APAR status
Closed as program error.
Error description
Certain ws-security providers require that the nonce field be present in the security header and when thes is the case they expect that the EncodingType attribute is included. Currently the IIB Policy Sets and Policy Bindings editor doesn't provide an option to include this attribute.
Local fix
1) Locate policy binding file: $MQSI_WORKPATH/registry/<broker name>/CurrentVersion/ExternalResources/PolicySetBindings/UserDef ined/ 2) Open the file 'ws-security' in an editor. This is an xml file. Please make a copy of this file before editing it, and save the copy to a secure location. 3) Find the entry inside this xml file. 4) Just before the terminating tag add the following line: <securitybinding:properties name= "com.ibm.wsspi.wssecurity.nonce.includeEncodingType" value="true"/> 5) Save the file and close the editor 6) Restart the integration server or Integration node for the edited policy binding to take effect. 7) Re-run the flow and you should see the SOAPRequest node emitting the encodingtype as: <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-20040 1-wss-soap-message-security-1.0#Base64Binary"> IWX9keERe6gQe/ew4+NRFiK6A5kP473RgevWn4Cz7SthFlnFq1dXGe3OdveV0Su2 YyMv5wOdZdQxGc4mzGSXBqO96cv/qHiW1V2TqOQaqG40kjdskQ6ZQomW2I9/DfVd EOAqPkD1qYTfqZehc5u8GzbxUFj/GAgmKQV4FZjhoic=
Problem summary
**************************************************************** USERS AFFECTED: All users of IBM App Connect Enterprise v11 and IBM Integration Bus v10, who uses nonce field in SOAP WS-Security message. Platforms affected: z/OS, MultiPlatform **************************************************************** PROBLEM DESCRIPTION: <span style="background-color:rgb(255, 255, 255)">Certain SOAP WS-Security providers expect </span><span style="background-color:rgb(255, 255, 255);color:rgb(22, 50, 92);font-family:salesforcesans-regular,arial,sans-serif">Encodin gType </span>attribute for the nonce fields present in the security header.<span style="background-color:rgb(255, 255, 255)"> Currently, the IIB Policy Sets and Policy Bindings </span><span style="background-color:rgb(255, 255, 255)">editor doesn't provide an option to include this attribute. </span>
Problem conclusion
A new checkbox named ' Include encoding type in nonce' is added in the advanced panel of policy binding editor. By default it is unchecked. if you enable this checkbox, a suitable policy binding will be created which the user can add <span style="background-color:rgb(255, 255, 255)"> EncodingType attribute to every nonce field emitted out from IIB, as below <wsse:Nonce </span><span style="background-color:rgb(255, 255, 255)">EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis -200401-wss-soap-message-security-1.0#Base64Binary</span><span style="background-color:rgb(255, 255, 255)">">W7o6zHBQ1wpWVsrYUpsJz8GMSbsDdaxjhNavG/TNJJdgwNoZD5IkVE95 6JUXVZk5qz8IV9OtZ7y+6AmYQN2n+NChbovkKLGOBMHuk3EpOW4GFQLdxa3CDH4/ NdU91AbXa+OTBBBGWnXn1op5qrIyJ3JeLG+TnI1v6QA5dm+x2r0=</wsse:Nonce ></span> --------------------------------------------------------------- The fix is targeted for delivery in the following PTFs: Version Maintenance Level v10.0 10.0.0.20 v11.0 11.0.0.8 The latest available maintenance can be obtained from: http://www-01.ibm.com/support/docview.wss?rs=849&uid=swg27006041 If the maintenance level is not yet available,information on its planned availability can be found on: http://www-1.ibm.com/support/docview.wss?rs=849&uid=swg27006308 ---------------------------------------------------------------
Temporary fix
Comments
APAR Information
APAR number
IT27096
Reported component name
INTEGRATION BUS
Reported component ID
5724J0540
Reported release
A00
Status
CLOSED PER
PE
NoPE
HIPER
NoHIPER
Special Attention
NoSpecatt / Xsystem
Submitted date
2018-11-27
Closed date
2020-03-20
Last modified date
2020-03-20
APAR is sysrouted FROM one or more of the following:
APAR is sysrouted TO one or more of the following:
Fix information
Fixed component name
INTEGRATION BUS
Fixed component ID
5724J0540
Applicable component levels
[{"Business Unit":{"code":"BU053","label":"Cloud & Data Platform"},"Product":{"code":"SSNQK6","label":"IBM Integration Bus"},"Component":"","ARM Category":[],"Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"10.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}}]
Document Information
Modified date:
20 March 2020