SAML SSO: SAMLServlet samlits Partner Not found - weblogic.developer.interest.webservices.databinding(Archived)

I'm using Vikrant Sawant's "Configuring Single Sign-On using SAML in Weblogic Server 9.2" sample to prototype our SAML-SSO test between WL92<->WL92.
I believe I follwed every step the sample says and I checked, re-sheck everything.
Still, I'm not able to complete the single login in and getting the following error::O
<SAMLServlet (samlits): Initializing SAML samlits service>
<SAMLServlet (samlits): Getting source site helper instance>
<SAMLSourceSite: init(): Assertion store is version 2, will verify destination sites>
<SAMLServlet (samlits): Got source site helper instance>
<SAMLServlet (samlits): SAML samlits service initialized>
<SAMLServlet (samlits): doGet(): Request URI is '/samlits_ba/its'>
<SAMLServlet (samlits): doGet(): Servlet URI is '/its'>
<SAMLServlet (samlits): doGet(): Partner not found, returning FORBIDDEN>
I wish somwone can help me out!
Thanks a lot!

I am also experiencng some problems with this example. Have solved your problem? 

I'm not using that profile/scenario, but I am having a similar problem with the sender-vouches profile. See:
Has anyone figured this out?


getting WsdlException while deploying application

Have been trying to use remote portlet, but even after repeatedly checking the configuration file, unable to locate the cause of the below error while deploying the PortalWeb.war application.
<May 25, 2011 4:38:14 PM IST> <Warning> <com.bea.wlw.netui.pageflow.internal.WebLogicURLTemplateFactory> <BEA-000000> <In webapp <OCOEPortalWeb>, the url template <http://{url:domain}:{url:port}/{url:path}?{url:queryString}> uses the {url:port} token. The system may not pick up the correct ports if you are using a proxy server. Consider hardcoding the ports in a production environment.>
weblogic.wsee.wsdl.WsdlException: Failed to read wsdl file from url due to -- Tried all: '1' addresses, but could not connect over HTTP to server: '', port: '7101'
at weblogic.wsee.wsdl.WsdlReader.getDocument(
at weblogic.wsee.wsdl.internal.WsdlDefinitionsImpl.parse(
at weblogic.wsee.wsdl.internal.WsdlDefinitionsImpl.parse(
at weblogic.wsee.wsdl.WsdlFactory.parse(
at weblogic.wsee.wsdl.WsdlFactory.parse(
at weblogic.wsee.wsdl.WsdlFactory.parse(
at com.bea.wsrp.wsdl.FixupWsdlParser.parse(
at com.bea.wsrp.wsdl.WsdlInfoImpl.<init>(
at com.bea.wsrp.wsdl.GlobalWsdlPool.getWsdlInfo(
at com.bea.wsrp.config.ProducerInfo.isPortletManagementSupported(
at java.util.TimerThread.mainLoop(
Caused by: Tried all: '1' addresses, but could not connect over HTTP to server: '', port: '7101'
at weblogic.wsee.util.dom.DOMParser.getWebLogicDocumentImpl(
at weblogic.wsee.util.dom.DOMParser.getDocument(
at weblogic.wsee.wsdl.WsdlReader.getDocument(
... 22 more
Please find the entry of the "wsrp-producer-registry.xml"
<?xml version="1.0" encoding="UTF-8"?>
xsi:schemaLocation=" wsrp-producer-registry.xsd"
<!-- The offer-extensions attribute above indicates whether the consumer can send messges to WLP-extended Web
Service ports -->
<!-- Upload limit (in bytes) -->
<!-- Some producers may not be able to handle attachments sent as a single part. If this is the case, set
this to true -->
<!-- Timeout value for establishing a connection -->
<!-- Connection (read) timeout (in milli seconds) -->
<!-- Enable/disable local proxy -->
<!-- Release sessions upon session expiry on the consumer -->
<!-- Add wsrp-producer elements here -->
<!-- URL templates for producer writing of URLs -->
<url-template-ref type="default" name="wsrp-default"/>
<url-template-ref type="blockingAction" name="wsrp-blockingAction"/>
<url-template-ref type="secureBlockingAction" name="wsrp-secureBlockingAction"/>
<url-template-ref type="resource" name="wsrp-resource"/>
<url-template-ref type="secureResource" name="wsrp-secureResource"/>
<url-template-ref type="render" name="wsrp-render"/>
<url-template-ref type="secureRender" name="wsrp-secureRender"/>
<url-template-ref type="resource" name="wsrp-resource"/>
<url-template-ref type="secureResource" name="wsrp-secureResource"/>
<url-template-ref type="standalone" name="wsrp-default"/>
<url-template-ref type="secureStandalone" name="wsrp-secureDefault"/>
<url-template-ref type="secureDefault" name="wsrp-secureDefault"/>
Any suggestions how to resolve the given error by correcting any entry in any configuration file will be very help ful.
Hello Ashok,
The exception you are getting seems to indicate that the WSDL document cannot be retrieved from the WSDL URL. This could be because the WSRP producer is not running or the WSDL URL is incorrect.
Thanks kevin you are right but thing is i want remove all the reference to given WSDL path, do you have some idea where this wsdl reference is present and how i can remove them.
Please help me with this issue i have tried to search in all file in my project to remove them still cant find the reference. 
Hello Ashok,
Are you using a streaming portal? If you can't find the WSDL URL being used in any of the configuration files, perhaps it was set up as a WSRP producer using the administration tools, which would store the producer information in the database. If this is the case, you should be able to use the administration console to remove the producer and eliminate this error.
Hi Kevin,
Yes i m using streaming portal, i hv created remote portlet and registered the WSDL URL to create the proxy portlets. but now i m getting the exception when deployed on dev server, Can u specify like how we can remove this remote portlet reference using the Admin console. 
thnks kevin 
Hello Ashok,
I believe if you look under "Portal Resources", then "Library", you'll see a "Portlet Producers" option in the tree on the left-hand side of the portal administration console. You should be able to click on "Portlet Producers" to get options on deleting a previously-configured producer.

Configuring SAML-based Single Sign-on

I was developing a webcenter application. need to use Single Sign-on.
I step by step in accordance with the document webcenter configuration SAML based on the Single Sign-on,
after Configuring the SAML Identity Assertion Provider, restart weblogic server of the error is as follows:
<2009-7-21 10:00:46 CST> <Error> <Deployer> <BEA-149205> <Failed to initialize the application 'bea_wls_internal' due to error weblogic.application.ModuleException: Failed to load webapp: 'bea_wls_internal.war'.weblogic.application.ModuleException: Failed to load webapp: 'bea_wls_internal.w
ar '
at weblogic.servlet.internal.WebAppModule.prepare ( 368)
at weblogic.application.internal.flow.ScopedModuleDriver.prepare (ScopedM 176)
at weblogic.application.internal.flow.ModuleListenerInvoker.prepare (Modu 93)
at weblogic.application.internal.flow.DeploymentCallbackFlow $ (Depl 387)
at weblogic.application.utils.StateMachineDriver.nextState (StateMachineD 37)
Truncated. See log file for complete stacktrace
javax.servlet.ServletException: [Security: 090820] The internal variable ServletIn
foSpi is null and it should not be.
( 52)
Impl $ ServiceImpl.getServletAuthenticationFilters (ServletAuthenticationFilterServ 104)
tionFilters ( 608)
at <init> (WebAppSecuri 80)
at <init> (WebAppSec 65)
I wolud like to do ? who tell my?
i don't understand your question, but i'm guessing you want the webcenter forum, not webcenter interaction. 
I got the same error (Security: 090820 The internal variable ServletInfoSpi is null and it should not be) when I misconfigured the keystore. The Admin server would start, but the Managed Server wouldn't start up, apparently because it couldn't talk to the AS. I had to manually edit the config.xml file to undo the keystore change. 
Hi, could you please tell me what changes did you have to make in config.xml?
Hi, could you please tell me what changes did you have to make in config.xml?

weblogic web service invoke error

I am new in WL and trying to invoking a web-service using client code written in java.
When I see in my service in web logic console it is looking fine same as other ready sample service which I am able to invoke using client code. I am using that sample client to invoke my web service after doing changes for my service. Client class is also compiled.
I am using weblogic 8.1 and I am getting below error.
cu dmwls(558)$ java Client http://localhost:61069/kuldeep/MyFirstService?WSDL
*<Feb 19, 2010 11:12:37 AM GMT> <Info> <WebService> <BEA-220094> <An IOException was thrown trying to access the WSDL at the given URL.>*
<Feb 19, 2010 11:12:37 AM GMT> <Info> <WebService> <BEA-220034> <A stack trace associated with message 220094 follows: http://localhost:61069/kuldeep/MyFirstService?WSDL
at weblogic.webservice.WebServiceFactory.createFromWSDL(
at weblogic.webservice.core.rpc.ServiceImpl.<init>(
at clientpkg.MyFirstService_Impl.<init>(
at Client.main(
Exception in thread "main" Failed to retrieve WSDL from http://localhost:61069/kuldeep/MyFirstService?WSDL. Please check the URL and make sure that it is a valid XML file [ http://localhost:61069/kuldeep/MyFirstService?WSDL]
at weblogic.webservice.WebServiceFactory.createFromWSDL(
at weblogic.webservice.core.rpc.ServiceImpl.<init>(
at clientpkg.MyFirstService_Impl.<init>(
at Client.main(
While trying to access web-service, I am getting
Error 404--Not Found*
From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1:*
+10.4.5 404 Not Found+
The server has not found anything matching the Request-URI. No indication is given of whether the condition is temporary or permanent.
If the server does not wish to make this information available to the client, the status code 403 (Forbidden) can be used instead. The 410 (Gone) status code SHOULD be used if the server knows, through some internally configurable mechanism, that an old resource is permanently unavailable and has no forwarding address.
Edited by: on Feb 19, 2010 4:56 PM 
Hi Kuldeep,
In your servicegen task you have defined
Please remove the preceeding forward slash from there like serviceURI="${}"
Now deploy your service and then try to hit the WSDL like by opening a Browser:${contextURI}/${}?WSDL
Note : Just replace the values of ${} and ${contextURI} with the actual values .... which you have specified in your ANT Task...
Still if you are not able to hit the WSDL then Just try to Access The Test Client Page from admin Console and access the WebService ...Let us know if u are able to invoke webservice method from TestClient Page of AdminConsole.
If not it means the Service is not deployed Successfully...Please check the Log after deploying the WebService and In case of any Error/Warning just paste the Trace here.
Jay SenSharma (WebLoigc Wonders Are here) 
Hi Jay,
During my on going testing on our DR site, across all the issues which kind of fixed and working now – I have come across 1 which I am a little amazed with
While trying to run the ping and buffer on REN SERVER
ERROR 404 Page not found. Everything is set up perfectly to what I understand.
Env. – HR to portal .
Request goes to RPS passes the firewall goes to LB and to REN and so on along with that.
Initially the Setup was incorrect which is corrected now. Then LB was listening to desired port – which was not activated while RPS was brought up – we have fixed that. so for now LB listens to port.
We have bounced app/prcs and cleared cache. But when tried to ping test – 404 (page not found error )
I have checked config.xml / struts-config.xml and web.xml – jus to verify the document root and context is alrite. Looks Good.
Checked logs - No specific error.
HR – Websphere … RPS apache...
Portal – Weblogic
Tools - 8.49.18
App - 9.0 (HR)
RENQ is up and running.
REN Server Cluster ID: RENCLSTR_0002
*StateFlag Active
*REN Server Cluster URL: https://psportal:8065
*REN Server Browser URL:
Authentication Domain:
request your help pls

Unable to access https WSDL from browser IE 7  getting 405 error

Hi am trying to generate clinet jar and stubs for third party secured webservice.When I typed the url in browser (IE 7) am getting error saying
405 GET not supported, this is a SOAP service, please use POST.
I am using weblogic 8.1 and Eclipse SDK Version: 3.4.1, ant home - ant plug in frm eclispe folder org.apache.ant_1.7.0
the wsdl url is in this format ----
Am generating the client gen using below line sin build.xml
<antcall target="generateClient" inheritAll="true" inheritRefs="true" />
<target name="generateClient" >
<clientgen wsdl="C:\Ws_QSA.wsdl"
and my java class i am trying to call the method by getting port as below.
private static WS_SOAP_Service service= new Ws_QSAService_Impl("");
private static WS_ port =service.getWs_QSAPortType();
<Jul 19, 2010 8:39:17 AM MDT> <Info> <WebService> <BEA-220094> <An IOException was thrown trying to access the WSDL at the given URL.>
<Jul 19, 2010 8:39:17 AM MDT> <Info> <WebService> <BEA-220034> (
at weblogic.webservice.WebServiceFactory.createFromWSDL(
at weblogic.webservice.core.rpc.ServiceImpl.<init>(
ERROR <clinit>, Problem accessing properties file for QSA service avalability webservice Url.
Failed to retrieve WSDL from Please check the URL and make sure that it is a valid XML file [ FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.] Failed to retrieve WSDL from Please check the URL and make sure that it is a valid XML file [ FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.]
at weblogic.webservice.WebServiceFactory.createFromWSDL(
at weblogic.webservice.core.rpc.ServiceImpl.<init>(
at weblogic.webservice.core.rpc.ServiceImpl.<init>(
Any body please help me what should I install for this SSL exception.I am struggling for three days i couldnt able to resolve.
If I got certificate from thirdparty what is the procedure should I follow .to access in Browser and from java client class .
**I posted this under answered thread so thought of just posting new one.** 
1. Here is the root cause of this Excpetion:
Failed to retrieve WSDL from Please check the URL and make sure that it is a valid XML file [ FATAL Alert:BAD_CERTIFICATE - A corrupt or unuseable certificate was received.]
2. What this means is the WebService exposed or https needs some sort of Security Certificates. Do this simple test. Invoke the WSDL Url using https directly in the browser. And check the WSDL carefully. Look if it has any Security Tag with security details that needs for https etc. This means when you access this WebService through any client you need to provide security certificate details also.
I remember seeing the provision to configure the certificates during the process of generating the Client JARs for the WSDLs exposed over https. If I could find that link, I will post here. But yes, there is an option to configure the proper certificates/security for this https webservices and then generate client jars.
Ravi Jegga 
Thanks for the Reply Ravi.
I got the certificate from third party i imported in IE (While importing it didnt prompt me for any pwd too) and MMC ,used the below command
keytool -importcert -alias myprivateroot -keystore C:\bea\weblogic81\server\lib\cacerts -file C:\thirdparty-client.cer.
and imported in weblogic server too.and I dont see any security settings in the WSDL.has only sessionId.
I am little doubtful about the keytool import command for importing client certificate to cacerts.Am I missing something .

Error on verifying message against security policy Error code:3603

Hello,We are migrating our WebServices from WL10.3 to WL12.1.2 and we haven't been able to invoke them as we did on 10.3. On their WSDL is specified a ws security policy like this:<wsp:Policy  xmlns:wsp=""  xmlns:sp="">  <sp:SymmetricBinding>    <wsp:Policy>      <sp:UsernameToken sp:IncludeToken="">        <wsp:Policy>          <sp:HashPassword/>          <sp:WssUsernameToken10/>        </wsp:Policy>      </sp:UsernameToken>    </wsp:Policy>  </sp:SymmetricBinding>   <sp:SignedSupportingTokens>    <wsp:Policy>      <sp:UsernameToken sp:IncludeToken="">        <wsp:Policy>          <sp:HashPassword/>          <sp:WssUsernameToken10/>        </wsp:Policy>      </sp:UsernameToken>    </wsp:Policy>  </sp:SignedSupportingTokens></wsp:Policy>When we try to use this webservice from the new WebLogic 12.1.2 domain we receive the following SoapFault      <env:Fault xmlns:wsse="">         <faultcode>wsse:InvalidSecurity</faultcode>         <faultstring>Error on verifying message against security policy Error code:3603</faultstring>      </env:Fault> Anyone can help us with this issue? We don't know what are we missing or if there is some additional configuration needed or incompatibility.For additional information, these guidelines has been considered:Use a password digest in SOAP messagesConfigure Authentication and Identity Assertion providersCreate a Web service security configurationThank you in advance and kind regards,Ruben
Finally I found out what was going on.This error is produced by a NullPointerException on class line 535 when calling the getDigestMethod().getAlgorithm()ref = this.svalidator.getReference(st, this.blueprint.getXmlSignatureFactory().newDigestMethod(signingPolicy.getDigestMethod().getAlgorithm(), (DigestMethodParameterSpec)null), new ArrayList(), token.isIncludeInMessage()); Which differs from the 10.3 version, where a default digest method is providedlocalObject1 = this.svalidator.getReference(localSecurityToken, this.blueprint.getXmlSignatureFactory().newDigestMethod("", (DigestMethodParameterSpec)null), new ArrayList(), paramSecurityToken.isIncludeInMessage()); Trying to understand the WS Policy file I resolved that if we are using a SignedSupportingTokens we also need to configure how tokens has to be signed otherwise use the SupportingTokens instead, which is what I did. So finally, if the policy was not properly defined, I don't understand why in this new version a NPE is raised (wrapped in an 3603 error code). Maybe it's a bug?Cheers,Rubén