SA-5382

Summary

After upgrading from PRPC 5.5 to Pega 7.1.7, a SOAP Connector with WS-Security enabled fails at Step-14 of the out-of-the-box (OOTB) InvokeAxis2 activity while processing the response with unsupported content-encoding error message.

Error Messages

2014-11-21 09:02:27,466 [ WebContainer : 6] [OpenPortal] [ ] [ your_ruleset:01.01.10] ( internal.mgmt.Executable) ERROR your_server|127.0.0.1|Rule-Connect-SOAP.DEMO-FW-ActivityInfo-.getActivityInfo your_operator - Exception com.pega.pegarules.pub.services.RemoteApplicationException: SOAP service failed
at com.pegarules.generated.activity.ra_action_invokeaxis2_798503b92991d41355be42334661df7b.step15_circum0(ra_action_invokeaxis2_798503b92991d41355be42334661df7b.java:4054)
..more..
Caused by:
com.pega.apache.axis2.AxisFault: HTTP :unsupported content-encoding of '' found
at com.pega.apache.axis2.transport.http.AbstractHTTPSender.processResponse(AbstractHTTPSender.java:228)
at com.pega.apache.axis2.transport.http.HTTPSender.handleResponse(HTTPSender.java:277)
..more..

Steps to Reproduce

Invoke the SOAP Connector.

Root Cause

On intercepting the network traffic between the external Service and the SOAP Connector, it is observed that PRPC receives a blank content-encoding header and the following fault string in the Response:
    Security header is either missing or is empty. Rejecting message.

It is determined from this fault message in the response, there is an issue in Pega 7.1.7 where Security profile works only if WS-Addressing is enabled.

Resolution

This issue can be resolved by checking WS-Addressing in Advanced tab of SOAP Connector.
 
And, if the external SOAP Service does not support WS-Addressing, you can add this custom security header manually in the Request, as a local-change.

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" />