer Guide.

    In IS Administrator, my security logger is configured to use the database. I have found the WSSECURITY table that has entries that exactly match what I see in Logs->Security.

    If there is some special place logging message-level WS-Security failures, I can’t find it.


    #webMethods
    #soa
    #API-Management


Related Content