WSS0126 |
Unsupported algorithm type. Only RSA supported.
Solution:Check that the signature algorithm is RSA.
WSS0129 |
Malformed message ds:Signature element missing from the wsse:Security header block.
Solution:Check proper signature was generated while signing.
WSS0134 |
Unable to Initialize XMLCipher with the given Key.
Solution:Check that the XMLCipher was initialized properly.
WSS0137 |
An appropriate JCE provider is not configured in the JRE.
Solution:Look at root exception for more clues.
WSS0144 |
Base64Decoding exception is the root cause.
Solution:Check that the data is valid base64 encoded.
WSS0147 |
TransformationConfiguration exception while trying to use stylesheet to pretty print.
Solution:Make sure style sheet is valid.
WSS0148 |
Exception while trying to pretty print using transform.
Solution:Make sure the original SOAP Message and style sheet are both correct.
WSS0156 |
Error in certificate used for validation.
Solution:Check that the token contains a valid Certificate.
WSS0165 |
XPath does not correspond to a DOM element.
Solution:Check that the node represented by the XPath is a valid DOM element.
WSS0167 |
Invalid signature; verification failed.
Solution:Make sure the signature was not tampered with in transit.
WSS0168 |
Unable to generate a random symmetric key.
Solution:Verify that the KeyGenerator has been properly initialized.
WSS0169 |
Value of FilterParameterConstants.BINARY_SEC_TOKEN is not set.
Solution:Check that direct referencestrategy is set before exporting the certificate.
WSS0181 |
Subject not authorized; validation failed.
Solution:Check that the user is authorized.
WSS0182 |
FilterParameterConstants.REFERENCE_LIST parameter has a null value.
Solution:The reference list that needs to be decrypted usually set by ImportEncryptedKeyFilter.
WSS0183 |
Could not locate a valid symmetric key needed for decryption.
Solution:Value of symmetric key seems to be null. Check its value.
WSS0184 |
Could not retrieve security domain from the Securable SOAP message.
Solution:Make sure the SecurityEnvironment factory has set the right security environment.
WSS0185 |
Could not find the certificate associated with the direct reference strategy.
Solution:Check that the URI is valid and subjectkeyidentifier parameter is set in configuration.
WSS0189 |
Data decryption algorithm has to be either Triple-DES, AES128-CBC, AES256-CBC.
Solution:Check that the encryption algorithm used is either 3DES, AES128_CBC, AES256_CBC.
WSS0190 |
The number of elements encrypted is less than required/allowed.
Solution:Check that the data references for encryption (in message) match the requirements.
WSS0191 |
A SymmetricKey was not generated earlier that is set on the calling thread.
KeyName specified could not locate a key in the security environment.
Solution:Check that ExportEncryptedKeyFilter is called before. Check that a valid KeyStore URL is used to instantiate the SecurityEnvironment and it contains a matching SecretKey.
WSS0192 |
At least one target needs to be specified for encryption.
Solution:Check that a non-null target list is used to instantiate the filter.
WSS0193 |
Target specified does not correspond to a valid message part.
Solution:Check that a valid XPath/QName/wsuId are specified.
WSS0194 |
SOAP-ENV:Header can not fully be encrypted.
SOAP-ENV:Body can not fully be encrypted.
Solution:Check that a valid XPath/QName/wsuId are specified complying to the spec.
WSS0195 |
ReferenceListBlock not set on the calling thread.
Solution:Check that ExportEncryptedKeyFilter is called before. Check that ExportReferenceListFilter is called before.
WSS0196 |
An instance of SecurityEnvironment class for the operating environment was not set on SecurableSoapMessage.
Solution:Check that SetSecurityEnvironmentFilter processed the message before.
WSS0198 |
Only RSA_SHA1 Signature algorithm is supported.
Solution:Check that RSA_SHA1 signature algorithm is specified.
WSS0199 |
Timestamp creation time can not be null.
Solution:Check that non-null creation time is used to instantiate the filter.
WSS0203 |
Header block corresponding to the desired requirement not found.
Solution:Check that the message meets the security requirements.
WSS0204 |
Illegal security header block found in the security header.
Solution:Check that the message is SOAP Security specification compliant.
WSS0205 |
Requirement for wsu:Timestamp has not been met.
Solution:Check that the message meets the security requirements.
WSS0206 |
Not all receiver requirements for security have been met.
Solution:Check that the message meets the security requirements.
WSS0208 |
Extra security than required by the receiver side policy found in the message.
Solution:Check that the message strictly meets the security requirements.
WSS0209 |
The message filter is incorrectly configured to process an inbound message.
Solution:Check that the filters are correctly configured to process inbound messages.
WSS0210 |
Only RSAv1.5 Key Encryption Algorithm is supported.
Solution:Check that the Key Encryption Algorithm used in the inbound message is RSAv1.5.
WSS0212 |
Receiver requirement for digested password in UsernameToken not met.
Solution:Check that the message meets the security requirements.
WSS0213 |
Receiver requirement for nonce in UsernameToken not met.
Solution:Check that the message meets the security requirements.
WSS0215 |
handle() call for a PropertyCallback on the handler threw exception.
Solution:Check the handler implementation.
WSS0216 |
handle() call on the handler threw exception.
Solution:Check the handler implementation.
WSS0217 |
handle() call on the handler threw exception.
Solution:Check the handler implementation.
WSS0218 |
handle() call on the handler failed to set the Callback.
Solution:Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.
WSS0219 |
handle() call on the handler failed to set the Callback.
Solution:Check the handler implementation for SignatureKeyCallback.DefaultPrivKeyCertRequest.
WSS0220 |
handle() call on the handler failed to set the Callback.
Solution:Check the handler implementation for DecryptionKeyCallback.AliasSymmetricKeyRequest.
WSS0221 |
handle() call on the handler failed to set the Callback.
Solution:Check the handler implementation for SignatureKeyCallback and/or EncryptionKeyCallback, check keystores and truststores.
WSS0222 |
handle() call on the handler failed to set the Callback.
Solution:Check keystore path and ensure that the right keys are present.
WSS0301 |
Data malformed. Base 64 decoding error.
Solution:Verify that data is base64 encoded.
WSS0302 |
Certificate parsing problem.
Solution:Data stream used to create the x509 certificate maybe corrupted.
WSS0303 |
Certificate encoding exception.
Solution:Check that the x509 data is valid. Could not extract raw bytes from it.
WSS0306 |
Invalid password type.
Solution:Password type must match that specified by the WSS specification.
WSS0307 |
Nonce encoding namespace check failed.
Solution:Nonce encoding type namespace seems invalid.
WSS0310 |
NoSuchAlgorithmException: Invalid algorithm.
Solution:Check that the algorithm passed to SecureRandom is valid.
WSS0311 |
Password digest could not be created.
Solution:Check that the algorithm passed to MessageDigest is valid.
WSS0316 |
BinarySecurity token's Encoding type is invalid.
Solution:Check that encoding value for BinarySecurity token is valid as per spec.
WSS0317 |
Could not find X.509 certificate.
Solution:Ensure certificate path is not empty and certificate type is correct.
WSS0318 |
Error while parsing and creating the KeyInfo instance.
Solution:Check values passed to KeyInfo constructor.
WSS0319 |
Could not add key name to KeyInfo Header block.
Solution:Check KeyInfo and KeyName have been instantiated without exceptions.
WSS0320 |
Could not get KeyName from KeyInfo.
Solution:Make sure the KeyName exists in the KeyInfo.
WSS0321 |
Could not retrieve element from KeyInfo or could not import the node.
Solution:Check the element to be converted to SOAPElement.
WSS0322 |
Exception while parsing and creating the Signature element.
Solution:Check that a fully initialized XML Signature was passed.
WSS0323 |
Exception while trying to sign.
Solution:Check the key used to sign.
WSS0324 |
Exception while adding a Reference with URI, transforms and Digest algorithm URI to SignedInfo.
Solution:Verify the following:
Check getSignatureValue failure cause from underlying XML DSIG implementation.
Check that the message signed using corresponding private key, and has not been tampered with.
Check values passed to constructor of XMLSignature.addDocument passed to XML DSig implementation are correct.
WSS0327 |
Could not retrieve element from Signature or could not import the node.
Solution:Check the element to be converted to SOAPElement.
WSS0328 |
Error parsing date.
Solution:Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.
WSS0329 |
Expecting UsernameToken Element.
Solution:Check that the next element is UsernameToken.
WSS0330 |
Username not first child of UsernameToken.
Solution:Make sure first child of wsse:UsernameToken is Username in wsse namespace.
WSS0331 |
Element may not be a proper UsernameToken.
Solution:Check that the UsernameToken matches the token schema.
WSS0332 |
Username was null.
Solution:Check UsernameToken contains a valid Username.
WSS0333 |
Keystore URL is null.
Solution:Check that the property javax.net.ssl.keyStore is set properly.
WSS0334 |
KeyIdentifier holds invalid ValueType.
Solution:Check KeyIdentifier ValueType's value.
WSS0335 |
KeyReference type not supported.
Solution:KeyReference type should be one of KeyIdentifier, Reference, X509Data.
WSS0336 |
Can't locate public key.
Solution:Check public key retrieved should not be null.
WSS0337 |
Could not resolve URI.
Solution:Check DirectReference's ValueType, it is not supported.
WSS0338 |
Key Reference Mechanism not supported.
Solution:Check reference is one of X509IssuerSerial, DirectReference, KeyIdentifier.
WSS0339 |
Support for processing information in the given ds:KeyInfo is not present.
Solution:Check ds:KeyInfo matches schema.
WSS0340 |
Creation time cannot be ahead of current UTC time.
Solution:Check system time and ensure it is correct.
WSS0341 |
Creation time is very old.
Solution:Check system time and ensure it is correct.
WSS0342 |
BinarySecurity Token's Value type is invalid.
Solution:Check that valueType for BinarySecurity token is valid as per spec.
WSS0343 |
Error in creating the BST due to {0}.
Solution:Check that all required values are set on the Binary Security Token, including TextNode value.
WSS0344 |
The binary data in the Security Token can not be decoded, expected Base64 encoding.
Solution:Check to see that the encoding format of the Binary Security Token is Base64Binary.
WSS0345 |
Error creating SOAPElement for EncryptedDataHeaderBlock.
Solution:If SOAPElement is used to create EncryptedData HeaderBlock, check to see that it is valid as per spec.
WSS0346 |
Invalid SOAPElement passed to EncryptedDataHeaderBlock constructor.
Solution:Check that the SOAPElement passed to EncryptedDataHeaderBlock is valid as per spec.
WSS0347 |
SOAPElement used to initialize EncryptedType may not have CipherData element.
CipherData may not have been set on the EncryptedType.
Solution:Check to see SOAPElement used to initialize EncryptedType has CipherData. Check to see setCipherData() is called on the EncryptedType.
WSS0348 |
Error creating SOAPElement for EncryptedKeyHeaderBlock.
Solution:If SOAPElement is used to create EncryptedKeyHeaderBlock, check to see that it is valid as per spec.
WSS0349 |
Invalid SOAPElement passed to EncryptedKeyHeaderBlock().
Solution:Check that the SOAPElement passed to EncryptedKeyHeaderBlock() is valid as per spec.
WSS0350 |
Error creating/updating CipherData SOAPElement (in EncryptedKeyHeaderBlock).
Solution:Refer your SAAJ API Documentation.
WSS0351 |
Error creating EncryptionMethod SOAPElement.
Solution:Refer your SAAJ API Documentation.
WSS0352 |
Error creating javax.xml.soap.Name for CipherValue.
Solution:Refer your SAAJ API Documentation.
WSS0353 |
No CipherValue element(s) are present in CipherData.
Solution:Check to see if setCipherValue() is called on EncryptedType.
WSS0354 |
An error may have occurred creating javax.xml.soap.Name for EncryptionMethod.
Cause:An error may have occurred creating javax.xml.soap.Name for KeyInfo. An error may have occurred creating javax.xml.soap.Name for CipherData. An error may have occurred creating javax.xml.soap.Name for EncryptionProperties.
Solution:Refer your SAAJ API Documentation.
WSS0355 |
Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.DSAKeyValue.
Error creating com.sun.org.apache.xml.security.keys.content.keyvalues.RSAKeyValue. Error creating com.sun.org.apache.xml.security.keys.content.KeyValue.
Solution:Check that a non-null SOAPElement is passed to addXXXKeyValue().
WSS0356 |
Error creating com.sun.org.apache.xml.security.keys.content.X509Data.
Solution:Check that a non-null SOAPElement is passed to addX509Data().
WSS0357 |
Error getting KeyValue from KeyInfo for the given index.
Solution:Check that the ds:KeyInfo element has ds:KeyValue elements. Check that the index (beginning with 0) used to refer the ds:KeyValue element is valid.
WSS0358 |
Error getting X509Data from KeyInfo for the given index.
Solution:Check that the ds:KeyInfo element has ds:X509Data elements. Check that the index (beginning with 0) used to refer the ds:X509Data element is valid.
WSS0359 |
Error adding com.sun.org.apache.xml.security.keys.content.X509Data to KeyInfo.
Solution:Check that a valid com.sun.org.apache.xml.security.keys.content.X509Data (as per specs.) is passed to addX509Data().
WSS0360 |
An error may have occurred creating javax.xml.soap.Name for ReferenceList.
Solution:Refer your SAAJ API Documentation.
WSS0361 |
An error may have occurred creating org.w3c.dom.Element for ReferenceList.
Cause:The org.w3c.dom.Document object passed ReferenceListHeaderBlock() may be null.
Solution:Check that the Namespace specified does not contain any illegal characters as per XML 1.0 specification. Check that the QName specified is not malformed (Refer to the J2SE Documentation for more information). Check that a non-Null Document is passed to the ReferenceListHeaderBlock().
WSS0362 |
Invalid SOAPElement passed to ReferenceListHeaderBlock().
Solution:Check that the SOAPElement passed to ReferenceListHeaderBlock() is valid as per spec.
WSS0363 |
Error creating javax.xml.soap.SOAPElement for xenc:DataReference.
Cause:Error adding xenc:DataReference (SOAPElement) as child element of xenc:DataReference (SOAPElement). Error setting URI attribute on javax.xml.soap.SOAPElement for xenc:DataReference.
Solution:Refer your SAAJ API Documentation.
WSS0365 |
Error creating javax.xml.soap.SOAPElement for namespace node.
Solution:Refer your SAAJ API Documentation.
WSS0368 |
Error getting SOAPEnvelope from SOAPPart.
Solution:Refer your SAAJ API Documentation.
WSS0369 |
Error getting SOAPHeader from SOAPEnvelope.
Cause:Error creating SOAPHeader.
Solution:Refer to your SAAJ API Documentation.
WSS0371 |
Error in getting the SOAPBody from the SOAPMessage.
Error in creating javax.xml.soap.Name for setting the fault on SOAPBody. Error in adding fault to SOAPBody.
Solution:Refer your SAAJ API Documentation.
WSS0376 |
Error importing the SOAPElement representing the header block to the document corresponding to the SOAPMessage to which the header is being added.
Solution:Check that the SecurityHeaderBlock can be transformed to a valid SOAPElement. Refer to the J2SE Documentation for more.
WSS0377 |
Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.
Solution:Refer your SAAJ API Documentation.
WSS0378 |
Error creating javax.xml.soap.SOAPElement for SecurityTokenReference.
Solution:Check that the org.w3c.dom.Document object passed to SecurityTokenReference() is non-null. Refer your SAAJ API Documentation.
WSS0379 |
SOAPElement passed to SecurityTokenReference() is not a valid SecurityTokenReference element as per spec.
Solution:Check that a valid SOAPElement as per spec. is passed to SecurityTokenReference().
WSS0380 |
The ds:Reference would already have been set using the constructors.
Solution:Check that a SOAPElement with ds:Reference (child element) is not used to instantiate SecurityTokenReference.
WSS0381 |
Error in setting the passed ReferenceElement on SecurityTokenReference.
Solution:Refer your SAAJ API Documentation.
WSS0382 |
Error appending ds:Object element to ds:Signature.
Solution:Check that a valid ds:Object SOAPElement (as per spec.) is passed to appendObject(). Check that a non-null SOAPElement is passed to appendObject().
WSS0383 |
Owner document of ds:Signature SOAPElement is null.
Solution:Check that the Document used to instantiate SignatureHeaderBlock() is not null.
WSS0384 |
Error creating javax.xml.soap.Name for Timestamp.
Solution:Refer your SAAJ API Documentation.
WSS0385 |
The SOAPElement used to instantiate Timestamp() is not valid (as per specification).
Solution:Check that the Localname and NamespaceURI of the SOAPElement used to create Timestamp() are correct as per spec.
WSS0386 |
Error creating javax.xml.soap.SOAPElement for Timestamp.
Error adding child SOAPElements to the Timestamp element.
Solution:Refer your SAAJ API Documentation.
WSS0387 |
Username is not set.
Solution:Check that a Username has been passed through the configuration file or through the callback handler.
WSS0388 |
Error creating javax.xml.soap.SOAPElement for UsernameToken.
Error adding child SOAPElements to the UsernameToken element.
Solution:Refer your SAAJ API Documentation.
WSS0389 |
Base64 nonce encoding type has not been specified.
Solution:Check that the nonce encoding type used to create UsernameToken is Base64.
WSS0390 |
UTF-8 Charset is unsupported for byte-encoding (a string).
Solution:Refer your J2SE Documentation.
WSS0391 |
Invalid Localname and NamespaceURI of the SOAPElement used for creating the token.
Solution:Check that the Localname and NamespaceURI of the SOAPElement used to create X509SecurityToken are valid (as per specification).
WSS0393 |
The expiration time in Timestamp cannot be before current UTC time.
Solution:Check system time and ensure it is correct.
WSS0394 |
Error parsing date.
Solution:Check date format is in UTC. Check it is yyyy-MM-dd'T'HH:mm:ss'Z' or yyyy-MM-dd'T'HH:mm:ss'.'sss'Z'.
WSS0500 |
Classname not a recognized class name for a MessageFilter.
Solution:Check that the class implements MessageFilter.
WSS0502 |
Element encountered does not match element expected.
Solution:Check that the XML file follows schema for defining configuration.
WSS0503 |
Element encountered does not match valid element expected.
Solution:Check that the XML file follows schema for defining configuration.
WSS0508 |
Default settings can not be specified after custom settings are specified.
Solution:Check that no sender operations or receiver requirements are specified in a configuration. file. Check that no sender or receiver settings are programmatically added.
WSS0509 |
Custom settings can not be specified after default settings are specified.
Solution:Check that no default settings are programmatically added.
WSS0511 |
Non-permissible boolean value string - valid strings are true and false.
Solution:Check that the boolean value strings are either true or false.
WSS0512 |
Non-permissible attribute on a Security Configuration element.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0513 |
Non-permissible element on xwss:SecurityConfiguration.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0514 |
Non-permissible child element in a Security Configuration element.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0515 |
Impermissible value for key reference string.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0516 |
Non-permissible duplicate element on a Security Configuration Element.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0517 |
Non-permissible duplicate element on a Security Configuration Element.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0519 |
Non-permissible/missing attribute value.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0520 |
xwss:SymmetricKey is not permitted along with xwss:X509Token.
Solution:Check that the configuration file is consistent with the security configuration schema.
WSS0600 |
A Key can not be located in SecurityEnvironment for the Token Reference.
Solution:Check that the certificate referred to is valid and present in the Keystores.
WSS0601 |
A Key can not be located in SecurityEnvironment for the KeyValue.
Solution:Check that the certificate referred to is valid and present in the Keystores.
WSS0602 |
A Key can not be located in SecurityEnvironment for the X509Data.
Solution:Check that the certificate referred to is valid and present in the Keystores.
WSS0603 |
XPathAPI TransformerException in finding element with matching wsu:Id/Id/SAMLAssertionID.
Solution:Refer your XPathAPI documentation.
WSS0606 |
Input Node Set to STR Transform is empty.
Solution:Check that the Referenced Node (to be STR transformed) in ds:SignedInfo is valid.
WSS0608 |
The Reference Mechanism in the SecurityTokenReference is not supported.
Solution:Check that the Reference Mechanism is either Direct/KeyIdentifier/X509IssuerSerial.
WSS0609 |
The referenced security token is neither an XML token nor a raw binary token.
Solution:Check the referenced security token.
WSS0650 |
Username/Password data file not found.
Solution:Check that the system property com.sun.xml.wss.usersFile is set.
WSS0654 |
Error creating javax.xml.soap.Name for wsu:Id.
Solution:Try the following:
Refer your SAAJ API Documentation.
Check that the Class object corresponds to the header block identified by the SOAPElement.
WSS0656 |
The Keystore URL is not specified/invalid in server.xml.
A Keystore file does not exist in $user.home.
Solution:Check that the keystoreFile attribute is specified on SSL Coyote HTTP/1.1 Connector element in server.xml and is valid. Check that a keystore file exists in $user.home.
WSS0700 |
An instance of SecurityEnvironment is not set on SecurableSoapMessage.
Solution:Check that setSecurityEnvironment() is called on the SecurableSoapMessage. Check that SetSecurityEnvironmentFilter is applied on SecurableSoapMessage.
WSS0701 |
No X509v3 Certificate can be located for the alias in Keystore.
Cause:If no alias has been specified for signing, no default certificate is available.
Solution:Check that a default certificate is available and/or a valid alias is used.
WSS0702 |
The X509v3 Certificate for the given alias does not contain a subject key identifier.
Solution:Check that a valid X509v3 certificate is present in Keystores.
WSS0704 |
Agreement name: SESSION-KEY-VALUE, has not been set on the SecurityEnvironment instance.
Solution:Check that the agreement name SESSION-KEY-VALUE is set on SecurityEnvironment using setAgreementProperty().
WSS0750 |
Error creating javax.xml.soap.SOAPElement.
Solution:Refer your SAAJ API Documentation.
WSS0751 |
The localname of the SOAPElement passed is not Reference.
The namespace URI of the SOAPElement passed does not conform to WSS Spec.
Solution:Check that a SOAPElement conformant to spec. is passed.
WSS0752 |
The localname of the SOAPElement passed is not Embedded.
The namespace URI of the SOAPElement passed does not conform to WSS Spec.
Solution:Check that a SOAPElement conformant to spec. is passed.
WSS0753 |
An embedded token in wsse:Embedded element is missing.
Solution:Check that the token element is conformant to the WSS specification.
WSS0754 |
Token on EmbeddedReference has already been set.
Cause:A SOAPElement representation of EmbeddedReference containing the Token is used to create the EmbeddedReference instance.
WSS0756 |
Error creating SOAPElement for wsse:KeyIdentifier.
Solution:Check your SAAJ API Documentation.
WSS0757 |
Error adding KeyIdentifier value to wsse:KeyIdentifer.
Solution:Check your SAAJ API Documentation.
WSS0758 |
Error creating javax.xml.soap.Name.
Solution:Refer your SAAJ API Documentation.
WSS0759 |
An X509IssuerSerial instance can not be created.
Solution:Check that the SOAPElement passed to the constructor is conformant to spec. (and has X509IssuerSerial child elements).
WSS0800 |
ds:KeyInfo in the message is not a valid one.
Solution:Check if the ds:KeyInfo in the message is valid.