Release NotesSOA Security Manager Release NotesKnown IssuesGeneral Issues › SOA Security Manager Fails To Generate WS-Security Headers Using RSA-OAEP Encryption (70408)

Previous Topic: SOA Agents and XML Agents Use Incompatible Algorithms for Signing SAML Assertions (60678)

Next Topic: Signing Not Working for SAML Session Tickets in SOAP Envelope (74036)
SOA Security Manager Fails To Generate WS-Security Headers Using RSA-OAEP Encryption (70408)

SOA Security Manager fails to create an encrypted WS-Security token when a response is configured to use the RSA-OAEP algorithm to encrypt the symmetric encryption key, generating the following error in tmxmltoolkit.log:

008-05-22 14:53:10,531 [INFO] handler.response.WSSecurityUsernameResponseHandler 8A2ADA6E-3D9B-57FB-35E3-9CC05471E849 - Cannot do encryption: unsupported key algorithm provided: rsa_oaep

Workaround

Configure the WS-Security header generating response to use the default rsa-1_5 algorithm to encrypt the symmetric encryption key.