Web Services Usernames and Passwords in Axis

Similar Messages

• BPM Process As a Web-Service Username and Password

  Hi all,
  We have exposed a Process as a Web-Service WSDL to another system . We use Username Token Profile to enter the username and password to connect to the Web-Service..
  Now what we do is we have a role in our project and we create a dummy Web-Service user and add the role to that user and then use its password and username to call the Web-Service.
  Can we change this?
  Can we have a dummy username and password not associated with any role in BPM used in our Web-Service?

  Did you use PAPI code inside your web service or did u just use PAPI Web Services ( like did u just pressed the button Launch PAPI Web Services ) and it created the WSDL for you and u used it to create the client?
  I am using the latest version of OBPM..
  Oracle 10.3.10
  Can you let me know what do u mean by PAPI interface.. Is it the PAPI code of is the PAPI Web Service which is built by BPM automatically and could be used?
  Edited by: user8707382 on Sep 10, 2009 9:00 AM

• Validate web service username and password against Oracle EBS

  Hi,
  We have a requirement to pass username/password to a SOA webservice that needs to be validated against Oracle E-Business Suite (EBS) login credentials. The EBS users are not integrated with SOA Weblogic server. In EBS, the standard PL/SQL procedure FND_WEB_SEC.VALIDATE_LOGIN(user_name, password) can be used for validation. Appreciate if someone can provide input on validating the username and password as part of web service security header using any OWSM policy.
  Thanks!

  I'm guessing that you are trying to call an EBS API and are using FND_WEB_SEC to test that the user account is valid in FND_USER first before executing the API call. In that instance, you'll likely need to use the Oracle Applications Adapter for EBS if you want to authenticate the user through FND_USER.
  If you've not purchased that adapter, you could use a simple BPEL process, with a regular database adapter to firstly call the FND_WEB_SEC package to authenticate. Pass the response from eBS into a bpel variable, add a bpel switch based on the outcome of that variable either execute the API call or  throw an authentication error if the call failed.
  You can wrap all this up into one web service that then calls this bpel process, taking the username and password as as input parameters.
  Phil

• Web service username and password problems

  Hi,
  I am trying to create a client to consume webservices exposed on a secure .net platform that is SSL protected (https).
  I am using netbeans 6 with WSIT support. When I create the web service and add the WSDL file - it comes up with the certificate that I then approve, but then just displays a IO Exception. When I access the WSDL through a browser, it requests a username and password (which I supply) and it works fine.
  I've tried on Netbeans 5.5 but with no luck - it asks for a username and password (at least) but doesn't accept them.
  How can I connect to an https web service that requires a LDAP username and password?
  Thanks,
  Brendan

  I'm guessing that you are trying to call an EBS API and are using FND_WEB_SEC to test that the user account is valid in FND_USER first before executing the API call. In that instance, you'll likely need to use the Oracle Applications Adapter for EBS if you want to authenticate the user through FND_USER.
  If you've not purchased that adapter, you could use a simple BPEL process, with a regular database adapter to firstly call the FND_WEB_SEC package to authenticate. Pass the response from eBS into a bpel variable, add a bpel switch based on the outcome of that variable either execute the API call or  throw an authentication error if the call failed.
  You can wrap all this up into one web service that then calls this bpel process, taking the username and password as as input parameters.
  Phil

• External Web Service - User and password in HTTP header

  Hi!
  How is it possible to add user and password in the HTTP header in a external web service call? 
  I have created a "Portal Service from WSDL file - Client side" with the wizard in SAP Developer Studio.  I following the Java Development Guide - Web Service Security, and use the <i>secured service connection</i>.  I have also created a new <i>System Landscape</i>, but should the new system be based on HTTP, my own PAR or what?
  How can I check that the user and password is added to the HTTP header or the SOAP envelope? Do I have to scan http traffic with a proxy as Paros or can I find the request sent from SAP EP in the logs?
  Cheers
  Asle

  Hello All,
  I have been struggling a bit while putting a reasonable security framework on a jax-rpc style web service. I'm using JWSDP1.2 to set up the webservice. I've tried to outline my problem below. Please correct me where I'm wrong.
  I've been through the Sun's WS tutorials, but they are not really clear on security. However, from them I surmised that there are two decent authentication techniques. HTTP Basic and mutual authentication (MA) . Both have their drawbacks though. HTTP Basic suffers from poor encryption while MA is a bit difficult to set up on both client and server sides. Another problem with MA is that there is no central repository for users/passwords.
  OK, what I would really like to do is use my own user database to verify users/passwords i.e. use a HTTP Basic like authentication (but at application level) but run it over SSL for encryption. It seems simple, but is it possible?
  Also, I have noted that when I use HTTP Basic on the service side, and use a java client, then setting username/password has no effect. In other words, I can always access the web-service, even with wrong username/password.
  Sorry for the long post. Hope someone can help. Thanks.

• Reporting Services username and password prompting

  We have several branch office locations and one reporting services server. All of the branch office locations can access the reporting services server, but we have one location for the passed week, each time they make a connection to this server, it prompts
  them for a username and password and will not allow them to connect even if the correct username and password is correct.
  I have tried adding the server to the IE intranet/trusted site list. Set IE security on all zones to automatically logon with current username and password.
  What is strange is that this is the only branch office site that is having this issue. It is almost like kerberos is broken for this site location only.
  DOes anyone has any suggestions what could be causing this problem for all computers in this one location. Nothing has changed on their local servers nor have we pushed any updates to the machines.

  Hi bubba1984,
  As per my understanding, I think this issue is caused by Kerberos authentication. Kerberos is an authentication protocol that allows clients that create authentication tokens to associate a specific destination to that token. In the failure case, there is
  a mismatch between the destination specified in the token and the report server process configuration. Due to this mismatch, the underlying Kerberos authentication scheme supported by Windows prevents report server from authenticating the user.
  To fix this issue, please try to remove RSWindowsNegotiate and ensure RSWindowsNTLM is specified in the rsreportserver.config file. For more details, please take the following article as reference:
  http://blogs.msdn.com/b/lukaszp/archive/2008/03/26/solving-the-reporting-services-login-issue-in-the-february-ctp-of-sql-server-2008.aspx
  Hope this helps.
  Thanks,
  Katherine Xiong
  Katherine Xiong
  TechNet Community Support

• Tuxedo Web GUI username and password

  Hia all,
  I setup mu Tuxedo in my solaris box and i started tuxwsvr and tlisten processes
  to enable to access my Web based Tuxed GUI and i could able to access the pages.
  I got a page for Tuxedo domain administration and asking user name and password....
  i know the password is the tlisten password... whats the user name i have to use
  Thanks in advance
  Vijay

  The user can be anything it just goes in the client table to identify your
  session.
  B
  "RKVijayakumar" <[email protected]> wrote in message
  news:3e81db15$[email protected]..
  >
  Hia all,
  I setup mu Tuxedo in my solaris box and i started tuxwsvr and tlistenprocesses
  to enable to access my Web based Tuxed GUI and i could able to access thepages.
  >
  >
  I got a page for Tuxedo domain administration and asking user name andpassword....
  i know the password is the tlisten password... whats the user name i haveto use
  Thanks in advance
  Vijay

• Web Interface - Username and Password.

  I have a question when i put my IP address i need to put a password and username. Where i can get dose things ?

  Before I suggest you for any trouble shooting steps, I would like to ask few questions. Let me know the model number of the router? When you connect the computer to the router what IP address do you get on the computer? To check the IP address that you are getting from the Router...
  You can check the IP address in the following manner:
  # Click on Start -> All Programs -> Accessories -> Command Prompt.
  # A black pop up box should come up, type: "ipconfig /all" …
  There check the IP address and Default Gateway under LAN….
  Second, if you want to get an access of the Router management page then here is the link: http://www6.nohold.net/Cisco2/ukp.aspx?vw=1&docid=3d655af76e21457fa8b71a0c3a2a0c9c_3676.xml&pid=80&r...

• Can I get a print out of all my website usernames and passwords

  My laptop is 'playing up' and refusing to start on some days. If I get another machine a hard copy or a printout of all my web site usernames and passwords would be handy. If tried to Print The screen but that doesn't or will or work. I've also tried highlighting all of them and then tried to get it to print (using Control + P and that doesn't work either. Any advice

  I don't think you can actually print out the list like you describe -- but a better option would be to set up Firefox Sync and make sure everything is synced on our servers. Once you get the new machine, you can simply add another device to your account and pull down all passwords to your new machine that way. This page explains how you set up Sync: https://support.mozilla.org/en-US/kb/how-do-i-set-up-firefox-sync?esab=a&s=sync&r=2&as=s
  Another option would be to make a backup of the profile folder of Firefox. This would copy all of your settings related to Firefox and you could then just transfer that to your new machine. This article walks you through the procedure: https://support.mozilla.org/en-US/kb/back-and-restore-information-firefox-profiles?esab=a&s=profile&r=1&as=s
  Hope this helps!

• Username and password validation on SOAP Web Service

  Hi,
  I'm pretty new to web services and c# .net framework.  
  I'm developing an app that uses a third party's API/ Web services. My first task is getting this log in(authentication) to working.
  Right now its nothing more than a simple Login form:
  The code behind the "Log In" button is so far:
  Here I've instantiated the SOAP web service that I'm using. And when I got to test/debug my form and type in my username and password and click the "Log In" button nothing happens..."of course" 
  So my question is, how could I validate whether the username and password were sent to the web service and whether the authentication is true or false?

  I'm trying to figure that part out...of how I can get it to return the bool. How can I check to see if it returns a bool?(because i'm not really sure if it does or doesn't just yet)
  I'm not expecting it to say "Hey you're logged in" because the actual application doesnt work that way. The actual desktop client will log you in with a (Domain Name\ Username) and windows authenticate
  that you're who you say you are, check the SQL Server and Database and Logs you in. 
  So im trying to figure out how I can manually set it up to where it let the user know that they have Logged in successfully.
  And you're saying that the code i have right now SHOULD log the users in correctly?  

• Username and password token retrieval from SOAP web services

  We are implementing one JAX-WS Web services which requires to retrieve the username and password in SOAP header elements and use those for further use/processing.
  When we are retrieving username/password it’s coming as null. Please help ...
  if (Boolean.FALSE.equals(context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY))) {     
  try {
  SOAPMessage sm = context.getMessage();
  //SOAPEnvelope envelope = context.getMessage().getSOAPPart().getEnvelope();
  SOAPEnvelope envelope = sm.getSOAPPart().getEnvelope();
  SOAPHeader sh = envelope.getHeader();
  System.out.println("Message: "+envelope);
  System.out.println("Envelope: "+envelope);
  System.out.println("Header: "+sh.toString());
  Iterator it = sh.examineAllHeaderElements();
  while(it.hasNext()){
  System.out.println(it.next());
  String username;
  username = sh.getAttribute("Username");
  // username = sh.getAttributeValue("Username");
  //String password = sh.getAttribute("Password");
  System.out.println("uid:"+username);
  //System.out.println("pass: "+password);
  context.put("Username", username);
  //context.put("Passsword", password);
  // default scope is HANDLER (i.e., not readable by SEI
  // implementation)
  context.setScope("Username", MessageContext.Scope.APPLICATION);

  <S12:Envelope xmlns:S11="..." xmlns:wsse="..." xmlns:wsu= "...">
  <S12:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>TestUser</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TestPassword</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </S12:Header>
  </S12:Envelope>

• How-to access username and password protected Java EE Web services from ADF

  The title of this post is exactly the same as this article by Frank Nimphius:
  http://www.oracle.com/technology/products/jdev/howtos/1013/protectedws/access_protected_web_services_from_adf.htm
  The article addresses the problem of securing web services using usernames and passwords, when those web services are accessed through a proxy or a data control. In the examples, the user names and passwords are specified, whether in the code or the definition of data controls. (SKING/SKING).
  In a very common scenario, users login to reach a page, for example, A.jspx, which contains a button that calls a web service, for example displayDate. Suppose that user has logged in by username/pass of (AHUNOLD/AHUNOLD) and AHUNOLD has access to the service and the page. Is there any way to pass the logged in user name and password to the webservice ? Of course we can hard-code the username in the data control definition or proxy code, but this is just one of the thousands of users who have access to the service and the authentication is not dynamic this way.
  Hope my question is clear. Wishing you all a great Christmas.
  Farbod

  Hi Frank, and happy new year.
  Are you implying that it couldn't be done declaratively? What is your suggestion for this problem? You know the problem... As I described:
  - I need to secure my web services, so when exposed, no one from inside network or the internet, can access the web service without proper permission
  - The web services are shown as web controls on jspx pages. The user has logged in before reaching the page. It is irrelevant to ask him to enter user name and password again.
  - I have user names, passwords and roles in Oracle Internet Directory (Identity Management). It provides some APIs and I can retrieve the usernames and attempt logging in programmically. But how can I get username and password from the session in ADF application?
  I guess using SAML or certificate could be the solution, but I have a problem with SAML, described here:
  Re: Webservices Security, SAML, and Identity Management (OID)
  Best Regards,
  Farbod

• The server at Mac OS X Server Web Services requires a username and password

  I am running SL Server 10.6.2, wiki works but when a person clicks an attached file in a wiki and then selects "open" they get a login popup with the notification The server at Mac OS X Server Web Services requires a username and password. It doesn't matter what they put into the login/pass it comes back. If they hit cancel then the document opens. If they click save then it saves with no issue. I can type in the admin login/pass of the server and it works. Does this mean the security settings to the location of the files is wrong? Any help is greatly appreciated!

  By the way they are using Internet Explorer 7 when opening these documents.

• VC Change username and password for web services

  Hi everybody
  I need to change the username and password into the portal of some web services that   have already been created portal is consuming these web services  a XI
  Thansk
  Ivan

  it is ok ....
  thank you....
  i have now this issue:
  i need to add new E1 to be in the same trunk for previous E1 which is for Abdali. new E1 will not have signal it depeneds at old one timeslot.
  i used this for new E1:
  prov-add:nailedtrnk:name="1033",srcsvc="ss7p-jtc-abdali",dstsvc="naspath1-abdali",srcspan="ffff",dstspan="0",srctimeslot="33",dsttimeslot="33",spansize=31
  for old one this:
  prov-add:nailedtrnk:name="1002",srcsvc="ss7p-jtc-abdali",dstsvc="naspath1-abdali",srcspan="ffff",dstspan="0",srctimeslot="2",dsttimeslot="2",spansize=30
  ============================
  at AS5400 i used to add new E1:
  controller E1 7/2
  framing NO-CRC4
  pri-group timeslots 1-31 nfas_d primary nfas_int 1 nfas_group 0
  Is this true or there are other commands i should use?
  OLD E1 is configured as:
  controller E1 7/0
  framing NO-CRC4
  channel-group 0 timeslots 1
  pri-group timeslots 2-31 nfas_d primary nfas_int 0 nfas_group 0
  description Connection to Abdali
  interface Serial7/0:0
  no ip address
  encapsulation ss7
  channel-id 0
  interface Serial7/0:15
  no ip address
  encapsulation hdlc
  isdn switch-type primary-ni2c
  isdn incoming-voice modem
  isdn map address . plan isdn type network
  isdn rlm-group 0
  no isdn send-status-enquiry
  isdn negotiate-bchan resend-setup
  isdn bchan-number-order ascending
  no cdp enable
  any help please for correct commands i shall use? please see attached file for details.

• Web service functions in SSO without username and password

  Is there a way to use the Public Report Web Service functions when configured in SSO and without passing a username and password? I was able to try out the web service and make it work. As we all know, you need to pass a username and password for each web service call unless your reports can be accessed by guests. In an SSO + LDAP server configuration, there are cases in which you are not allowed to get the password. The password can not be decrypted.
  Is there a way to still use web service? or do you need to use the url approach instead? But if you use the url approach then you may be limited to generating reports only.
  I'm thinking there should be since if you are already logged in for SSO then you should be able to generate.
  Any way to configure this?

  <i>When I access web reports from bw.</i>
  i hope you are not talking about BEX web reports , since you have mentioned ITS.
  Is it a standlone ITS or intergrated ITS?
  can you post the url pattern here.
  Regards
  Raja