Below error was received when invoking Siebel IP15 Web Service through php client (Web Application). In Soap request Session Type was set to None.
Error Code: 10944642 Error Message: Error: Inbound SOAP Message - Session Token is missing or invalid or has expired.
Siebel will only ask for Session Token when calling web service with Session Type Stateless.
On investigation it was clear that we need to add below parameters to eai.cfg file to run web service with Session Type None.
AllowAnonymous = TRUE
Impersonate = False
Search for AllowAnonUsers in cfg and paste above parameters under it. CFG can be found on path: C:\Siebel\15.0.0.0.0\ses\siebsrvr\BIN\enu
Save the cfg file and restart the Siebel services and test.
Soap Header:
<soapenv:Header>
<UsernameToken xmlns="http://siebel.com/webservices">username</UsernameToken>
<PasswordText xmlns="http://siebel.com/webservices">password</PasswordText>
<SessionType xmlns="http://siebel.com/webservices">None</SessionType>
</soapenv:Header>
From Oracle Bookshelf:
None: A new session is opened for each request and then closed after a response is sent out. The SessionType none may or may not include UsernameToken and PasswordText SOAP headers. When UsernameToken and PasswordText SOAP headers are included, these credentials are used for authentication.
If the UsernameToken and PasswordText SOAP headers are excluded from the SOAP header, anonymous login is assumed. The anonymous login requires additional configuration in the Siebel Web Engine (eapps.cfg) and Named Subsystem configuration (AllowAnonymous = True, Impersonate = False).
See Also:
How to create and publish Inbound Web Service in Siebel based on Workflow