Policy Xpress WebService Excpetion

book

Article ID: 5080

calendar_today

Updated On:

Products

CA Identity Manager CA Identity Governance CA Identity Portal CA Risk Analytics CA Secure Cloud SaaS - Arcot A-OK (WebFort) CLOUDMINDER ADVANCED AUTHENTICATION CA Secure Cloud SaaS - Advanced Authentication CA Secure Cloud SaaS - Identity Management CA Secure Cloud SaaS - Single Sign On

Issue/Introduction

When trying to make an web service call using Policy Xpress, defined in a PX Data Element, the following error occurs when testing the element:

Error: The test has failed to run with the following error: "Failed running web service" which was caused by "Internal Error."

The same call works via the PX Action tab vs. the Data tab.

Cause

The SOAP request is passing in a WSS security token and the code in the Data tab (vs Action tab) is unable to transform that token and thus considers it a bad request and throws the invalid error before dispatching the request to the web service.  The Action tab follows a different code path which has different transform functionality.

Environment

Release:
Component: IDMGR

Resolution

Support for web service tokens is being considered as a product enhancement for a future version of Identity Manager.

If using the currently supported authentications methods (anonymous and basic username/password) is not possible, a workaround is to utilize the CA API Gateway.  Add the necessary X509 cert into the SOAP body in the Gateway policy.  The Gateway will communicate to the web service, and the Policy Xpress data element connects to the Gateway, secured with username/password.

More information on CA API Gateway can be found here:

https://docops.ca.com/ca-api-gateway/8-3/en