Weblogic SOAP request with WSSE security header fails to process

Question

I have configured a service deployed on Weblogic which uses WSSE security header authentication. The security headers (username and password) are used to pass on to LDAP to check for the client's authentication.

The security header are embedded as follows in the SOAP envelop of my request.

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:UsernameToken>
    <wsse:Username>iam-uid=xxx,ou=zzz,dc=ccc,dc=vvv,dc=qqq</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">heeey</wsse:Password>
  </wsse:UsernameToken>
</wsse:Security> 

However, the request does not even reach my service. It fails to process on Weblogic itself. Following exception is received.

<Sep 6, 2018 5:29:46 PM CEST> <Error> <com.sun.xml.ws.transport.http.HttpAdapter> <[ACTIVE] ExecuteThread: '1' for queue: 'weblogic.kernel.Default (self-tuning)'> <<anonymous>> <> <> <BEA-000000> <null
java.lang.AbstractMethodError
    at com.sun.xml.ws.util.xml.XmlUtil.newTransformerFactory(XmlUtil.java:392)
    at com.sun.xml.ws.util.xml.XmlUtil.newTransformerFactory(XmlUtil.java:400)
    at com.sun.xml.ws.message.stream.StreamHeader.writeTo(StreamHeader.java:212)
    at weblogic.wsee.jaxws.security.SCTIDRoutingInfoFinder.findRoutingInfo(SCTIDRoutingInfoFinder.java:63)
    at weblogic.wsee.jaxws.cluster.BaseSOAPRouter.route(BaseSOAPRouter.java:153)
    at weblogic.wsee.jaxws.cluster.InPlaceSOAPRouter.route(InPlaceSOAPRouter.java:190)
    at weblogic.wsee.jaxws.cluster.ClusterRoutingTubeUtils.handleInboundMessage(ClusterRoutingTubeUtils.java:110)
    at weblogic.wsee.jaxws.cluster.ClusterRoutingServerTube.processRequest(ClusterRoutingServerTube.java:82)
    at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1136)
    at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:1050)
    at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:1019)
    at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:877)
    at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:419)
    at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:868)
    at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:422)
    at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:169)
    at weblogic.wsee.jaxws.WLSServletAdapter.handle(WLSServletAdapter.java:199)
    at weblogic.wsee.jaxws.HttpServletAdapter$AuthorizedInvoke.run(HttpServletAdapter.java:640)
    at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:363)
    at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:146)
    at weblogic.wsee.util.ServerSecurityHelper.authenticatedInvoke(ServerSecurityHelper.java:108)
    at weblogic.wsee.jaxws.HttpServletAdapter$3.run(HttpServletAdapter.java:284)
    at weblogic.wsee.jaxws.HttpServletAdapter.post(HttpServletAdapter.java:293)
    at weblogic.wsee.jaxws.JAXWSServlet.doRequest(JAXWSServlet.java:128)
    at weblogic.servlet.http.AbstractAsyncServlet.service(AbstractAsyncServlet.java:99)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:844)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:280)
    at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:254)
    at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:136)
    at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:346)
    at 
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:243)

Answer 1

Make sure that xmlparserv2.jar is not being used by the container. If there are variations of that .jar try removing and using xerces instead.