Sun Java System Application Server Platform Edition 8.2 Error Message Reference

Chapter 13 WSS Error Messages

This chapter describes messages for errors with a WSS prefix.

WSS Messages


WSS0126

Unsupported algorithm type. Only RSA supported.

Solution:

Check that the signature algorithm is RSA.


WSS0129

Malformed message ds:Signature element missing from the wsse:Security header block.

Solution:

Check proper signature was generated while signing.


WSS0134

Unable to Initialize XMLCipher with the given Key.

Solution:

Check that the XMLCipher was initialized properly.


WSS0137

An appropriate JCE provider is not configured in the JRE.

Solution:

Look at root exception for more clues.


WSS0144

Base64Decoding exception is the root cause.

Solution:

Check that the data is valid base64 encoded.


WSS0147

TransformationConfiguration exception while trying to use stylesheet to pretty print.

Solution:

Make sure style sheet is valid.


WSS0148

Exception while trying to pretty print using transform.

Solution:

Make sure the original SOAP Message and style sheet are both correct.


WSS0156

Error in certificate used for validation.

Solution:

Check that the token contains a valid Certificate.


WSS0165

XPath does not correspond to a DOM element.

Solution:

Check that the node represented by the XPath is a valid DOM element.


WSS0167

Invalid signature; verification failed.

Solution:

Make sure the signature was not tampered with in transit.


WSS0168

Unable to generate a random symmetric key.

Solution:

Verify that the KeyGenerator has been properly initialized.


WSS0169

Value of FilterParameterConstants.BINARY_SEC_TOKEN is not set.

Solution:

Check that direct referencestrategy is set before exporting the certificate.


WSS0181

Subject not authorized; validation failed.

Solution:

Check that the user is authorized.


WSS0182

FilterParameterConstants.REFERENCE_LIST parameter has a null value.

Solution:

The reference list that needs to be decrypted usually set by ImportEncryptedKeyFilter.


WSS0183

Could not locate a valid symmetric key needed for decryption.

Solution:

Value of symmetric key seems to be null. Check its value.


WSS0184

Could not retrieve security domain from the Securable SOAP message.

Solution:

Make sure the SecurityEnvironment factory has set the right security environment.


WSS0185

Could not find the certificate associated with the direct reference strategy.

Solution:

Check that the URI is valid and subjectkeyidentifier parameter is set in configuration.


WSS0189

Data decryption algorithm has to be either Triple-DES, AES128-CBC, AES256-CBC.

Solution:

Check that the encryption algorithm used is either 3DES, AES128_CBC, AES256_CBC.


WSS0190

The number of elements encrypted is less than required/allowed.

Solution:

Check that the data references for encryption (in message) match the requirements.


WSS0191

A SymmetricKey was not generated earlier that is set on the calling thread.


KeyName specified could not locate a key in the security environment.

Solution:

Check that ExportEncryptedKeyFilter is called before. Check that a valid KeyStore URL is used to instantiate the SecurityEnvironment and it contains a matching SecretKey.


WSS0192

At least one target needs to be specified for encryption.

Solution:

Check that a non-null target list is used to instantiate the filter.


WSS0193

Target specified does not correspond to a valid message part.

Solution:

Check that a valid XPath/QName/wsuId are specified.


WSS0194

SOAP-ENV:Header can not fully be encrypted.


SOAP-ENV:Body can not fully be encrypted.

Solution:

Check that a valid XPath/QName/wsuId are specified complying to the spec.


WSS0195

ReferenceListBlock not set on the calling thread.

Solution:

Check that ExportEncryptedKeyFilter is called before. Check that ExportReferenceListFilter is called before.


WSS0196

An instance of SecurityEnvironment class for the operating environment was not set on SecurableSoapMessage.

Solution:

Check that SetSecurityEnvironmentFilter processed the message before.


WSS0198

Only RSA_SHA1 Signature algorithm is supported.

Solution:

Check that RSA_SHA1 signature algorithm is specified.


WSS0199

Timestamp creation time can not be null.

Solution:

Check that non-null creation time is used to instantiate the filter.


WSS0203

Header block corresponding to the desired requirement not found.

Solution:

Check that the message meets the security requirements.


WSS0204

Illegal security header block found in the security header.

Solution:

Check that the message is SOAP Security specification compliant.


WSS0205

Requirement for wsu:Timestamp has not been met.

Solution:

Check that the message meets the security requirements.


WSS0206

Not all receiver requirements for security have been met.

Solution:

Check that the message meets the security requirements.


WSS0208

Extra security than required by the receiver side policy found in the message.

Solution:

Check that the message strictly meets the security requirements.


WSS0209

The message filter is incorrectly configured to process an inbound message.

Solution:

Check that the filters are correctly configured to process inbound messages.


WSS0210

Only RSAv1.5 Key Encryption Algorithm is supported.

Solution:

Check that the Key Encryption Algorithm used in the inbound message is RSAv1.5.


WSS0212

Receiver requirement for digested password in UsernameToken not met.

Solution:

Check that the message meets the security requirements.


WSS0213

Receiver requirement for nonce in UsernameToken not met.

Solution:

Check that the message meets the security requirements.


WSS0215

handle() call for a PropertyCallback on the handler threw exception.

Solution:

Check the handler implementation.


WSS0216

handle() call on the handler threw exception.

Solution:

Check the handler implementation.


WSS0217

handle() call on the handler threw exception.

Solution:

Check the handler implementation.


WSS0218

handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.


WSS0219

handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.


WSS0220

handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for DecryptionKeyCallback.AliasSymmetricKeyRequest.


WSS0221

handle() call on the handler failed to set the Callback.

Solution:

Check the handler implementation for SignatureKeyCallback and/or EncryptionKeyCallback, check keystores and truststores.


WSS0222

handle() call on the handler failed to set the Callback.

Solution:

Check keystore path and ensure that the right keys are present.


WSS0301

Data malformed. Base 64 decoding error.

Solution:

Verify that data is base64 encoded.


WSS0302

Certificate parsing problem.

Solution:

Data stream used to create the x509 certificate maybe corrupted.


WSS0303

Certificate encoding exception.

Solution:

Check that the x509 data is valid. Could not extract raw bytes from it.


WSS0306

Invalid password type.

Solution:

Password type must match that specified by the WSS specification.


WSS0307

Nonce encoding namespace check failed.

Solution:

Nonce encoding type namespace seems invalid.


WSS0310

NoSuchAlgorithmException: Invalid algorithm.

Solution:

Check that the algorithm passed to SecureRandom is valid.


WSS0311

Password digest could not be created.

Solution:

Check that the algorithm passed to MessageDigest is valid.


WSS0316

BinarySecurity token's Encoding type is invalid.

Solution:

Check that encoding value for BinarySecurity token is valid as per spec.


WSS0317

Could not find X.509 certificate.

Solution:

Ensure certificate path is not empty and certificate type is correct.


WSS0318

Error while parsing and creating the KeyInfo instance.

Solution:

Check values passed to KeyInfo constructor.


WSS0319

Could not add key name to KeyInfo Header block.

Solution:

Check KeyInfo and KeyName have been instantiated without exceptions.


WSS0320

Could not get KeyName from KeyInfo.

Solution:

Make sure the KeyName exists in the KeyInfo.


WSS0321

Could not retrieve element from KeyInfo or could not import the node.

Solution:

Check the element to be converted to SOAPElement.


WSS0322

Exception while parsing and creating the Signature element.

Solution:

Check that a fully initialized XML Signature was passed.


WSS0323

Exception while trying to sign.

Solution:

Check the key used to sign.


WSS0324

Exception while adding a Reference with URI, transforms and Digest algorithm URI to SignedInfo.

Solution:

Verify the following:

  • Check getSignatureValue failure cause from underlying XML DSIG implementation.

  • Check that the message signed using corresponding private key, and has not been tampered with.

  • Check values passed to constructor of XMLSignature.addDocument passed to XML DSig implementation are correct.


WSS0327

Could not retrieve element from Signature or could not import the node.

Solution:

Check the element to be converted to SOAPElement.


WSS0328

Error parsing date.

Solution:

Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.


WSS0329

Expecting UsernameToken Element.

Solution:

Check that the next element is UsernameToken.


WSS0330

Username not first child of UsernameToken.

Solution:

Make sure first child of wsse:UsernameToken is Username in wsse namespace.


WSS0331

Element may not be a proper UsernameToken.

Solution:

Check that the UsernameToken matches the token schema.


WSS0332

Username was null.

Solution:

Check UsernameToken contains a valid Username.


WSS0333

Keystore URL is null.

Solution:

Check that the property javax.net.ssl.keyStore is set properly.


WSS0334

KeyIdentifier holds invalid ValueType.

Solution:

Check KeyIdentifier ValueType's value.


WSS0335

KeyReference type not supported.

Solution:

KeyReference type should be one of KeyIdentifier, Reference, X509Data.


WSS0336

Can't locate public key.

Solution:

Check public key retrieved should not be null.


WSS0337

Could not resolve URI.

Solution:

Check DirectReference's ValueType, it is not supported.


WSS0338

Key Reference Mechanism not supported.

Solution:

Check reference is one of X509IssuerSerial, DirectReference, KeyIdentifier.


WSS0339

Support for processing information in the given ds:KeyInfo is not present.

Solution:

Check ds:KeyInfo matches schema.


WSS0340

Creation time cannot be ahead of current UTC time.

Solution:

Check system time and ensure it is correct.


WSS0341

Creation time is very old.

Solution:

Check system time and ensure it is correct.


WSS0342

BinarySecurity Token's Value type is invalid.

Solution:

Check that valueType for BinarySecurity token is valid as per spec.


WSS0343

Error in creating the BST due to {0}.

Solution:

Check that all required values are set on the Binary Security Token, including TextNode value.


WSS0344

The binary data in the Security Token can not be decoded, expected Base64 encoding.

Solution:

Check to see that the encoding format of the Binary Security Token is Base64Binary.


WSS0345

Error creating SOAPElement for EncryptedDataHeaderBlock.

Solution:

If SOAPElement is used to create EncryptedData HeaderBlock, check to see that it is valid as per spec.


WSS0346

Invalid SOAPElement passed to EncryptedDataHeaderBlock constructor.

Solution:

Check that the SOAPElement passed to EncryptedDataHeaderBlock is valid as per spec.


WSS0347

SOAPElement used to initialize EncryptedType may not have CipherData element.


CipherData may not have been set on the EncryptedType.

Solution:

Check to see SOAPElement used to initialize EncryptedType has CipherData. Check to see setCipherData() is called on the EncryptedType.


WSS0348

Error creating SOAPElement for EncryptedKeyHeaderBlock.

Solution:

If SOAPElement is used to create EncryptedKeyHeaderBlock, check to see that it is valid as per spec.


WSS0349

Invalid SOAPElement passed to EncryptedKeyHeaderBlock().

Solution:

Check that the SOAPElement passed to EncryptedKeyHeaderBlock() is valid as per spec.


WSS0350

Error creating/updating CipherData SOAPElement (in EncryptedKeyHeaderBlock).

Solution:

Refer your SAAJ API Documentation.


WSS0351

Error creating EncryptionMethod SOAPElement.

Solution:

Refer your SAAJ API Documentation.


WSS0352

Error creating javax.xml.soap.Name for CipherValue.

Solution:

Refer your SAAJ API Documentation.


WSS0353

No CipherValue element(s) are present in CipherData.

Solution:

Check to see if setCipherValue() is called on EncryptedType.


WSS0354

An error may have occurred creating javax.xml.soap.Name for EncryptionMethod.

Cause:

An error may have occurred creating javax.xml.soap.Name for KeyInfo. An error may have occurred creating javax.xml.soap.Name for CipherData. An error may have occurred creating javax.xml.soap.Name for EncryptionProperties.

Solution:

Refer your SAAJ API Documentation.


WSS0355

Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.DSAKeyValue.


Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.RSAKeyValue. Error creating com.sun.org.apache.xml.security.keys.content.KeyValue.

Solution:

Check that a non-null SOAPElement is passed to addXXXKeyValue().


WSS0356

Error creating com.sun.org.apache.xml.security.keys.content.X509Data.

Solution:

Check that a non-null SOAPElement is passed to addX509Data().


WSS0357

Error getting KeyValue from KeyInfo for the given index.

Solution:

Check that the ds:KeyInfo element has ds:KeyValue elements. Check that the index (beginning with 0) used to refer the ds:KeyValue element is valid.


WSS0358

Error getting X509Data from KeyInfo for the given index.

Solution:

Check that the ds:KeyInfo element has ds:X509Data elements. Check that the index (beginning with 0) used to refer the ds:X509Data element is valid.


WSS0359

Error adding com.sun.org.apache.xml.security.keys.content.X509Data to KeyInfo.

Solution:

Check that a valid com.sun.org.apache.xml.security.keys.content.X509Data (as per specs.) is passed to addX509Data().


WSS0360

An error may have occurred creating javax.xml.soap.Name for ReferenceList.

Solution:

Refer your SAAJ API Documentation.


WSS0361

An error may have occurred creating org.w3c.dom.Element for ReferenceList.

Cause:

The org.w3c.dom.Document object passed ReferenceListHeaderBlock() may be null.

Solution:

Check that the Namespace specified does not contain any illegal characters as per XML 1.0 specification. Check that the QName specified is not malformed (Refer to the J2SE Documentation for more information). Check that a non-Null Document is passed to the ReferenceListHeaderBlock().


WSS0362

Invalid SOAPElement passed to ReferenceListHeaderBlock().

Solution:

Check that the SOAPElement passed to ReferenceListHeaderBlock() is valid as per spec.


WSS0363

Error creating javax.xml.soap.SOAPElement for xenc:DataReference.

Cause:

Error adding xenc:DataReference (SOAPElement) as child element of xenc:DataReference (SOAPElement). Error setting URI attribute on javax.xml.soap.SOAPElement for xenc:DataReference.

Solution:

Refer your SAAJ API Documentation.


WSS0365

Error creating javax.xml.soap.SOAPElement for namespace node.

Solution:

Refer your SAAJ API Documentation.


WSS0368

Error getting SOAPEnvelope from SOAPPart.

Solution:

Refer your SAAJ API Documentation.


WSS0369

Error getting SOAPHeader from SOAPEnvelope.

Cause:

Error creating SOAPHeader.

Solution:

Refer to your SAAJ API Documentation.


WSS0371

Error in getting the SOAPBody from the SOAPMessage.


Error in creating javax.xml.soap.Name for setting the fault on SOAPBody. Error in adding fault to SOAPBody.

Solution:

Refer your SAAJ API Documentation.


WSS0376

Error importing the SOAPElement representing the header block to the document corresponding to the SOAPMessage to which the header is being added.

Solution:

Check that the SecurityHeaderBlock can be transformed to a valid SOAPElement. Refer to the J2SE Documentation for more.


WSS0377

Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.

Solution:

Refer your SAAJ API Documentation.


WSS0378

Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.

Solution:

Check that the org.w3c.dom.Document object passed to SecurityTokenReference() is non-null. Refer your SAAJ API Documentation.


WSS0379

SOAPElement passed to SecurityTokenReference() is not a valid SecurityTokenReference element as per spec.

Solution:

Check that a valid SOAPElement as per spec. is passed to SecurityTokenReference().


WSS0380

The ds:Reference would already have been set using the constructors.

Solution:

Check that a SOAPElement with ds:Reference (child element) is not used to instantiate SecurityTokenReference.


WSS0381

Error in setting the passed ReferenceElement on SecurityTokenReference.

Solution:

Refer your SAAJ API Documentation.


WSS0382

Error appending ds:Object element to ds:Signature.

Solution:

Check that a valid ds:Object SOAPElement (as per spec.) is passed to appendObject(). Check that a non-null SOAPElement is passed to appendObject().


WSS0383

Owner document of ds:Signature SOAPElement is null.

Solution:

Check that the Document used to instantiate SignatureHeaderBlock() is not null.


WSS0384

Error creating javax.xml.soap.Name for Timestamp.

Solution:

Refer your SAAJ API Documentation.


WSS0385

The SOAPElement used to instantiate Timestamp() is not valid (as per specification).

Solution:

Check that the Localname and NamespaceURI of the SOAPElement used to create Timestamp() are correct as per spec.


WSS0386

Error creating javax.xml.soap.SOAPElement for Timestamp.


Error adding child SOAPElements to the Timestamp element.

Solution:

Refer your SAAJ API Documentation.


WSS0387

Username is not set.

Solution:

Check that a Username has been passed through the configuration file or through the callback handler.


WSS0388

Error creating javax.xml.soap.SOAPElement for UsernameToken.


Error adding child SOAPElements to the UsernameToken element.

Solution:

Refer your SAAJ API Documentation.


WSS0389

Base64 nonce encoding type has not been specified.

Solution:

Check that the nonce encoding type used to create UsernameToken is Base64.


WSS0390

UTF-8 Charset is unsupported for byte-encoding (a string).

Solution:

Refer your J2SE Documentation.


WSS0391

Invalid Localname and NamespaceURI of the SOAPElement used for creating the token.

Solution:

Check that the Localname and NamespaceURI of the SOAPElement used to create X509SecurityToken are valid (as per specification).


WSS0393

The expiration time in Timestamp cannot be before current UTC time.

Solution:

Check system time and ensure it is correct.


WSS0394

Error parsing date.

Solution:

Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.


WSS0500

Classname not a recognized class name for a MessageFilter.

Solution:

Check that the class implements MessageFilter.


WSS0502

Element encountered does not match element expected.

Solution:

Check that the XML file follows schema for defining configuration.


WSS0503

Element encountered does not match valid element expected.

Solution:

Check that the XML file follows schema for defining configuration.


WSS0508

Default settings can not be specified after custom settings are specified.

Solution:

Check that no sender operations or receiver requirements are specified in a configuration. file. Check that no sender or receiver settings are programmatically added.


WSS0509

Custom settings can not be specified after default settings are specified.

Solution:

Check that no default settings are programmatically added.


WSS0511

Non-permissible boolean value string - valid strings are true and false.

Solution:

Check that the boolean value strings are either true or false.


WSS0512

Non-permissible attribute on a Security Configuration element.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0513

Non-permissible element on xwss:SecurityConfiguration.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0514

Non-permissible child element in a Security Configuration element.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0515

Impermissible value for key reference string.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0516

Non-permissible duplicate element on a Security Configuration Element.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0517

Non-permissible duplicate element on a Security Configuration Element.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0519

Non-permissible/missing attribute value.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0520

xwss:SymmetricKey is not permitted along with xwss:X509Token.

Solution:

Check that the configuration file is consistent with the security configuration schema.


WSS0600

A Key can not be located in SecurityEnvironment for the Token Reference.

Solution:

Check that the certificate referred to is valid and present in the Keystores.


WSS0601

A Key can not be located in SecurityEnvironment for the KeyValue.

Solution:

Check that the certificate referred to is valid and present in the Keystores.


WSS0602

A Key can not be located in SecurityEnvironment for the X509Data.

Solution:

Check that the certificate referred to is valid and present in the Keystores.


WSS0603

XPathAPI TransformerException in finding element with matching wsu:Id/Id/SAMLAssertionID.

Solution:

Refer your XPathAPI documentation.


WSS0606

Input Node Set to STR Transform is empty.

Solution:

Check that the Referenced Node (to be STR transformed) in ds:SignedInfo is valid.


WSS0608

The Reference Mechanism in the SecurityTokenReference is not supported.

Solution:

Check that the Reference Mechanism is either Direct/KeyIdentifier/X509IssuerSerial.


WSS0609

The referenced security token is neither an XML token nor a raw binary token.

Solution:

Check the referenced security token.


WSS0650

Username/Password data file not found.

Solution:

Check that the system property com.sun.xml.wss.usersFile is set.


WSS0654

Error creating javax.xml.soap.Name for wsu:Id.

Solution:

Try the following:

  • Refer your SAAJ API Documentation.

  • Check that the Class object corresponds to the header block identified by the SOAPElement.


WSS0656

The Keystore URL is not specified/invalid in server.xml.


A Keystore file does not exist in $user.home.

Solution:

Check that the keystoreFile attribute is specified on SSL Coyote HTTP/1.1 Connector element in server.xml and is valid. Check that a keystore file exists in $user.home.


WSS0700

An instance of SecurityEnvironment is not set on SecurableSoapMessage.

Solution:

Check that setSecurityEnvironment() is called on the SecurableSoapMessage. Check that SetSecurityEnvironmentFilter is applied on SecurableSoapMessage.


WSS0701

No X509v3 Certificate can be located for the alias in Keystore.

Cause:

If no alias has been specified for signing, no default certificate is available.

Solution:

Check that a default certificate is available and/or a valid alias is used.


WSS0702

The X509v3 Certificate for the given alias does not contain a subject key identifier.

Solution:

Check that a valid X509v3 certificate is present in Keystores.


WSS0704

Agreement name: SESSION-KEY-VALUE, has not been set on the SecurityEnvironment instance.

Solution:

Check that the agreement name SESSION-KEY-VALUE is set on SecurityEnvironment using setAgreementProperty().


WSS0750

Error creating javax.xml.soap.SOAPElement.

Solution:

Refer your SAAJ API Documentation.


WSS0751

The localname of the SOAPElement passed is not Reference.


The namespace URI of the SOAPElement passed does not conform to WSS Spec.

Solution:

Check that a SOAPElement conformant to spec. is passed.


WSS0752

The localname of the SOAPElement passed is not Embedded.


The namespace URI of the SOAPElement passed does not conform to WSS Spec.

Solution:

Check that a SOAPElement conformant to spec. is passed.


WSS0753

An embedded token in wsse:Embedded element is missing.

Solution:

Check that the token element is conformant to the WSS specification.


WSS0754

Token on EmbeddedReference has already been set.

Cause:

A SOAPElement representation of EmbeddedReference containing the Token is used to create the EmbeddedReference instance.


WSS0756

Error creating SOAPElement for wsse:KeyIdentifier.

Solution:

Check your SAAJ API Documentation.


WSS0757

Error adding KeyIdentifier value to wsse:KeyIdentifer.

Solution:

Check your SAAJ API Documentation.


WSS0758

Error creating javax.xml.soap.Name.

Solution:

Refer your SAAJ API Documentation.


WSS0759

An X509IssuerSerial instance can not be created.

Solution:

Check that the SOAPElement passed to the constructor is conformant to spec. (and has X509IssuerSerial child elements).


WSS0800

ds:KeyInfo in the message is not a valid one.

Solution:

Check if the ds:KeyInfo in the message is valid.