CWSML

CWSML0000E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML0001E: No key information is available for the SAML Provider (Token issuer).
Explanation The key information for the Security Assertion Markup Language (SAML) provider in not available to sign a SAML assertion.
Action Check the configuration information for the provider and ensure that the signing key information for the provider exists in its respective keystore.
CWSML0002E: No key alias was provided.
Explanation A key information object is not associated with a key alias.
Action Ensure that the key information object is associated with an alias during the creation process.
CWSML0003E: No Subject was specified. Can not create a valid CredentialConfig object.
Explanation An attempt to create a CredentialConfig object, which is based on a null Subject, has been detected. A valid CredentialConfig object cannot be created.
Action Specify a valid Subject.
CWSML0004E: Subject does not have a Principal. Can not create a valid CredentialConfig object.
Explanation An attempt to create a CredentialConfig object, which is based on a Subject without a Principal, has been detected. A valid CredentialConfig object cannot be created.
Action Specify a valid Subject with a valid Principal.
CWSML2000E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2001E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2002E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2003E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2004E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2005E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2006E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2007E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2008E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2009E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2010E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2011E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2012E: SAML Issuer address does not exist.
Explanation The SAML Assertion Issuer address provided is not valid.
Action Ensure that the Security Assertion Markup Language (SAML) Assertion Issuer address is valid.
CWSML2013E: Signed SAML could not be modified.
Explanation A signed SAML cannot be modified.
Action A signed SAML cannot be modified.
CWSML2014E: Only String or OMElement allowed for marshalling.
Explanation Only a string or OMElement data type is allowed for marshalling.
Action Provide either the required String or OMElement data type.
CWSML2015E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2016E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2017E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2018E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2019E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2020E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2021E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2022E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2023E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2024E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2025E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2026E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2027E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2028E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2029E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2030E: The specified confirmation method is not supported.
Explanation An unsupported confirmation method has been specified.
Action Specify a "bearer," "holder-of-key," or "sender-vouches" confirmation method.
CWSML2031E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2032E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2033E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2034E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2035E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2036E: This method is not implemented.
Explanation This method is not implemented.
Action None
CWSML2037E: Create request for TokenType is not valid.
Explanation The create request for the TokenType value is not valid.
Action Provide a valid TokenType value.
CWSML2038E: Unknown SAML assertion namespace.
Explanation The Security Assertion Markup Language (SAML) assertion namespace is not known.
Action Provide a valid namespace.
CWSML2039E: Invalid SAML assertion.
Explanation The Security Assertion Markup Language (SAML) assertion during the call to the newSAMLToken method is not valid.
Action Ensure that you provide a valid SAML assertion.
CWSML2040E: Could not create SAML token from XMLStructure.
Explanation The Security Assertion Markup Language (SAML) token cannot be created from the XMLStructure value during a call to the newSAMLToken method.
Action Ensure that you provide a valid XML structure for the assertion.
CWSML6001E: Null or empty NameID provided for the issuer.
Explanation The Security Assertion Markup Language (SAML) issuer is not associated with a name identifier.
Action Ensure that the SAML provider is associated with a name identifier.
CWSML6002E: Unsupported Statement type.
Explanation This Security Assertion Markup Language (SAML) statement is not supported.
Action Do not use unsupported SAML statements.
CWSML6003E: Null or empty ID.
Explanation A Null or empty ID has been provided for a Security Assertion Markup Language (SAML) assertion.
Action Provide a name identifier.
CWSML6004E: Null issue Date provided.
Explanation A null issue date has been provided.
Action Do not provide a null date value.
CWSML6005E: Signed SAML assertion is not allowed to be modified.
Explanation You cannot modify a signed Security Assertion Markup Language (SAML) assertion.
Action Do not attempt to modify a signed SAML assertion.
CWSML6006E: Only String or OMElement are allowed for marshalling.
Explanation You cannot marshal an object that is not a String or an OMElement data type.
Action Check the type of object that you are attempting to marshal and ensure that it is a String or a OMElement data type.
CWSML6007E: Invalid AuthnContextClassRef.
Explanation The authentication method is not valid.
Action Use a valid authentication method.
CWSML6008E: A null value was passed.
Explanation A null argument value has been passed on a setAuthnContext method call.
Action Do not pass a null argument value.
CWSML6009E: A null value was passed.
Explanation A null argument value has been passed on a setAuthnInstant method call.
Action Do not pass a null argument value.
CWSML6010E: Invalid SAML assertion.
Explanation The Security Assertion Markup Language (SAML) assertion on a newSAMLToken method call is not valid.
Action Pass a valid XML structure for the assertion.
CWSML6011E: Could not create SAML token from XMLStructure.
Explanation A Security Assertion Markup Language (SAML) token cannot be created from the XMLStructure that is provided on a call to the newSAMLToken method.
Action Pass a valid XML structure for the assertion.
CWSML6012E: The expected Token type is SAML 2.0.
Explanation The expected token type is SAML 2.0. However, a different version has been found.
Action Pass a valid SAML 2.0 version string.
CWSML6013E: An element or attribute: {0} was missing
Explanation The missing element and attribute must be specified.
Action Check and modify token issuer configuration.
CWSML6014E: Parameter type is not {0}
Explanation The parameter type is incorrect.
Action Check and modify to use the correct class type.
CWSML7000E: The NotBefore condition is out of range. The NotBefore setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The Security Assertion Markup Language (SAML) assertion was received at a time that is earlier than the NotBefore setting in the assertion. This condition is not allowed. A possible reason for the error is that the receiver's clock is out of sync with the clock of the creator of the assertion.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7001E: The NotOnOrAfter condition is out of range. The NotOnOrAfter setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The Security Assertion Markup Language (SAML) assertion was received at a time that is at or after the NotOnOrAfter setting in the assertion. This condition is not allowed. Possible reasons for the error are that the receiver's clock is out of sync with the clock of the creator of the assertion or the assertion has been obtained and resent by an unauthorized application.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7002E: The IssueInstant in the assertion is after the current time. The IssueInstant setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The IssueInstant in the Security Assertion Markup Language (SAML) assertion indicates that it was issued after the current time. This condition is not allowed. A possible reason for the error is that the receiver's clock is out of sync with the clock of the creator of the assertion.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7003E: The [{0}] attribute on the Assertion element is missing or empty.
Explanation A Security Assertion Markup Language (SAML) assertion must contain the attribute shown in the message. The SAML assertion being validated does not have this attribute, or the attribute does not have a value.
Action Ensure that the creator of the SAML assertion includes the attribute in the error message on the Assertion element.
CWSML7004E: The [{0}] element in the Assertion element is missing or empty.
Explanation A Security Assertion Markup Language (SAML) assertion must contain the element shown in the message. The SAML assertion being validated either does not have this element, or the element does not have a value.
Action Ensure that the creator of the SAML assertion includes the element indicated in the error message in the Assertion.
CWSML7005E: The SAML assertion contains an [{0}] element, but that element is empty. The [{0}] element cannot be empty.
Explanation The Security Assertion Markup Language (SAML) assertion contains the element shown in the message, but there is no value for the element. This condition is not allowed.
Action Ensure that the creator of the SAML assertion includes a value for the element shown in the message.
CWSML7006E: The [{0}] attribute on the [{1}] element is missing or empty. This condition is not allowed.
Explanation When a Security Assertion Markup Language (SAML) assertion contains the element shown in the message, it must also contain the attribute shown in the message. The SAML assertion being validated does not have the attribute shown in the message, or the attribute does not have a value.
Action Ensure that the creator of the SAML assertion includes the attribute shown in the message.
CWSML7007E: The SAML assertion being processed is not valid.
Explanation The Security Assertion Markup Language (SAML) assertion on a newSAMLToken method call or inbound message is not valid. The reason for the error will be shown after this message.
Action See the user action for the message that appears after this error.
CWSML7008E: The value [{0}] for the [{1}] attribute on the [{2}] element in the SAML assertion is not valid. The valid values are [{3}].
Explanation An element in the Security Assertion Markup Language (SAML) assertion being processed contains an attribute that is not supported. The valid values are shown in the message.
Action Ensure that the creator of the SAML assertion includes a valid value for the element's attribute shown in the message.
CWSML7009E: The value [{0}] for the [{1}] sub-element of [{2}] in the SAML assertion is not valid. The valid values are [{3}].
Explanation An element in the Security Assertion Markup Language (SAML) assertion being processed contains an element value that is not supported. The valid values are shown in the message.
Action Ensure that the creator of the SAML assertion includes a valid value for the element shown in the message.
CWSML7010E: The [{0}] sub-element of the [{1}] element in the SAML assertion element is missing or empty.
Explanation A Security Assertion Markup Language (SAML) assertion must contain the element pair shown in the message. The SAML assertion being validated either does not have the sub-element shown in the message, or the sub-element does not have a value.
Action Ensure that the creator of the SAML assertion includes the element pair indicated in the error message in the Assertion.
CWSML7011E: An element exists in the SAML assertion that is not supported. The unsupported element is [{0}].
Explanation The Security Assertion Markup Language (SAML) assertion being processed contains an element that is valid for the schema, but the run time does not support the element. Processing of the SAML assertion has stopped.
Action Ensure that the creator of the SAML assertion does not include the element shown in the error message.
CWSML7012E: An element exists in the SAML assertion that is not supported. The unsupported element is [{0}] and it is a sub-element of [{1}].
Explanation The Security Assertion Markup Language (SAML) assertion being processed contains an element that is valid for the schema, but the run time does not support the element. Processing of the SAML assertion has stopped.
Action Ensure that the creator of the SAML assertion does not include the element shown in the error message.
CWSML7013E: The [AttributeStatement] element does not contain either [Subject] or [Attribute] sub-elements. This condition is not allowed.
Explanation If a Security Assertion Markup Language (SAML) V1.1 assertion contains an AttributeStatement element, the AttributeStatement element must contain at least one Subject or Attribute sub-elements. The SAML 1.1 assertion being validated contains an AttributeStatement element that contains neither Subject or Attribute sub-elements.
Action Ensure that the creator of the SAML assertion either does not include the AttributeStatement element, or includes at least one of the Subject or Attribute sub-elements in the AttributeStatement element.
CWSML7014E: The AuthenticationInstant in the assertion is after the current time. The AuthenticationInstant setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The AuthenticationInstant in the Security Assertion Markup Language (SAML) assertion indicates that it was issued after the current time. This condition is not allowed. A possible reason for the error is that the receiver's clock is out of sync with the clock of the creator of the assertion.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7015E: The [Subject] element does not contain either [NameIdentifier] or [SubjectConfirmation] sub-elements. This condition is not allowed.
Explanation If a Security Assertion Markup Language (SAML) V1.1 assertion contains a Subject element, the Subject element must contain at least one NameIdentifier or SubjectConfirmation sub-elements. The SAML 1.1 assertion being validated contains a Subject element that contains neither NameIdentifier or SubjectConfirmation sub-elements.
Action Ensure that the creator of the SAML assertion either does not include the Subject element, or includes at least one of the NameIdentifier or SubjectConfirmation sub-elements in the Subject element.
CWSML7016E: The SAML 1.1 assertion being processed contains no [ConfirmationMethod] elements. At least one [ConfirmationMethod] element must be present in the SAML assertion to be processed successfully.
Explanation In the Security Assertion Markup Language (SAML) V1.1 schema, the ConfirmationMethod element is a child of the SubjectConfirmation element. Although the schema does not require that the ConfirmationMethod be present in the SubjectConfirmation element, in order for a SAML assertion to be processed successfully, at least one ConfirmationMethod must be present in the assertion. The valid values for the ConfirmationMethod element are [urn:oasis:names:tc:SAML:1.0:cm:bearer, urn:oasis:names:tc:SAML:1.0:cm:sender-vouches, and urn:oasis:names:tc:SAML:1.0:cm:holder-of-key].
Action Ensure that the creator of the SAML assertion includes at least one ConfirmationMethod in the assertion. The ConfirmationMethod element is a child of the SubjectConfirmation element. The SubjectConfirmation element is a child of the Subject element, which can be a child of either the AttributeStatement or AuthenticationStatement elements.
CWSML7017E: The AuthnInstant in the assertion is after the current time. The AuthnInstant setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The AuthnInstant in the Security Assertion Markup Language (SAML) assertion indicates that it was issued after the current time. This condition is not allowed. A possible reason for the error is that the receiver's clock is out of sync with the clock of the creator of the assertion.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7018E: The SessionNotOnOrAfter condition is out of range. The SessionNotOnOrAfter setting in the assertion is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The Security Assertion Markup Language (SAML) assertion was received at a time that is at or after the SessionNotOnOrAfter setting in the assertion. This condition is not allowed. Possible reasons for the error are that the receiver's clock is out of sync with the clock of the creator of the assertion or the assertion has been obtained and resent by an unauthorized application.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7019E: The value for the Version attribute is not supported. The Version attribute value in the assertion is [{0}]. The value for the Version attribute in a SAML 2.0 assertion must be [{1}].
Explanation The value for the Version attribute in the Security Assertion Markup Language (SAML) V2.0 assertion being processed is not correct. There is only one correct value. The correct value is shown in the message.
Action Ensure that the creator of the SAML assertion sets the Version attribute in the SAML 2.0 assertion correctly.
CWSML7020E: The [NotBefore] condition on the [SubjectConfirmationData] element is out of range. The NotBefore setting in the SubjectConfirmationData is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The Security Assertion Markup Language (SAML) assertion was received at a time that is earlier than the NotBefore setting on the SubjectConfirmationData in the assertion. This condition is not allowed. A possible reason for the error is that the receiver's clock is out of sync with the clock of the creator of the assertion.
Action Synchronize the clocks of the receiver and the creator of the assertion or increase the clock skew using the clockSkew custom property on the configured SAML token consumer.
CWSML7021E: The [NotOnOrAfter] condition on the [SubjectConfirmationData] element is out of range. The NotOnOrAfter setting in the SubjectConfirmationData is [{0}]. The current time is [{1}]. The current clock skew setting is {2} minutes.
Explanation The Security Assertion Markup Language (SAML) assertion was received at a time that is at or after the NotOnOrAfter setting on the SubjectConfirmationData in the assertion. This condition is not allowed. Possible reasons for the error are that the receiver's clock is out of sync with the clock of the creator of the assertion, the assertion was cached on the client and resent after it expired, or the assertion has been obtained and resent by an unauthorized application.
Action Synchronize the clocks of the receiver and the creator of the assertion, increase the clock skew using the clockSkew custom property on the SAML token consumer in the WS-Security provider bindings or, if using a WebSphere Application Server client, increase the cache cushion using cacheCushion custom property on the SAML token generator in the WS-Security client bindings.
CWSML7022E: The [{0}] object is read-only. The [{1}] method cannot be performed on a read-only object.
Explanation The method shown in the message was performed on an object that is read-only. This method is not allowed on read-only objects.
Action Ensure that the object is not read-only or do not invoke the method.
CWSML7023E: The Assertion XML associated with the [{0}] object is encrypted. The [{1}] method cannot be performed on an encrypted Assertion.
Explanation The method shown in the message was performed on an object that contains an encrypted Assertion. This method is not allowed on an object that contains an encrypted Assertion.
Action Ensure that the object does not contain an encrypted Assertion or do not invoke the method.
CWSML7024W: [{0}] is set on the SAMLAttribute [{1}]. {0} is not supported for a {2} token. The setting for {0} will be ignored and will not be reflected in the SAML XML.
Explanation A SAMLAttribute object has a value set in a field that is not supported by the SAML token type that it is being added to. The attribute will be added to the SAML token, but the value for the unsupported attribute will not be reflected in the XML associated with the SAML token.
Action Do not set values in a SAMLAttribute object that are incompatible with the SAML token type to which they are being added.
Reference topic    

Terms and conditions for product documentation | Feedback

Last updated: Jan 2, 2018 8:44:57 AM CST
http://publib.boulder.ibm.com/infocenter/wasinfo/v8r0/index.jsp?topic=/com.ibm.websphere.messages.doc/com.ibm.ws.wssecurity.resources.samlmessages.html

© Copyright IBM Corporation 2006, 2011. All Rights Reserved.
This information center is powered by Eclipse technology. (http://www.eclipse.org)