Proxy Authentication Failure in BPEL

When you’re trying to integrate external webservices into your bpel process and you need proxy authentication you will probably run into the following bug: 5851338.

A patchset is made available to resolve the HTTP-407 issue in your BPEL Environment. For more detailed information :

1) Download and review the readme for Patch.6869621 ( MLR # 7 of 10.1.3.3.1 )
2) Apply Patch.6869621 in a test environment.

Configure Proxy Authentication for Web Services

The previous week a customer had problems during my bpel course training of 3 days where we weren’t able to design and deploy external web services due to proxy authentication problems.

We were able to create a web service proxy client inside Jdeveloper 10.1.3.3 but when deploying the web service we were always getting the HTTP Proxy Exception 407, meaning problems with username and password authentication.
This was the first time I ran into this issue, and it’s quite cumbersome to get around this one.

Steps to create a web service client for an external web service using proxy authentication:
1. Create a new application and new project
2. Choose to create a new Web Services, from the Business Tier Categorie and choose to create a Java Web Service from WSDL

3. Click ‘OK’ 4. Click ‘Next’, if you don’t want to see this page in the future, check the checkbox ‘skip this page next time’

5. Copy/Paste the following URL inside the WSDL URL, the first field http://www.oorsprong.org/websamples.countryinfo/CountryInfoService.wso?WSDL


6. Now press enter. The wsdl document will be fetched and read, and the next step in the wizard will be shown. Define a package name and a root package name for the types that will be generated for this webservice.

7. Go through the next steps and at the last screen you can see which operations are being provided in the web service and which classes will be generated, using the package names you’ve defined earlier.

The different classes are now being generated and you’re ready to deploy this web service to your application server 10.1.3.3 installation.


You can already deploy and run this web-service on your application server by performing the following steps:

1. Create a new Application Server Connection in the ‘Connections’-tab

2. Go back to the Applications Navigator-tab and choose to deploy your web service to this connection:

3. The next screen shown, is the deployment plan-screen where you can make adjustments before deploying the application:


4. In the deployment log window you can follow the different steps which are performed to deploy the web service client on our application server instance:

In the deployment log window you can follow the different steps which are performed to deploy the web service client on our application server instance

After succesfull deployment you can test your web service using Enterprise Manager:

1. Go to WebServices-tab in your Enterprise Manager console:

2.Click on the ‘CountryInfoServiceSoap’, the service we’ve deployed earlier:

3.Click the ‘Test Service’ link to test your service:

4.Click ‘invoke’ in the test window

As you can see the following exception is thrown ‘unexpected null value for literal data’

As you can see the following exception is thrown ‘unexpected null value for literal data’, this is due to proxy authentication failure. OK, this isn’t very clear in the exception message, but let’s configure proxy authentication.

To configure proxy authentication we need to go back to our jdeveloper environment and configure authentication for our web service.

1. Right-click on the web-service proxy client in your ‘Application Navigator’ and choose ‘properties’

2. Go to the Security-categorie in the tree structure and enable global security settings, by checking the checkbox. Only choose the ‘text password’ as authentication options:

3. Authentication: Define the authentication settings, as in the screen below (nonce and creation time aren’t required)


Click OK and deploy the web-service again.

When testing the web service you just need to fill in the ws-security headers, and no exceptions will be thrown anymore: