I work on a team that builds and operates an enterprise service bus that runs partially on the Oracle Weblogic/OSB stack, along with other JMS brokers such as fuse/talend AMQ brokers and Solace messaging appliances. The Weblogic/OSB portion of the ESB is by far the most brittle and expensive piece of software in the system. We're working to remove the cancer that is oracle software from our network, but since it's an operational system critical to our customer's business it's taking time.
We spent about six months working with thoroughly incompetent oracle support staff in an attempt to get the OWSM security modules to perform some basic encryption/decryption and SAML token validation without any success. A significant portion of that time was spent just waiting on oracle support to provide patches for all the roadblocking bugs we encountered. When the patches were finally delivered, they were provided to us completely untested 'as-is'. The first patch delivered wouldn't even run because there were class files missing.
We wrote our own security module using WSS4J and java callouts in about three months after we gave up on oracle ever getting us functional patches.
A few months after that, oracle performed an audit and attempted to extort additional licensing fees from us for using OWSM. We had never used OWSM for anything but development and testing, and had removed it from our systems entirely by that time. The most satisfying call I've been on working this project was listening to my PM tell the oracle goons to go fuck themselves while they were issuing legal threats via conference-call.
After that incident, Oracle wanted to "repair our relationship" and sent a team of what they called "customer service specialists" to meet with us. What they actually sent was a trio of arrogant used-car salesmen. We met with them and after introductions and a system overview we started discussing what it would take to get Oracle to actually fix our laundry-list of open SRs and enhancement requests (If you've never worked with oracle support, an Enhancement Request is what they call a bug they don't plan to fix). They responded to this by bringing up a new project being worked by another team at our company that they were starting database license negotiations with. They suggested that if we could grease the wheels and guarantee that database licensing deal went through then they could put pressure on support to fix the issues we had with weblogic/osb.
Their "customer service specialists" were demanding a quid-pro-quo before they'd consider giving us the support we had already paid for. That meeting ended just as poorly as the OWSM shakedown attempt. Our weekly oracle phone conference is openly hostile at this point.