HTTP Basic Auth and Proxy Auth

Similar Messages

• Comms Express and proxy auth (ie for a portal or Identity system)

  All, we'll be moving to Comms Express in about a month and we currently have an Identity/access management solution working with Mess Express (6.1) and using the proxy auth url (http://webmail.domain.com/?user=user1&proxy-auth=.....) We can pass the proxy auth from the access manager (SiteMinder) to ME and people can login into their Webmail (ME) without incident.
  However UWC is a different animal. Does anyone know how to get a proxy auth url string for UWC to accomplish the same thing? I know UWC essentially does a proxy auth for messaging and calenar already, so we have to find something that does it to pass it to messaging and calendar to get the Comms Exprees interface.
  We will be using the following version:
  Sun Java(tm) System Messaging Server 6.2-4.03 (built Sep 22 2005)
  libimta.so 6.2-4.03 (built 04:37:42, Sep 22 2005)
  And UWC is at 118540-23
  Any help would be appreciated.

  pruebitas wrote:
  Before, when we had Messenger Express, we have a web (like a portal) where users used to fill in a form with the user and the passwd to connect to the messenger express.
  Now, with the UWC, is not posible to access the same way. I'm a bit lose with this.UWC provides Acess Manager Single-Sign-On (SSO). So if your web-application was to set an access-manager SSO cookie when the user logged in and redirected the user to the UWC login page, they would be automatically logged in (assuming you had configured UWC to allow access manager authentication).
  For information on how to set access manager SSO cookies in web-interfaces, please refer to the access manager manuals on docs.sun.com.
  Regards,
  Shane.

• HTTP Basic authentication for proxy service and its wsdl?

  Hello:
  For some reasons I needed to configure the HTTP basic authentication on a proxy service at OSB 11g. Everything was OK until I realized that, additionally to the authentication when calling the service, the OSB also asks for credentials when I try to get that proxy wsdl file.
  My requirements are to secure the proxy service when is called only, not when retrieving the wsdl.
  Is this possible to configure on OSB / WLS? How?
  Greetings!
  Edited by: user4483647 on 02-sep-2010 12:59
  Edited by: user4483647 on 02-sep-2010 13:25

  If I'm not wrong, Basic authentication is Transport level feature. So passing User/Password in SOAPHeader doesn't make sense. SOAP message can only be sent when you have a HTTP Connection open. During opening of HTTP connection User/Password is required for basic authentication.
  http://www.student.nada.kth.se/~d95-cro/j2eetutorial14/doc/Security7.html#wp156943
  Edited by: mneelapu on Apr 2, 2009 2:09 PM

• Cisco ISE 1.2 AD Auth and Internal Auth on Same SSID?

  Hello everyone... I'm fairly new to Cisco ISE 1.2 and am looking to try and setup a certain configuration.  I'm trying to figure out how to create what amounts to a BYOD dmz'd wireless network that is PEAP based (or tls) but authenticates known users (employees from AD groups) but for users not found in those AD groups uses the internal user database and/or Web Auth?  Make sense?
  So, I of course can get the Authentication/Authorization policies configured for PEAPTLS  and make to AD based on group and provide a VLAN number.  No problem... I'm having trouble wrapping my head around how to combine the internal users or web auth users in this mix on the same ssid?  I know by reading the ISE statement that the authentication policy if PEAP/TLS, ect is used, then a user not found is rejected and does not continue...  Can someone provide an example as to how to accomplish this?  
  As a side note in 1.2, is there the ability to limit the number of consective logins as in ACS, outside of guess access only? What about in 1.3, which makes me nervous to upgrade in reading the instructions and the 'newness' of it.
  Thank you for any help, it's greatly appreciated.

  I'd like to confirm if the required changes in the VM server were
  made, as there are a few changes in the ISE OS. The changes required are
  listed in the release notes, under "VMware Operating System to be
  Changed to RHEL 5 (64-bit)". Here's a direct link to the relevant section:
  http://www.cisco.com/en/US/docs/security/ise/1.2/release_notes/ise12_rn.html#wp384531
  Other causes can be :-
  certificate issue on ISE or not enough disk space.

• UCCX 8.5 https support? and Proxy support ?

  I have to perform backend request thru HTTPS in UCCX 8.5 scripting
  1) Is HTTPS supported in UCCX 8.5 ?
     I have to perform SOAP HTTPS (POST) transaction.
  2) Also to reach the backend sever we have to pass thru a Proxy server, it is possible to add proxy server information in the UCCX environnement to be able to reach the backend ?
  Has anyone done something similair ?

  I have connect to both a Trusted Root CA signed HTTPS server and a Non one too.  Obviously, if the cert is self signed, their will be additional steps required to "accept" it, but that's all within Java, and really has nothing to do with UCCX.
  UCCX can easily handle signed certs.  Take this code for example:
  String http_response = ""
  Set http_response = URL[https://www.google.com/]
  You should get back the HTML response from google.
  However, when you enter the address for a host with a self signed cert, like that of my CallManager, the editor barks.
  To get around that you will need some Java code (don't have any on tap, sorry) to accept the self signed cert.  Hopefully you don't need that.
  As for the proxy goes, I have not done this, but a quick google search yields a few promising results.
  Since you have the SOAP part working, I will assume you know how to embed Java into your script.
  Happy Scripting!
  Anthony Holloway
  Please use the star ratings to help drive great content to the top of searches.

• AC 5.3 RAR - combined risk analysis reports for regular auth. and SPM auth.

  Dear All,
  we have users that have regular day-today authorization and also FF authorization.
  Does the Batch Risk Analysis takes into account both authorizations when doing the risk analysis for those users ? will we see it in the reports ?
  Thanks
  Yudit

  ok, so basically the answer is no, in the RAR components we do not have risk analysis for the combinations of the roles assigned to the user and to his FF ID.
  in that case, at what stage does the system checks for those combined risks ?
  is it checked when we manage the risk analysis phase in the CUP request that is asking to assign the FF ID to the user ?
  thanks
  Yudit

• Using the same Realm for passwd auth and ssl auth

  Hi,
  does someone can tell me if it's possible to use the same Realm to authenticate
  some client with username,password and other client with certificates.In other
  word can a same realm support 2 different authentication method
  Thanks a lot
  romain

  Yes.
  The AbstractListableRealm, which I assume you're extending,
  has three methods:
  authUserPassword :
  checks passwords
  authSSLCertificate :
  is passed in the certificate verified by the SSL
  handshake. The default implementation of this
  method hands the certificate to the CertAuthenticator
  (if there is one). The CertAuthenticator typically
  uses one of the fields in the certificate to come up with
  a user name (eg. the email address minus the @ stuff),
  then verifies that there is a user with that name in
  the realm. Since SSL verfied the certificate, this
  method doesn't do any further checking. I think we
  ship a SimpleCertAuthenticator sample that you can
  look at.
  authCertificates :
  Like authSSLCertificates except that the certificate
  came from someplace else. I'm not sure under what
  conditions this is called.
  Normally, the realm worries about the user/password
  authentication then relies on the CertAuthenticator for
  the certificate stuff. The CertAuthenticator maps the
  certificate to a user name then goes to the realm to
  make sure that there really is a user with that name.
  -Tom
  "romain" <[email protected]> wrote:
  >
  Hi,
  does someone can tell me if it's possible to use the same Realm to authenticate
  some client with username,password and other client with certificates.In
  other
  word can a same realm support 2 different authentication method
  Thanks a lot
  romain

• Basic auth in proxy server breaks managed server form auth

  Hi,
  I have a proxy server configured in front of 2 managed servers.
  The managed servers have secure pages and are using form auth and the
  proxy server is working properly. In other words, I point my browser
  at the proxy and I end up being services by one of the managed servers.
  If I attempt to access a secure page via the proxy I am sent to the form
  login page via the proxy.
  Now for the problem:
  If I configure the proxy server to use basic auth, and secure all
  pages in the proxy, I must provide my userid/password to the proxy
  server (this is working fine) before I can get to one of the managed
  servers. I can get to the welcome page of the managed server (which is
  not secure) There is a link to a secure page on the welcome page. When
  I click on the link to the secure page, I am sent to the form auth by
  the managed server. I authenticate, but I can never see the secure
  page. I end up being redirected to the form login page endlessly.
  Both the proxy server and the managed server are usign the default
  JSESSIONID.
  Here is a section of the web.xml for the proxy server:
  <servlet>
  <servlet-name>HttpClusterServlet</servlet-name>
  <servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
  <init-param>
  <param-name>WebLogicCluster</param-name>
  <param-value>${ProxyConfig}</param-value>
  </init-param>
  <init-param>
  <param-name>SecureProxy</param-name>
  <param-value>ON</param-value>
  </init-param>
  <init-param>
  <param-name>Debug</param-name>
  <param-value>ON</param-value>
  </init-param>
  <init-param>
  <param-name>DebugConfigInfo</param-name>
  <param-value>ON</param-value>
  </init-param>
  <init-param>
  <param-name>CookieName</param-name>
  <param-value>JSESSIONID</param-value>
  </init-param>
  <init-param>
  <param-name>CookieName</param-name>
  <param-value>wlauthcookie_</param-value>
  </init-param>
  </servlet>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>gcmgui/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>applauncher/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>ssoadmin/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>default/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>domainadmin/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>gsc/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>psr/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>broadcastclient/*</url-pattern>
  </servlet-mapping>
  <servlet-mapping>
  <servlet-name>HttpClusterServlet</servlet-name>
  <url-pattern>nra/*</url-pattern>
  </servlet-mapping>
  Here is the proxy debug:
  <Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
  /applauncher/jsp/AppLaunche
  r.jsp HTTP/1.1
  <Fri Jul 11 14:40:07 EDT 2003>: Found cookie: Sf4VoFtpQwG]dTNEh9Yq
  <Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
  -213061352!10
  .68.10.87!1080!10443
  <Fri Jul 11 14:40:07 EDT 2003>: Remove idle for '30' secs:
  ProxyConnection(isSec
  ureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
  <Fri Jul 11 14:40:07 EDT 2003>: Create connection:
  ProxyConnection(isSecureProxy
  =true): 10.68.10.87:10443, keep-alive='30'secs
  <Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
  <Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
  image/jpeg,
  image/pjpeg, application/vnd.ms-excel, application/msword,
  application/vnd.ms-po
  werpoint, */*
  <Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
  <Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
  <Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
  MSIE 6.0; W
  indows NT 4.0; H010818)
  <Fri Jul 11 14:40:07 EDT 2003>: Host: localhost:18002
  <Fri Jul 11 14:40:07 EDT 2003>: Connection: Keep-Alive
  <Fri Jul 11 14:40:07 EDT 2003>: Cookie:
  JSESSIONID=1PEosMJQ9ZJrewjj1t5nZfNtYe1e5
  pWYbjyBGvZ1ExEY8YoueKTG!-213061352!NONE;
  wlauthcookie_=Sf4VoFtpQwG]dTNEh9Yq
  <Fri Jul 11 14:40:07 EDT 2003>: Authorization: Basic
  cmFwcGVsYmE6b3V0Mmx1bmNo
  <Fri Jul 11 14:40:07 EDT 2003>: HTTP/1.1 302 Moved Temporarily
  <Fri Jul 11 14:40:07 EDT 2003>: Out-bound headers:
  <Fri Jul 11 14:40:07 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:07 GMT
  <Fri Jul 11 14:40:07 EDT 2003>: Location:
  https://localhost:18002/applauncher/un
  restricted/jsp/FormLogin.jsp
  <Fri Jul 11 14:40:07 EDT 2003>: Server: WebLogic WebLogic Server 8.1
  Thu Mar 20
  23:06:05 PST 2003 246620
  <Fri Jul 11 14:40:07 EDT 2003>: Transfer-Encoding: Chunked
  <Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
  /applauncher/unrestricted/j
  sp/FormLogin.jsp HTTP/1.1
  <Fri Jul 11 14:40:07 EDT 2003>: Found cookie: UZ]OrXsBP6uEEa[0veSz
  <Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
  <Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
  -213061352!10
  .68.10.87!1080!10443
  <Fri Jul 11 14:40:07 EDT 2003>: Requeue connection:
  ProxyConnection(isSecureProx
  y=true): 10.68.10.87:10443, keep-alive='30'secs
  <Fri Jul 11 14:40:07 EDT 2003>: Recycle connection:
  ProxyConnection(isSecureProx
  y=true): 10.68.10.87:10443, keep-alive='30'secs
  <Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
  <Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
  <Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
  image/jpeg,
  image/pjpeg, application/vnd.ms-excel, application/msword,
  application/vnd.ms-po
  werpoint, */*
  <Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
  <Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
  <Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
  MSIE 6.0; W
  indows NT 4.0; H010818)
  <Fri Jul 11 14:40:08 EDT 2003>: Host: localhost:18002
  <Fri Jul 11 14:40:08 EDT 2003>: Connection: Keep-Alive
  <Fri Jul 11 14:40:08 EDT 2003>: Authorization: Basic
  cmFwcGVsYmE6b3V0Mmx1bmNo
  <Fri Jul 11 14:40:08 EDT 2003>: Cookie:
  JSESSIONID=1PEHvo1gQIbwOMuVsU9pJnnvlGBSP
  74ZUcSHwazE7domCL8UlVA2!-937872307; wlauthcookie_=UZ]OrXsBP6uEEa[0veSz
  <Fri Jul 11 14:40:08 EDT 2003>: HTTP/1.1 200 OK
  <Fri Jul 11 14:40:08 EDT 2003>: Out-bound headers:
  <Fri Jul 11 14:40:08 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:08 GMT
  <Fri Jul 11 14:40:08 EDT 2003>: Server: WebLogic WebLogic Server 8.1
  Thu Mar 20
  23:06:05 PST 2003 246620
  <Fri Jul 11 14:40:08 EDT 2003>: Content-Length: 4238
  <Fri Jul 11 14:40:08 EDT 2003>: Set-Cookie:
  JSESSIONID=1PEIxJ21oT5H3Z2ilQjPqpq1V
  kdOhEnNbbz9wviTtTTZj6IBp29b!-213061352!NONE; path=/
  <Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
  <Fri Jul 11 14:40:08 EDT 2003>: Requeue connection:
  ProxyConnection(isSecureProx
  y=true): 10.68.10.87:10443, keep-alive='30'secs
  <Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
  <Fri Jul 11 14:40:44 EDT 2003>: Trigger remove idle for '35' secs:
  ProxyConnecti
  on(isSecureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
  Thanks,
  Rob

  I typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.

• HTTP Basic Auth and Username Authentication with Symmetric Key

  Hi,
  I have a webservice happily running on tomcat 5.5 using "Username Authentication with Symmetric Key" I have certificates setup and everything works fine. I can even connect a .net client and use the service.
  Now I have an additional requirement of authorization per operation basis so I'm planning on using the roles. My current setup uses tomcat-users.xml to configure users but I seem unable to identify the role of the user from within my code as wsContext.isUserInRole("briefing") always returns false even when it clearly isn't. Where wsContext = @Resource private WebServiceContext wsContext.
  So I figure perhaps I need to add HTTP Basic Auth to tomcat for it to gather this information so I added security-constraints to the web.xml and this seems to do the trick: at least it does for my .net client.
  If I do:
    Service service = new Service();
    Port client = service.getPort();
    BindingProvider bp = (BindingProvider)client;
    bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername");
    bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword");Then it all works fine. However, I'd like a little less transparency: I don't want to have to do this every time I make a call.
  My question(s) is:
  1) Am I going about this the right way (perhaps I am somehow getting the incorrect reference to the WebServiceContext)
  2) If I am going about this the right way I imagine the whole BindingProvider code needs to be added to as a policy configuration but I'm really not sure where to start especially as I'm using wsimport to generate everything: I'm not even sure where to configure this so it will not get overwritter.
  Thanks for any help.

  Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
  All in all does this setup sound right?

• RemoteObject and http basic auth

  Hello,
  I am writing an AIR application and I have a RemoteObject
  that has an endpoint secured using http basic auth. Whenever I try
  to send the RemoteObject request, a username/password window is
  displayed to the user. How do I automatically send the
  username/password? Using setCredentials or setRemoteCredentials
  doesn't seem to affect this - looking at the data sent, the
  RemoteObject is not sending a http Authorisation header.
  Is this possible?

  Hello,
  Sorry for "waking up" this old message, but I have exactly the same probem and I can't find a solution.
  I know how to send Authorization in the HTTP headers with a HTTPService, but not with a RemoteObject.
  Do you know that, or have any other solution for the problem ?
  Etienne

• Web Services with HTTP Basic Auth

  Hi,
  I am having a problem connecting to web services which
  require HTTP Basic Authentication from a Flex application. I have
  useProxy set to true and call setRemoteCredentials prior to
  attempting the call, but the credentials do not appear to be set on
  the request (the request fails with fault.faultString = "HTTP
  request error", faultCode = "Server.Error.Request". The messages on
  the server indicate that the user name and password were not
  specified.
  I do have the proxy-config.xml file set up properly (I think
  -- I followed the example in the mx.rpc.soap.mxml.WebService class
  description, at least).
  I can verify that the WSDL (which doesn't require BASIC auth
  to access) is being loaded properly, but when I make the request,
  it fails. Is this a known problem?
  I am using Flex Builder 2.0.1 to build my SWF files.
  Thanks,
  Brendan

  Thanks for the pointer, I did try it, but it didn't help.
  As I said in the original post, the problem is with HTTP
  Basic Authentication, so adding a header for WSSE to the service
  request didn't help. It needs to be an HTTP Authorization header,
  not a SOAP Security header.
  Brnedan

• BASIC Auth and WSDL in WebLogic 7

  I want to protect my web service URI with HTTP basic authentication. I've modified
  the web.xml and protected my web service URI and all works fine. However, this
  also protects the dynamically generated WSDL URL.
  Is there a way to pass the user/password to the JAX-RPC client for the WSDL URL?
  If not, what is the best way to expose the WSDL through a different unprotected
  URI while still dynamically generating it?
  Mike

  I am aware that this is an old post, but I have never seen a good answer for this
  question and have been struggling with it myself. How do you protect web services
  with basic authentication, but at the same time expose the generated WSDL?
  The best way I have found is to protect only post requests:
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>myservice</web-resource-name>
  <url-pattern>/myservice/*</url-pattern>
  <http-method>POST</http-method>
  </web-resource-collection>
  <auth-constraint>
  <role-name>SomeRoleName</role-name>
  </auth-constraint>
  </security-constraint>
  Since web service requests are posts, security does kick in on the invocation.
  The WSDL 'get' requests are allowed. This setup does break the WLS generated test
  harness, however, since there is no way to authenticate prior to the service invocation.
  Anyone have any better suggestions?
  Anyone know why servicegen doesnt put the WSDL in a separate directory from the
  services to make things a bit easier?
  Mike
  "Mike Gilbode" <[email protected]> wrote:
  >
  I want to protect my web service URI with HTTP basic authentication.
  I've modified
  the web.xml and protected my web service URI and all works fine. However,
  this
  also protects the dynamically generated WSDL URL.
  Is there a way to pass the user/password to the JAX-RPC client for the
  WSDL URL?
  If not, what is the best way to expose the WSDL through a different
  unprotected
  URI while still dynamically generating it?
  Mike

• Using HTTP basic auth in WebService

  Hi,
  I am writing a flex app that needs to talk to a pre-existing
  SOAP web service. Unfortunately the web service uses http basic
  auth to authenticate a user. I am trying to figure out exactly how
  this is accomplished but I cannot find any substantive data on the
  subject. So I was hoping someone here could point me in the right
  direction or possibly answer the question outright.
  I DID find reference to using the useProxy attribute on the
  WebService element (and that I would need to make some changes to a
  flex-config.xml) but I could not get this to work, nor could I find
  any explanation as to what exactly I was doing. I, as a workaround,
  attempted to place the auth info in the url (e.g.
  http://user:passwordhash@host:port/wsdl)
  but this did not work either as the request never made it to the
  server, I am assuming actionscript doesn't like this format?
  Anyway, does anyone have any advice/pointers? Any help would
  be appreciated.

  Hi,
  I am writing a flex app that needs to talk to a pre-existing
  SOAP web service. Unfortunately the web service uses http basic
  auth to authenticate a user. I am trying to figure out exactly how
  this is accomplished but I cannot find any substantive data on the
  subject. So I was hoping someone here could point me in the right
  direction or possibly answer the question outright.
  I DID find reference to using the useProxy attribute on the
  WebService element (and that I would need to make some changes to a
  flex-config.xml) but I could not get this to work, nor could I find
  any explanation as to what exactly I was doing. I, as a workaround,
  attempted to place the auth info in the url (e.g.
  http://user:passwordhash@host:port/wsdl)
  but this did not work either as the request never made it to the
  server, I am assuming actionscript doesn't like this format?
  Anyway, does anyone have any advice/pointers? Any help would
  be appreciated.

• Proxy Auth authentication required and kerberos

  Hi All
  Oracle supports the proxy auth trusted subsystem which allows greater scalability through the use of a system wide connection pool. There is a configuration option to "authentication required" to the proxy auth system.
  Oracle also support kerberos authentication for external users.
  What I would like to know is whether the proxy_auth authentication required is compatable with kerberos authentication. That is can I configure proxy auth to authenticate the tunneled user using kerberos.
  Thanks
  Edited by: user8002300 on 28/10/2009 16:47

  Hi,
  What you can do is to set up a reverse and the forward proxy. When the client hits the first proxy it should be configured as a reverse proxy which will redirect the request to the second proxy (this will be a reverse proxy) which will connect to the internet.
  Hope this helps.
  Regards,
  Dakshin.
  Developer Technical Support
  Sun Microsystems
  http://www.sun.com/developers/support.

• BPEL not passing HTTP basic auth info

  The BPEL control does not seem to pass the HTTP basic auth data correctly.
  I placed the right credentials in the httpUsername and httpPassword properties for the partner link.
  I patched SOA Suite to 10.1.3.3.1 to try to solve this problem. But it still comes up with the same result.
  Any help would be greatly appreciated!

  Steps for invoking secure web services from BPEL================================================
  Add following lines in target wsdl(webservice)
  Add xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" in the namespaces section (ensure that "ns4" is not already being used!)
  Add xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" in the "schema" element
  Import the namespace http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd and provide a schemaLocation (physical file in the current directory)
  Add the following in the "message" element for the input message type:
       <s1:part name="secHeader" element="ns4:Security"/>
  Add <s3:header message="__relevant_message_name__" part="secHeader" use="literal"/> within <input> element (<binding>..<operation>)
  then in BPEL before invoke activity take one assign activity
  in assain activity xml expression to securerity variable in target variable
  <oas:Security xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <oas:UsernameToken wsu:Id="UsernameToken-15799662" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <oas:Username>username</oas:Username>
  <oas:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</oas:Password>
  </oas:UsernameToken>
  </oas:Security>
  import xsds into local workspace
  oasis-200401-wss-wssecurity-secext-1.0.xsd
  oasis-200401-wss-wssecurity-utility-1.0.xsd
  xml.xsd
  xmldsig-core-schema.xsd