|Oracle® OpenSSO STS Administrator's Guide
Release 11gR1. Version 22.214.171.124.0
Part Number E17844-01
This chapter contains the following topics:
Set debug properties when you configure an OpenSSO STS server instance. See Section 126.96.36.199, "To Configure OpenSSO STS Server General Properties."
OpenSSO Security Token Service (OpenSSO STS) debug files are stored in the WebServices file.
The following are error conditions or error messages and troubleshooting tips you can try:
Make sure that all host systems are in sync. The default skew allowed is 10 seconds. You can reconfigure this setting.
The security mechanism identified in the request does not match with one of the configured security mechanisms.
Make sure that your credentials are correctly provisioned in OpenSSO STS under User Credential. If configured to authenticate at Oracle Internet Directory or at Oracle Virtual Directory, then make sure the authentication chain is enabled in OpenSSO STS.
The encryption/decryption settings should be identical among client and server. The following are typical recommendations:
For asymmetric or symmetric binding, enable request and response signing of both body and header, and enable request decryption and response encyrption.
For transport-layer binding, disable signature validation when SSL is used; disable encryption when SSL is used.