NetIQ NIDP STS service runs into a JAVA exception on running a SOAP1.1 request

  • 7022007
  • 05-Oct-2017
  • 05-Oct-2017


  • Access Manager 4.3
  • Access Manager Version 4.3 NIDP Server


  • The "https://nam.kgast.local/nidp/wstrust/sts?wsdl" defines the following SOAP binding:- Access Manager

    <wsdl:binding name="STS_Binding" type="tns:SecurityTokenService">
       <wsp:PolicyReference URI="#STS_Policy"/>
         <wsdl:operation name="Issue">
    ============================================================== is the WSDL 1.1 binding for the SOAP 1.1 HTTP binding.

  • According to the definition requests should use the SOAP 1.1 binding which will fail at the NIDP server causing a JAVA exception:
    Jan 12, 2017 5:17:28 PM com.sun.xml.wss.jaxws.impl.SecurityServerTube processRequest
    SEVERE: WSSTUBE0025: Error in Verifying Security in the Inbound Message. Couldn't create SOAP message. Expecting Envelope in namespace, but got

  • Running the same request by using a SOAP 1.2 Bindings works without any problems


IMPORTANT:Starting from Access Manager 4.0 SP1 release, the default binding supported is SOAP 1.2. If you want to use SOAP 1.1 instead, perform the following steps on all instances of the Identity Server:

Traverse to the /opt/novell/nam/idp/webapps/nidp/WEB-INF folder and edit the sun-jaxws.xml file. Remove all instances of bindings from the endpoints in the sun-jaxws.xml file and save the changes. A binding is represented by the following line in this file:

Restart the Identity Server using the /etc/init.d/novell-idp restart command.