Authenticated Web Services

How would you build an authenticated Web Services?
Building web services are fun. I have a JSP application running on one machine and OC4J running on the other machine where all my web services are deployed. However, I don't want just anybody hitting my web services and getting data. I have the users logging into the application but the web services are just open, kind of in public mode. How does the web service know who is authorized to talk to it? How would you design the web service for authentication?
Thanks

You can start by using SSL as per this writeup/tutorial jar/zip file here:
http://otn.oracle.com/sample_code/tech/java/web_services/wssecurity/ws_security.jar
If you are using the Oracle9iAS Web services implementation, there is full support for basic and digest authentication ... check out:
http://otn.oracle.com/docs/products/ias/doc_library/903doc_otn/generic.903/b10004/useservices.htm#1018247
With relatively little effort you can set up the same level of security that exists for todays HTML based Web applications.
Mike.

Similar Messages

Authentication Web Services for Java applications

Hi All,
We are building Java based SAP applications for mobile devices such as Blackberry, iPhone etc. The applications are browser based (thin client) to be deployed on SAP Netweaver WAS and would interface with SAP backends such as SAP ECC, SAP BW using SAP Web Services (converted from BAPIs).
For certain reasons we do not want to use Mobile Webdynpro Java using JCO/BAPIs as we would be using a Java based middleware which is built in-house for rendering on multiple devices and it does not go well with Mobile Webdynpro with Java. We are NOT using SAP Enterprise Portal as well.
What I would like to know is are there any standard Authentication Web Services that can be used to authenticate the user, when he tries to login to the application through the mobile browser. Also does SAP Netweaver WAS provide authentication mechanism for a Java based web application by default.
Any pointers would be appreciated and thanks in advance for the same.
Suresh

Hi All,
We are building Java based SAP applications for mobile devices such as Blackberry, iPhone etc. The applications are browser based (thin client) to be deployed on SAP Netweaver WAS and would interface with SAP backends such as SAP ECC, SAP BW using SAP Web Services (converted from BAPIs).
For certain reasons we do not want to use Mobile Webdynpro Java using JCO/BAPIs as we would be using a Java based middleware which is built in-house for rendering on multiple devices and it does not go well with Mobile Webdynpro with Java. We are NOT using SAP Enterprise Portal as well.
What I would like to know is are there any standard Authentication Web Services that can be used to authenticate the user, when he tries to login to the application through the mobile browser. Also does SAP Netweaver WAS provide authentication mechanism for a Java based web application by default.
Any pointers would be appreciated and thanks in advance for the same.
Suresh

Authentication Web Service

Hi Everyone,
I am new to the Access Manager and would like to know how exactly we can authenticate a user against the Authentication Web Service. Could someone please share the sample client to get the above?
Also, I am not clear under what scenarios one would prefer to use a web service to authenticate the user?
Thanks in advance and really appreciate for any help.
Thanks,
Ranjith.

Hi Ranjith,
There are a couple of SDN articles that discuss this in some detail:
[Securing Applications With Identity Services|http://developers.sun.com/identity/reference/techart/id-svcs.html]
[Integrating Applications With OpenSSO|http://developers.sun.com/identity/reference/techart/app-integration.html]
Cheers,
Pat

Consuming password authenticated web service in PeopleSoft

I have requirement where I have to do modification on PS delivered location setup page to validate the address entered by user against pitney bowes database using webservice provided by them for validation, I have been provided with WSDl ur l(http,SOAP protocol), I am very new to web services , After reading on various blogs I was able to do basic setup by using consume web service wizard , I have got services ,message, service operation and routing created by default while consuming,I have copied delivered WSDL_NODE node and used it while consuming , I wanted to know what changes do I need to do in node and advanced gateway properties file, do I have define this node any where in gateway properties file and how , also they have provided us an userID and Password ,I am not sure where to configure the credential , also what I have to provide as default user-id/external ID / password , what do we need to provide in WS-Security tab . I am able to ping the node with doing any changes in security but not able to send request message. It will be helpful if someone can guide me how to configure web services security while consuming web service. and other important things that I need to take care.

The information in this article about consuming a web service may be helpful:
http://www.peoplesoftwiki.com/consuming-a-web-service

Authenticating web services -- get Invalid Response Code:(401) Unauthorized

Hi,
ich have implemented a websirve in dynpro java (thanks for all the guys who wrote guides for that), but i still have a problem. i have to set username and password for authorization.
i have already tested follwoing code:
reqMo.wdSetInvocationModifier(
           new IWDWSInvocationModifier() {
             public void doModifyInvocation(Object port) {
                // Creating the SOAP Header node.
                HTTPControlInterface http = HTTPControlFactory.getInterface(port);
                http.setHTTPProxyUserPass("xxxxx","xxxxxx");
             public void doModifyAfterInvocation() {}
but i get same message as follows:
Exception on execution of web service with WSDL
URL 'http://server:port/special/wsdl_report_gen.wsdl' with operation '_-xxxx_-generateReport' in
interface '{urn:sap-com:document:sap:soap:functions:mc-style}XXXX_REPORT_GEN':
Invalid Response Code: (401) Unauthorized. The requested URL
was:"http://server:port/sap/bc/srt/rfc/sap/XXXX_report_gen/111/XXXX_report_gen/XXXX_report_gen";
nested exception is:
com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid
Response Code: (401) Unauthorized. The requested URL
was:"http://server:port/sap/bc/srt/rfc/sap/XXXX_report_gen/111/XXXX_report_gen/XXXX_report_gen"
any ideas?
Edited by: Dennis Ahaus on Dec 10, 2008 11:40 AM

Hi Dennis Ahaus,
If you are using Adaptive webservice model, you can provide the credentials as below.
wdContext.currentXXXXElement().modelObject().setInvokerProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY,"username");
//           wdContext.currentXXXXElement().modelObject().setInvokerProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY,"password");
Regards,
VJR.

Cannot test authenticated web service from Web Service test page

I tried to test my page from using http://localhost:7001/wls_utc. It seems to work fine in my production environment but not in my local machine. I got the following error:
Parse of wsdl (http://localhost:7001/mywebservice?WSDL) failed due to weblogic.testclient.WsdlParseFailedException: weblogic.wsee.wsdl.WsdlException: Failed to read wsdl file from InputSource due to -- java.io.FileNotFoundException: Response: '401: Unauthorized' for url: 'http://localhost:7001/mywebservice?WSDL'.
With the following access log
127.0.0.1 - username [31/May/2007:16:37:45 -0400] "GET /mywebservice HTTP/1.1" 200 68509
127.0.0.1 - - [31/May/2007:16:37:45 -0400] "GET /mywebservice HTTP/1.1" 401 283
127.0.0.1 - username [31/May/2007:16:37:43 -0400] "GET /wls_utc/begin.do HTTP/1.1" 200 2648
I noticed that the second line did not appear in my production server. Is there something wrong in my configuration?
Thanks,
Edited by nluengna at 05/31/2007 1:45 PM

Thanks for your help,
I don't have hardware firewall. But in gateway server of company, we have a firewall. I doubt if the 80 port in this firewall is blocked. You say that some ISP block port 80, what does it mean, does it mean that port 80 on the server of our company is blocked? But we have also web page, I can acess it from internet.
another question: if one process send some message to another, it uses the fixed port or any port selected from the free port? e.g does one process send http request using fixed 80or 8080?
Thank you

How to pass credentials/saml token access sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication

How to pass credentials/saml token exchange to the sharepoint web service ex:lists.asmx when sharepoint has single sign on with claims based authentication
Identity provider here is Oracle identity provider
harika kakkireni

Hi,
The following materials for your reference:
Consuming List.asmx on a claims based sharepoint site
http://social.technet.microsoft.com/Forums/sharepoint/en-US/f965c1ee-4017-4066-ad0f-a4f56cd0e8da/consuming-listasmx-on-a-claims-based-sharepoint-site?forum=sharepointcustomizationprevious
Sharepoint Claims based authentication and Single Sign on
http://social.technet.microsoft.com/Forums/sharepoint/en-US/2dfc1fdc-abc0-4fad-a414-302f52c1178b/sharepoint-claims-based-authentication-and-single-sign-on?forum=sharepointadminprevious
Sharepoint Claim Based Authentication Web Service issuehttp://social.msdn.microsoft.com/Forums/office/en-US/dd4cc581-863c-439f-938f-948809dd18db/sharepoint-claim-based-authentication-web-service-issue?forum=sharepointgeneralprevious
Best Regards
Dennis Guo
TechNet Community Support

Problem when consuming web service on WIndows authentication applcation

Hi,
I am having a tough time in consuming web services on a
Windows authentication IIS server.
In one of my application I have created web services and
consuming those web services from my another application.
If I turned off the Windows authentication everything works
fine, but If I turned on the Windows authentication web services
stop working.
Has anyone encountered such error while working with web
services on Windows authentication server.
Attach Code
Could not perform web service invocation "funGetCustomer".
Here is the fault returned when invoking the web service
operation:
AxisFault
faultCode: {
http://xml.apache.org/axis/}HTTP
faultSubcode:
faultString: (401)Unauthorized
faultActor:
faultNode:
faultDetail:
{}:return code: 401
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01//EN" "
http://www.w3.org/TR/html4/strict.dtd">
<HTML><HEAD><TITLE>You are not authorized
to view this page</TITLE>
<META HTTP-EQUIV="Content-Type" Content="text/html;
charset=Windows-1252">
<STYLE type="text/css">
BODY { font: 8pt/12pt verdana }
H1 { font: 13pt/15pt verdana }
H2 { font: 8pt/12pt verdana }
A:link { color: red }
A:visited { color: maroon }
</STYLE>
</HEAD><BODY><TABLE width=500 border=0
cellspacing=10><TR><TD>
<h1>You are not authorized to view this page</h1>
You do not have permission to view this directory or page
using the credentials that you supplied because your Web browser is
sending a WWW-Authenticate header fi...

You could try switching the HTTP transport provided in the
Apache Axis embedded in ColdFusion to "CommonsHTTPSender".
See this blog post:
http://tjordahl.blogspot.com/2007/03/apache-axis-and-commons-httpclient.html

WSUS not working completely, no MMC connect, all web services are not working

Hello all,
I have a problem not sure what causing it or what is the source of it as I am not into WSUS that much...
THe status is as follows:
I have 1 server 2008 sp2 RTM x64, I had WSUS 3.0 SP2 on it since a while, it was working fine until a week ago, when I started receiving the below messages in the event viewer
I have spent too much time trying to trace or troubleshoot this issue, but all I got was to check the registry and check permissions on the temp folder and other folders, I have done complete removal with the database for the old WSUS and reinstalled it
again but I got the same problem
Nothing strange and no problems happened on the server perior to this issue, it just happened...
Any help will be appreciated
Regards
============== MSG 1 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:52:54 PM
Event ID:      7053
Task Category: None
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,
Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.
System.InvalidOperationException -- Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'.
The request failed with the error message:
<html>
    <head>
        <title>Security Exception</title>
        <style>
         body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
         p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
         b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
         H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
         H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
         pre {font-family:"Lucida Console";font-size: .9em}
         .marker {font-weight: bold; color: black;text-decoration: none;}
         .version {color: gray;}
         .error {margin-bottom: 10px;}
         .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
        </style>
    </head>
    <body bgcolor="white">
            <span><H1>Server Error in '/ApiRemoting30' Application.<hr width=100% size=1 color=silver></H1>
            <h2> <i>Security Exception</i> </h2></span>
            <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">
            <b> Description: </b>The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission please contact
your system administrator or change the application's trust level in the configuration file.
            <br><br>
            <b> Exception Details: </b>System.Security.SecurityException: That assembly does not allow partially trusted callers.<br><br>
            <b>Source Error:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code>
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.</code>
                  </td>
               </tr>
            </table>
            <br>
            <b>Stack Trace:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code><pre>
[SecurityException: That assembly does not allow partially trusted callers.]
   ASP.global_asax..ctor() +0
</pre></code>
                  </td>
               </tr>
            </table>
            <br>
            <hr width=100% size=1 color=silver>
            <b>Version Information:</b> Microsoft .NET Framework Version:2.0.50727.4214; ASP.NET Version:2.0.50727.4209
            </font>
    </body>
</html>

Source
Microsoft.UpdateServices.Administration
Stack Trace:
   at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
   at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer()
   at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.get_AdminApiTools()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.get_ServerState()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.SetNavigationItemEnabledStates()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.OOBEWizardInitialize()
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">7053</EventID>
    <Level>2</Level>
    <Task>0</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:52:54.000Z" />
    <EventRecordID>884368</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The WSUS administration console has encountered an unexpected error. This may be a transient error; try restarting the administration console. If this error persists,
Try removing the persisted preferences for the console by deleting the wsus file under %appdata%\Microsoft\MMC\.
System.InvalidOperationException -- Client found response content type of 'text/html; charset=utf-8', but expected 'text/xml'.
The request failed with the error message:
<html>
    <head>
        <title>Security Exception</title>
        <style>
         body {font-family:"Verdana";font-weight:normal;font-size: .7em;color:black;}
         p {font-family:"Verdana";font-weight:normal;color:black;margin-top: -5px}
         b {font-family:"Verdana";font-weight:bold;color:black;margin-top: -5px}
         H1 { font-family:"Verdana";font-weight:normal;font-size:18pt;color:red }
         H2 { font-family:"Verdana";font-weight:normal;font-size:14pt;color:maroon }
         pre {font-family:"Lucida Console";font-size: .9em}
         .marker {font-weight: bold; color: black;text-decoration: none;}
         .version {color: gray;}
         .error {margin-bottom: 10px;}
         .expandable { text-decoration:underline; font-weight:bold; color:navy; cursor:hand; }
        </style>
    </head>
    <body bgcolor="white">
            <span><H1>Server Error in '/ApiRemoting30' Application.<hr width=100% size=1 color=silver></H1>
            <h2> <i>Security Exception</i> </h2></span>
            <font face="Arial, Helvetica, Geneva, SunSans-Regular, sans-serif ">
            <b> Description: </b>The application attempted to perform an operation not allowed by the security policy. To grant this application the required permission
please contact your system administrator or change the application's trust level in the configuration file.
            <br><br>
            <b> Exception Details: </b>System.Security.SecurityException: That assembly does not allow partially trusted callers.<br><br>
            <b>Source Error:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code>
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.</code>
                  </td>
               </tr>
            </table>
            <br>
            <b>Stack Trace:</b> <br><br>
            <table width=100% bgcolor="#ffffcc">
               <tr>
                  <td>
                      <code><pre>
[SecurityException: That assembly does not allow partially trusted callers.]
   ASP.global_asax..ctor() +0
</pre></code>
                  </td>
               </tr>
            </table>
            <br>
            <hr width=100% size=1 color=silver>
            <b>Version Information:</b> Microsoft .NET Framework Version:2.0.50727.4214; ASP.NET Version:2.0.50727.4209
            </font>
    </body>
</html>

Source
Microsoft.UpdateServices.Administration
Stack Trace:
   at Microsoft.UpdateServices.Administration.AdminProxy.CreateUpdateServer(Object[] args)
   at Microsoft.UpdateServices.Administration.AdminProxy.GetUpdateServer()
   at Microsoft.UpdateServices.UI.AdminApiAccess.AdminApiTools.GetUpdateServer()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.get_AdminApiTools()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.get_ServerState()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.SetNavigationItemEnabledStates()
   at Microsoft.UpdateServices.UI.SnapIn.Wizards.OOBE.OOBEWizard.OOBEWizardInitialize()</Data>
</EventData>
</Event>
============== MSG 2 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      13051
Task Category: 6
Level:         Warning
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
No client computers have ever contacted the server.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">13051</EventID>
    <Level>3</Level>
    <Task>6</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884373</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>No client computers have ever contacted the server.</Data>
</EventData>
</Event>
============== MSG 3 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12002
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The Reporting Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12002</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884374</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The Reporting Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 4 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12012
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The API Remoting Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12012</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884375</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The API Remoting Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 5 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12032
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The Server Synchronization Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12032</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884376</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The Server Synchronization Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 6 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12022
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The Client Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12022</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884377</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The Client Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 7 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12042
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The SimpleAuth Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12042</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884378</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The SimpleAuth Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 8 ==============
Log Name:      Application
Source:        Windows Server Update Services
Date:          9/21/2011 1:53:01 PM
Event ID:      12052
Task Category: 9
Level:         Error
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
The DSS Authentication Web Service is not working.
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="Windows Server Update Services" />
    <EventID Qualifiers="0">12052</EventID>
    <Level>2</Level>
    <Task>9</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:01.000Z" />
    <EventRecordID>884379</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOAMIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>The DSS Authentication Web Service is not working.</Data>
</EventData>
</Event>
============== MSG 9 ==============
Log Name:      Application
Source:        ASP.NET 2.0.50727.0
Date:          9/21/2011 1:53:09 PM
Event ID:      1314
Task Category: Web Event
Level:         Information
Keywords:      Classic
User:          N/A
Computer:      APP-SVR.DOMAIN.local
Description:
Event code: 4010
Event message: An unhandled security exception has occurred.
Event time: 9/21/2011 1:53:09 PM
Event time (UTC): 9/21/2011 10:53:09 AM
Event ID: 11b96ca285fa46d2a05d38e2e9b168af
Event sequence: 1
Event occurrence: 1
Event detail code: 0
Application information:
    Application domain: /LM/W3SVC/715372307/ROOT/ApiRemoting30-7-129610759889193820
    Trust level: High
    Application Virtual Path: /ApiRemoting30
    Application Path: C:\Program Files\Update Services\WebServices\ApiRemoting30\
    Machine name: APP-SVR
Process information:
    Process ID: 8332
    Process name: w3wp.exe
    Account name: NT AUTHORITY\NETWORK SERVICE
Request information:
    Request URL:
http://app-svr:8530/ApiRemoting30/WebService.asmx
    Request path: /ApiRemoting30/WebService.asmx
    User host address: 192.168.5.22
    User:
    Is authenticated: False
    Authentication Type:
    Thread account name: NT AUTHORITY\NETWORK SERVICE
Custom event details:
Event Xml:
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<System>
    <Provider Name="ASP.NET 2.0.50727.0" />
    <EventID Qualifiers="16384">1314</EventID>
    <Level>4</Level>
    <Task>3</Task>
    <Keywords>0x80000000000000</Keywords>
    <TimeCreated SystemTime="2011-09-21T10:53:09.000Z" />
    <EventRecordID>884380</EventRecordID>
    <Channel>Application</Channel>
    <Computer>APP-SVR.DOMAIN.local</Computer>
    <Security />
</System>
<EventData>
    <Data>4010</Data>
    <Data>An unhandled security exception has occurred.</Data>
    <Data>9/21/2011 1:53:09 PM</Data>
    <Data>9/21/2011 10:53:09 AM</Data>
    <Data>11b96ca285fa46d2a05d38e2e9b168af</Data>
    <Data>1</Data>
    <Data>1</Data>
    <Data>0</Data>
    <Data>/LM/W3SVC/715372307/ROOT/ApiRemoting30-7-129610759889193820</Data>
    <Data>High</Data>
    <Data>/ApiRemoting30</Data>
    <Data>C:\Program Files\Update Services\WebServices\ApiRemoting30\</Data>
    <Data>APP-SVR</Data>
    <Data>
    </Data>
    <Data>8332</Data>
    <Data>w3wp.exe</Data>
    <Data>NT AUTHORITY\NETWORK SERVICE</Data>
    <Data>http://app-svr:8530/ApiRemoting30/WebService.asmx</Data>
    <Data>/ApiRemoting30/WebService.asmx</Data>
    <Data>192.168.5.22</Data>
    <Data>
    </Data>
    <Data>False</Data>
    <Data>
    </Data>
    <Data>NT AUTHORITY\NETWORK SERVICE</Data>
</EventData>
</Event>
Saleh Ramadan

So, in reality, this issue has nothing at all to do with "it was working; now it is not", because you've destroyed all of the evidence that would exist in a "was working; now is not" scenario. What we really have here is a NEW installation that has failed.
So, from the perspective of a NEW installation that is not working...
Are there any other roles, features, services, or applications installed on this server?
Did you install the Web Server Role exactly as described in the documentation?
Did you install the WSUS Role exactly as described in the documentation?
Were there any other roles, features, services, or applications installed onto this server
after your original (working) installation of WSUS?
Lawrence Garvin, M.S., MCITP:EA, MCDBA, MCSA
Principal/CTO, Onsite Technology Solutions, Houston, Texas
Microsoft MVP - Software Distribution (2005-2011)
My MVP Profile: http://mvp.support.microsoft.com/profile/Lawrence.Garvin
My Blog: http://onsitechsolutions.spaces.live.com
Oh, well, I have red and followed the documentation exactly step-by-step on the technet library, and I can guarantee you nothing went wrong because this is not my first installation for it
When I told you about the old damaged installation and the new installation which is also failed and showed me the same symptoms as the old one, I was sure that nothing wrong with the WSUS itself, but rather it is something wrong with the environment
Answering to your above questions, the answer for all is that: that server is only used for WSUS, nothing more
Anyway, I have managed to restore the service thanks to your previous reply where you point to the CONFIG folder inside the NET framework folder, I checked the files in there, some were changed to the date I think has stopped the service, so I repaired the
NET framework 2, and restarted
It is working fine now and syncing with the update server
Saleh Ramadan

SharePoint NTLM web service from LC process problem

Hello all,
I'm struggling to get a LiveCycle process to update an internal SharePoint list via its NTLM Windows authenticated web service.
As you can see from the above, the schema definition is loaded no problem, and I can select the operation I want to run. I've used the "Test" tab to attempt to send a request to update the list:
Attempting to test the web service call (in Workbench) gives errors in the UI along with the server.log all to do with authentication problems. It's worth mentioning at this point that the "User name" and "Password" boxes on the Settings have been left blank in the screenshot. I have tried all possible combinations here, and the error messages in the log differ for each scenario, demonstrated below:
Error in UI for all:
Various Server.log errors:
Blank Username / Password
Which made me think, "I'll add a test AD username / password" and see what happens..
With Username / Password
Of course, "I'll add the domain before the username" and try again...
With Username / Password (DOMAIN\Username & Password) - (tried both fully qualified domain & shortened)
But.. It's still asking for the DOMAIN?
The solution for now:
In the meantime, I've resorted to enabling BASIC authentication on the SharePoint site, which accepts the request and returns a response, but realistically we don't want to enable this for a production environment. It also doesn't help explain what the underlying issue is with LC, or even if it's a LC issue at all!
I eagerly await some experienced person to help with knowledge on the subject..
Thanks,
Alex

Our issue may be unrelated, but you will probably encounter issues with some of SP's native web services.
I am also trying to set up processes in LC that insert list items into sharepoint, however some of SP's services in lists.asmx dont seem to have a properly exposed wsdl. I am able to get list items to properly insert (see below), and our server is set up with basic auth right now (behind the firewall).
Once you get the right creds. over basic, do you have any issues publishing content (specifically using updatelistitems)?
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soap="http://schemas.microsoft.com/sharepoint/soap/">
   <soapenv:Header/>
   <soapenv:Body>
      <soap:UpdateListItems>
         
         <soap:listName>Announcements</soap:listName>
         
         <soap:updates>
<Batch OnError="Continue" RootFolder="/Lists/Announcements">
<Method ID='1' Cmd='New'>
<Field Name='Title'>testforfields233</Field>
<Field Name='Body'>!!!!!!!!!!!</Field>
<Field Name='ApprovalStatus'>denied</Field>
<Field Name='URL'>http://www.google.com</Field>
</Method>
</Batch>
         </soap:updates>
      </soap:UpdateListItems>
   </soapenv:Body>
</soapenv:Envelope>

How to use Axis to access a web service through Authentication proxy

Using axis access internat web service is success,but access a web service through Authentication proxy is failure.But other java classes connect through a proxy to the internet which works very well:
please help me ,thank you!!!
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import javax.xml.namespace.QName;
//this is my access webservice faliure   codes
public class TestClient
   public static void main(String [] args) {
       try {
            System.getProperties().setProperty("http.proxySet", "true");
            System.getProperties().setProperty("http.proxyHost","proxy.com");
            System.getProperties().setProperty("http.proxyPort", "8080");
            System.getProperties().setProperty("http.proxyUser", "username");
            System.getProperties().setProperty("http.proxyPassword","password");
           String endpoint =
                    "http://nagoya.apache.org:5049/axis/services/echo";
           Service service = new Service();
           Call     call    = (Call) service.createCall();
           call.setTargetEndpointAddress( new java.net.URL(endpoint) );
           call.setOperationName(new QName("http://soapinterop.org/", "echoString") );
           String ret = (String) call.invoke( new Object[] { "Hello!" } );
           System.out.println("Sent 'Hello!', got '" + ret + "'");
       } catch (Exception e) {
           System.err.println(e.toString());
   }I get an "(407)Proxy authorization required" error?

I am also looking for a solution. Does any one know how to do through code instead of jvm settings?
Thanks in advance!

How to access SOAP web service with authentication, HTTP basic Authentication

Dear All
i use Flash Builder 4.5, flex 4..1, i am developing a flex client to soap webservices hosted over Glassfish 2 Java server, the web services is protected by HTTP Basic Authentication, everythime i run my code , the prombt for username and password show up, i need to pass user name and password through action script, i followed the flollowing (but was for http web service, not soap) but really did not work.
http://stackoverflow.com/questions/490806/http-basic-authentication-wi th-httpservice-objects-in-adobe-flex-air
http://forums.adobe.com/message/4262868
private function authAndSend(service:HTTPService):void
        var encoder:Base64Encoder = new Base64Encoder();
        encoder.insertNewLines = false; // see below for why you need to do this
        encoder.encode("someusername:somepassword");
        service.headers = {Authorization:"Basic " +encoder.toString()};
        service.send();
Also i noticed in debug mode, always that WARNNING raised up
Warning: Ignoring 'secure' attribute in policy file from http://fpdownload.adobe.com/pub/swz/crossdomain.xml. The 'secure' attribute is only permitted in HTTPS and socket policy files. See http://www.adobe.com/go/strict_policy_files for details.
any idea ?

Hello,
I don't know if this could help.
Another way to connect to a web service by SOAP and WSDL is to click on the Data/Services panel, then click on "Connect to Data/Services" and then select the "Web Service" (WSDL) icon. This could help as well.

Application-to-application authentication using Calendar Web Services

Calendar Web Services
Application-to-application authentication
(Proxy authentication)
Abstract:
Application-to-application authentication allows services to trust other services without having to authenticate the end-user making use of these services. The Calendar Web Services offers an application-to-application authentication mechanism called âProxy Authenticationâ.
What is Proxy Authentication?
The Calendar Web Services Proxy Authentication is a solution that was developed by the Oracle Calendar team and is similar to what SSO would be to the web. Proxy Authentication allows any application developed using the Calendar Web Services Toolkit to establish a trusted authentication link to the Calendar Server via the Calendar Web Services.
What do I need to get Proxy Authentication going?
-     The Calendar Web Services Toolkit 9.0.4.2.X (Calendarlet.jar)
-     The Calendar Web Services 9.0.4.2.X (OCAS)
-     The Calendar Server 9.0.4.2.X (Calserv)
-     Oracle Internet Directory 9.0.4.X (OID)
Your collaboration suite deployment MUST be configured in a way where the Calendar Server is connected to the OID (done by default). This is fundamental given that Proxy Auth is designed to extensively use the OID security schemes.
How to configure Proxy Authentication?
You must have:
1.     Access to the OID administrator account.
2.     Access to the ldap tools ($ORACLE_HOME/ldap/bin).
3.     Access to the Oracle Calendar Server administrator password.
OID Configuration
Create an entry for your application product in OID
The following entry needs to be created:
- cn=OracleContext
- cn=Products
- cn=MyApplicationProduct
The MyApplicationProduct.ldif will look like:
dn: cn= MyApplicationProduct, cn=Products, cn=OracleContext
objectClass: orclContainer
objectClass: top
The command to add the entry is
./ldapadd -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWROD -f ./MyApplicationProduct.ldif
Where [HOSTNAME.COM] is the OID server hostname, [PASSWROD] is the password for the OID directory and [OIDPORT] is the OID port.
Create an application entity for MyAppName in OID
The following entry needs to be added to the OID:
- cn=OracleContext
- cn=Products
- cn= MyApplicationProduct
- orclApplicationCommonName=MyAppName
The MyAppName.ldif will look like:
dn: orclApplicationCommonName= MyAppName,
cn= MyApplicationProduct, cn=Products,
cn=OracleContext
objectClass: orclApplicationEntity
objectClass: top
orclApplicationCommonName: MyAppName
userpassword: test1
The command to add the entry is
./ldapadd -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWORD -f ./MyAppName.ldif
Ensure the entry is properly configured
Perform an LDAP search to locate the entry's distinguished name:
"orclApplicationCommonName= MyAppName,
cn= MyApplicationProduct, cn=Products,
cn=OracleContext"
./ldapsearch -h HOSTNAME.COM -p OIDPORT -D "cn=orcladmin" -w PASSWROD
-b "cn= MyApplicationProduct,cn=Products,cn=OracleContext"
"objectclass=orclApplicationEntity" "c"
Grant proxy privileges to the new application entity
This creates an entry in OID:
- dc=com
- dc=oracle
- dc=us
- cn=OracleContext
- cn=Products
- cn=Calendar
- cn=UserProxyPrivilege
- uniquemember:
orclApplicationCommonName= MyAppName,
cn= MyApplicationProduct, cn=Products,
cn=OracleContext
From the $ORACLE_HOME/ocal/bin
./unioidconf -grantproxyprivilege \
"orclApplicationCommonName= MyAppName,
cn= MyApplicationProduct, cn=Products,
cn=OracleContext"
NOTE: you need the calendar server admin password.
How to use Proxy Authentication?
Once successfully done configuring your OID and Calendar Server, you must start the real work; coding. It is actually simple to implement.
In your Java application, you will simply change the BasicAuth class with the ProxyAuth class. You then set the end-user identity, along with the proxy application name and proxy application password, you registered a moment ago.
Ex:
ProxyAuth auth = new ProxyAuth();
auth.setApplicationName("orclApplicationCommonName=MyAppName, cn=MyApplicationProduct, cn=Products, cn=OracleContext");
auth.setApplicationPassword(âtest1â);
auth.setName(myUserId);
Your application will no longer need to pass the end-userâs password to the Calendar Web Services. From now on, it is your applicationâs responsibility to authenticate the end-user.
Frederic Leblanc

I found the solution:
Using the CalendaringResponse.getReceiveBuffer() and getSendBuffer() methods, the soap request looks something like this:
Sendbuffer: <?xml version='1.0' encoding='UTF-8'?>
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Header>
<auth:ProxyAuth xmlns:auth="http://www.oracle.com/WebServices/Calendaring/Authentication/1.0/"><ApplicationName>orclApplicationCommonName=MyAppName,cn=MyApplicationProduct, cn=Products, cn=OracleContext</ApplicationName><ApplicationPassword>testpw1</ApplicationPassword><Name>king</Name></auth:ProxyAuth>
</SOAP-ENV:Header>
<SOAP-ENV:Body>
<cwsl:Search xmlns:cwsl="http://www.oracle.com/WebServices/Calendaring/1.0/"><CmdId>MySearchCommandID-1</CmdId><vQuery><From>VEVENT</From><Where>DTEND >= '20061007T220000Z' AND DTSTART <= '20061014T215900Z'</Where></vQuery></cwsl:Search>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

Project Server 2010 Web services access with Client Certificate Authentication

We switched our SharePoint/Project Server 2010 farm to use client certificate authentication with Active Directory Federation Services (AD FS) 2.0, which is working without issue. We have some administrative Project Server Interface (PSI)
web service applications that no longer connect to server with the new authentication configuration. Our custom applications are using the WCF interface to access the public web services.
Please let us know if it is possible to authenticate with AD FS 2.0 and then call
Project Server web services. Any help or coding examples would be greatly appreciated.

what is the error occurred when the custom PSI app connects?
can you upload the ULS logs here for research?
What is the user account format you specified in the code for authentication?
For proper authorization, the “user logon account” in PWA for the user needs to be changed from domain\username to the claims token (e.g.
'I:0#.w|mybusinessdomain\ewmccarty').
It requires you to manually call the UpnLogon method of
“Claims to Windows Token Service”. if (Thread.CurrentPrincipal.Identity is ClaimsIdentity)
{ var identity = (ClaimsIdentity)Thread.CurrentPrincipal.Identity; }
if (Thread.CurrentPrincipal.Identity is ClaimsIdentity)
var identity = (ClaimsIdentity)Thread.CurrentPrincipal.Identity;
Than you need to extract UPN-Claim from the identity.
Upload the verbose log if possible.
Did you see this?
http://msdn.microsoft.com/en-us/library/ff181538(v=office.14).aspx
Cheers. Happy troubleshooting !!! Sriram E - MSFT Enterprise Project Management

Web Service Call with Basic Authentication does not work

If I try to use Basic Authentication in my Web Service Client with the automatically created methods
setUsername(inUserName)
setPassword(inPassword)
setAddress(inAddress)
the application does not make a call. Did I forget something?
Is it possible to use "Test Method" with Basic Authentication?
Thank you.

Thank you for your answer.
But: I already read this article. And it doesn't help me.
I use the following code:
            getMyServiceClient1().setUsername(inUserName);
            getMyServiceClient1().setPassword(inPassword);With this code I always get a java.lang.NullPointerException.
The methods setUsername and setPassword are definded as follows:
public void setUsername(String inUserName) {
        myStub._setProperty(Stub.USERNAME_PROPERTY, inUserName);
public void setPassword(String inPassword) {
        myStub._setProperty(Stub.PASSWORD_PROPERTY, inPassword);
}But if I look at the methods which are generated automatically by Sun Java Studio Creator I cannot find _setProperty.
I also found this thread in your forum:
http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=54773

Authenticated Web Services

Similar Messages

Maybe you are looking for