IBM Support

IBM WebSphere DataPower SOA Appliance: AAA Authorization step sends empty XACML request to configured PDP

Troubleshooting


Problem

IBM WebSphere DataPower SOA AAA Policy actions configured to send XACML requests to a remote Policy Decision Point (PDP) in the authorization (AZ) step may send empty request node sets if not configured properly.

Symptom

The following symptoms may occur:

  • The DataPower probe will show an empty node set for the PDP request, but a non-empty result from the binding XSLT.
  • A packet capture will indicate that an HTTP GET was sent to the PDP.
  • The PDP may reply with a "404 Not Found" response.
  • Request arrives at PDP without SOAPAction in the HTTP header

[{"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Component":"General","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"4.0.2;5.0.0;6.0.0;6.0.1;7.0.0","Edition":"","Line of Business":{"code":"LOB77","label":"Automation Platform"}},{"Product":{"code":"SS6L4E","label":"WebSphere DataPower Integration Appliance XI50"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"3.8;3.7.3;3.7.2;3.7.1","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SSQ3J2","label":"WebSphere DataPower B2B Appliance XB60"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"3.8;3.7.3;1.0","Edition":"","Line of Business":{"code":"LOB45","label":"Automation"}},{"Product":{"code":"SSNHP3","label":"WebSphere DataPower Low Latency Appliance XM70"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":" ","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"3.8;3.7.3;1.0","Edition":"","Line of Business":{"code":"","label":""}},{"Product":{"code":"SS6L5J","label":"WebSphere DataPower XML Security Gateway XS40"},"Business Unit":{"code":"BU053","label":"Cloud \u0026 Data Platform"},"Component":"Not Applicable","Platform":[{"code":"PF009","label":"Firmware"}],"Version":"3.8.1;3.8;3.7.3","Edition":"","Line of Business":{"code":"","label":""}}]

Log InLog in to view more of this document

This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.

Document Information

Modified date:
08 June 2021

UID

swg21425679

Page Feedback