Authentication in webservice

Similar Messages

• OSB: HTTP digest authentication for WebServices

  Hi,
  How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
  Best regards
  Dimo

  Did you figure out how to do it.?

• Custom Authentication using WebService

  Hi,
  I am trying to create a way to Authenticate my users after calling a Webservice using Custom Authentication so that they don't have to Log on twice (SSO).
  Here is a brief description of what I'm trying to do:
  - End Users Login and get Authenticated in an iPlanet Portal.
  - Once in - they hit a link which calls my APEX Application in a new window.
  - I call the Web Service that return a response telling me if they have a valid Portal session along with username etc.
  - If they are logged in to our Portal - I authenticate them in APEX using Custom Authentication and allow them to continue.
  I have done this so far:
  - Created an After Footer Process in the Login Page(101) that calls the Web Service.
  - Created an automatic Page submit on page 101 with Javascript.
  - Changed the After Submit Process 'Set Username Cookie' to use the Login returned in the Web Service.
  - Changed the After Submit Process 'Login' to use the Login returned in the Web Service.
  - Custom Authentication is run after Page is submitted.
  - The user can then run the Application.
  Everything was working fine when I was already logged in to APEX as a Developer, but when I tried to run the application as a non-developer I get the Error:
  ORA-01400: cannot insert NULL into ("FLOWS_030100"."WWV_FLOW_COLLECTIONS$"."USER_ID")
  I now realize that my Webservice Process is trying to store the result of the Web Service call before the Login has occured - so there is no APEX User at this point.
  Does anyone have a way to accomplish what I'm trying to do?
  Thanks,
  Bill

  You should create a page sentry function based on the often-cited ntlm page sentry function discussed in this forum. That has the framework you need. Here is an example, although it's kind of old:
  function modntlm_page_sentry return boolean as
      l_current_sid            number;
      l_authenticated_username varchar2(256) := OWA_UTIL.GET_CGI_ENV('REMOTE_USER');
  begin
      if l_authenticated_username is null then
          return false;
      end if;    
      l_current_sid := wwv_flow_custom_auth_std.get_session_id_from_cookie;
      if wwv_flow_custom_auth_std.is_session_valid then
          htmldb_application.g_instance := l_current_sid;
          if l_authenticated_username = wwv_flow_custom_auth_std.get_username then
              wwv_flow_custom_auth.define_user_session(
                  p_user=>l_authenticated_username,
                  p_session_id=>l_current_sid);     
              return true;
          else -- username mismatch. Unset the session cookie and redirect back here to take other branch
              wwv_flow_custom_auth_std.logout(
                  p_this_flow=>v('FLOW_ID'),
                  p_next_flow_page_sess=>v('FLOW_ID')||':'||nvl(v('FLOW_PAGE_ID'),0)||':'||l_current_sid);
              htmldb_application.g_unrecoverable_error := true; -- tell htmldb engine to quit           
              return false;
          end if;
      else -- application session cookie not valid; we need a new htmldb session
          wwv_flow_custom_auth.define_user_session(
              p_user=>l_authenticated_username,
              p_session_id=>wwv_flow_custom_auth.get_next_session_id);
          htmldb_application.g_unrecoverable_error := true; -- tell htmldb engine to quit
          if owa_util.get_cgi_env('REQUEST_METHOD') = 'GET' then
              wwv_flow_custom_auth.remember_deep_link(p_url=>'f?'||wwv_flow_utilities.get_cgi_query_string_decoded);
          else
              wwv_flow_custom_auth.remember_deep_link(p_url=>'f?p='||
                  to_char(htmldb_application.g_flow_id)||':'||
                  to_char(nvl(htmldb_application.g_flow_step_id,0))||':'||
                  to_char(htmldb_application.g_instance));
          end if;
          wwv_flow_custom_auth_std.post_login( -- register session in htmldb sessions table,set cookie,redirect back
              p_uname     => l_authenticated_username,
              p_flow_page => htmldb_application.g_flow_id||':'||nvl(htmldb_application.g_flow_step_id,0));
          return false;       
      end if;   
  end modntlm_page_sentry;You would replace this:
  l_authenticated_username varchar2(256) := OWA_UTIL.GET_CGI_ENV('REMOTE_USER');
  ...with whatever statement will allow you to get the authentication status and authenticated user name from the environment, from HTTP headers, or from some other external source.
  Then you would put this into the page sentry function attribute of the authentication scheme for your application:
  return modntlm_page_sentry;
  Of course you can name it anything you like but it should be compiled in your applicaiton's parsing schema.
  Scott

• EP Authentication through WebService

  Hi all,
  I need to implement a login module in a .NET standalone application that gets the user profile in EP 6.0 SP2. Next the app will send some SOAP messages to SAP XI.
  I want to validate the user and password from a .NET login screen and validate the user & password in the Portal.
  I have read something about UMWebService but it doesn't include any login method.
  Another question is how to authenticate in the UMWebService if it's set HIGH_LEVEL security zone. I am able to execute it with Everyone access permitted, but if I avoid Everyone access to the security zone how can I pass the user & password to the WebService from .NET app. If this is possible with something like "Credentials" object, I can execute some dummy method in the standard WebService and if I get response I assume that the user is authenticate because it has been able to execute the webservice. If not, and exception "Authentification error while executin UMWebService".
  Any solution for this problem?
  Any other solution?
  Thanks

  Hi Luis,
  why <u>explicitely</u> verifying user and password? What about doing it <u>implicitely</u> by having some "ping" like portal web service which requires authentication and using that web service then? If you add valid credentials to the web service request, authentication to the portal should succeed and you should receive a response that contains some expected "ping" data.
  No need to alter security zones then
  Regards
  Heiko

• Basic Authentication in WebService

  Hi,
     I am trying to authenticate in web service with basic authentication but I can not.
     The code:
     var w:WebService = new WebService();
     var encoder:Base64Encoder = new Base64Encoder();
     encoder.insertNewLines = false;
     encoder.encode("teste:teste");
     w.httpHeaders = {Authorization:"Basic " + encoder.toString()};
     w.loadWSDL("http://192.168.0.205:8080/jasperserver-pro/services/repository?wsdl");
     When I run the browser always asks for username and password and in a sniffer, for example firebug, I do not see the authentication header in HTTP package.
     Can anyone help me?
  Thank you.

  var enc:Base64Encoder = new  Base64Encoder();
                  enc.encode("test:supp0rt");
                  web_Service_id.httpHeaders= {Authorization:"Basic " + enc.toString()};

• Authentication for Webservice

  Hi All,
  I have exposed my outbound interface as a webservice sucessfully
  But the problem is I need to provide a User Id  to contact XI SOAP adapter. I dont require any authentication for this webservice client. How can I disable the authentication check for this particular webservice.
  I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?
  Regards,
  Jai Shankar

  Jai,
  ><i>How can I disable the authentication check for this particular webservice.</i>
  Check this thread. But this will turn of Authentication for all SOAP Sender Adapters.
  User Names and Passwords in SOAP adapter
  ><i>I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?</i>
  Its either for all SOAP adapters or for none . there is no middle ground.
  Better way is to use Access Control List.
  Regards
  Bhavesh

• Regarding Kerberos authentication for webservices.

  Hi,
        I need to use kerberos authentication for my receiver webservice.  I am working in PI7.1 . Which adapter I can use for this ( WS-RM adapter or SOAP adapter) and How to configure it for kerberos. I mean, which value of authentication parameter refers to kerberos authentication.
  Regards,
  Reyaz hussain

  Hi Reyaz,
  To tell you frankly i never come across this kerberos protocol but since you would like to use there is certainly a chance after the launch of PI 7.1. The launch has Opened the Door to the World of Web Services Reliable Messaging.  "The Integration Directory enables you to easily configure scenarios where the Integration Server acts as a message hub between WS-RM-enabled applications and any other application or technical system. Thus, you can configure scenarios where either a Web Service client calls the Integration Server and the message is then routed to any other application, or the other way around where any application calls a Web Service provider via the Integration Server. In the Integration Directory you can do the complete configuration of the Integration Server inbound or outbound processing."
  https://www.sdn.sap.com/irj/scn/wiki?path=/display/profile/2007/07/25/new+news&focusedcommentid=44360
  Regards
  joel

• Basic authentication call webservice

  Hey,
  I'm making a Flex webshop and uses a webservice on XI as datasource. Now, each time I start the webshop, I need to login on this webservice. I want to hard code the credentials or another solution so I don't reveive the authentication screen anymore.
  Anyone an idea how I can do this?
  Thanks in advance!
  Brecht Bauwens
  Edited by: Brecht Bauwens on Mar 27, 2008 10:32 AM

  hi
  check the below links
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/a4433436-0301-0010-f2a9-9281ad574054
  www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/591c31cf-0d01-0010-8ab7-a1f7d032a66c
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/244e7923-0a01-0010-5887-fe0b0c6dbb8d
  www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/dab85be0-0601-0010-c6aa-b20626aa3cd5
  note:reward points if solution found helpfull.....
  regards
  chandrakanth.k

• Invoke NTLM Authentication Based WebService from BPEL

  Hi All,
  I am working with SOA Suite 11.1.1.6 version deployed on Weblogic Server (Linux Based OP).
  I have a requirement where i need to invoke a webservice which exposes a NTLM Based Authentication. Since this particular webservice doesn't even get loaded if we dont pass the credentials. For example :- If i hit the WSDL URL on browser, it first ask for the credentials and on success , it loads the WSDL File.
  First i have tried using this WS using SOAP UI and were able to invoke it successfully , because SOAP UI can handle the NTLM Authentication Properly. And it gives us the wizard to put the credentials when we load the WSDL in SOAP UI.
  But the problem comes when i use that WS using our SOA Composite. The WSDL Doesn't get loaded only , since it requires the credentials first. I am not sure how should i go ahead and invoke this. I have checked lot of blogs but none of them were useful for me.
  Did anybody face this issue/ task to invoke a WS which doesn't get loaded without passing the credentials and also to invoke it through BPEL composites deployed on the weblogic server (based on Linux OP).
  Please suggest!!!
  Regards,
  Shah

  Hi,
  I am in a similar situation.
  I am able to successfully invoke the webservice via soapUI when I pass the username, password and the domain.
  If I do not pass the domain name in the SOAPUI or even in SOA, I get HTTP 401, Unauthorized error. 
  However, I am able to set only the
  oracle.webservices.auth.username a
  oracle.webservices.auth.password properties when I configure it in SOA 11g.
  I tried passing the domain name in the oracle.webservices.auth.username property as domainname\username. But no luck
  The composite is deployed on a linux server. Please suggest/advice any pointers to resolve this NTLM authentication issue.

• How to eliminate authentication of webservice

  Hello i have deployed a webservice , which as you know when called expects a username and password . Now i am trying to call from VB6 wihch is easy to call without authentication. now is there any way i can eliminate authentication over the webservice XI is holding? if so how ?
  Krishna

  Hi,
  Are you calling WebService from XI via SOAP Reciever Adapter ? If so , there is an indicator in the SOAP configuration <i>Configure User Authentication</i> ..
  so you can go further on this-
  More-
  http://help.sap.com/saphelp_nw2004s/helpdata/en/29/5bd93f130f9215e10000000a155106/content.htm
  Is this is your scenario?my understanding may be wrong here.
  Regards,
  Moorthy

• User authentication for webservices

  Hi,
  I am using Oracle R12.
  I want to know how oracle handles user authentication when calling custom APIs through Integrated SOA Gateway.
  I know that we are using security headers to do this.  The header part is given below.
     <soapenv:Header>
       <xx:SOAHeader>
          <xx:Responsibility>INVENTORY_VISION_OPERATIONS</xx:Responsibility>
          <xx:RespApplication>INV</xx:RespApplication>
          <xx:SecurityGroup>STANDARD</xx:SecurityGroup>
          <xx:NLSLanguage>AMERICAN</xx:NLSLanguage>
          <xx:Org_Id>204</xx:Org_Id>
       </xx:SOAHeader>
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
          <wsse:UsernameToken wsu:Id="UsernameToken-1">
             <wsse:Username>uname</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
             <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rerr6et6eHFV</wsse:Nonce>
             <wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
          </wsse:UsernameToken>
       </wsse:Security>
    </soapenv:Header>
  But when a person is simply logging in to the application how can we choose a responsibility without know what responsibilities a person has?
  The  <xx:SOAHeader></xx:SOAHeader> is not mandatory. So can i simply not pass this header? Or is there a default responsibility that can be specified for all users?
  Also in what scenarios is the <wsse:Security> header not required? I recently checked and found that even without providing the Security header, it is possible to execute service in ISG. Hence the question.
  Thanks,
  Anoop

  Hi,
  Ok, so you want to know for an user , what responsibility you should use in order to be able to perform the invocation?
  Here is an example for Sysadmin user
  Select usr.user_name,usr.user_id, resp.RESPONSIBILITY_NAME ,
  resp.RESPONSIBILITY_KEY, grp.SECURITY_GROUP_KEY, grp.SECURITY_GROUP_ID,
  APP.APPLICATION_SHORT_NAME ,APP.APPLICATION_ID
  From FND_USER_RESP_GROUPS furg, FND_USER usr, fnd_responsibility_vl
  resp,FND_SECURITY_GROUPS grp,FND_APPLICATION APP
  where furg.user_id=usr.user_id
  and furg.RESPONSIBILITY_ID=resp.RESPONSIBILITY_ID
  and furg.SECURITY_GROUP_ID=grp.SECURITY_GROUP_ID
  and furg.RESPONSIBILITY_APPLICATION_ID=APP.APPLICATION_ID
  and usr.user_name='SYSADMIN'
  regards
  Mihai

• Digest authentication for webservices

  Hi,
  Does WLS9.2 support digest authentication?
  protocol described in RFC 2617 (http://www.ietf.org/rfc/rfc2617.txt)
  Thanks

  Did you figure out how to do it.?

• Android authentication sharepoint webservice

  Hi does anyone has an example about how access and authenticate a sharepoint webservice from an android os?,, thanks in advanced

  Hi Diego,
  Were you ever able to figure this out?
  If yes, kindly share the details.
  Much appreciated.
  Thanks,
  Charan

• Forward Proxy Authentication SAP Webservice Framework HELP!

  Hi,
  i have built as WS Client using the SAP Standalone Proxy. The client will utilize a forward proxy to access my Webservice. Unfortunately the documentation does only give information how to set the proxy address and port:
  port._setProperty"javax.xml.rpc.http.proxyhost","proxy");
  port._setProperty("javax.xml.rpc.http.proxyport","8080");
  The is no hint how to set a proxy user and password? Does anybody know the answer to my question here?
  Cheers,
  Heiko

  Hi Heiko,
  Get SecurityProtocol as described <a href="http://help.sap.com/saphelp_nw04/helpdata/en/ab/c955e2e2d24a888127f211f2d5043f/frameset.htm">here</a> .
  Use methid <i>public void addHeader(String key, String value)</i> to add HTTP header:
  String authString = "username" + ":" + "password";
  String auth = "Basic " + new sun.misc.BASE64Encoder().encode(authString.getBytes());
  securityProtocol.addHeader("Proxy-Authorization", auth);
  Best regards, Maksim Rashchynski.

• Simple Authentication of Webservice

  Hi,
  I have read a lot of documentation regarding this but was not able to find any specific example.
  I am in SAP r/3 4.7/6.20.
  I developed an RFC which automatically can be published as a webservice in this version through /soap/rfc node in SICF.
  The problem is when  I give the WSDl file to the user to consume my service there is no place I have to mention the SAP userid and password which he needs to provide.
  He has a SAP id and password and  I want him to provide that.
  If he just puts it in the endpoint URI(like "https://testsite.abc.com/sap/bc/soap/rfc/sap/services?ZTEST&sap-user=test&sap-password=test" he can get into SAP but I believe its a security issue.
  Can someone tell me any other way the client can send the SAP id and password and how I can authenticate it when he makes the call to my webservice?

  i solved this my asking the client code to use
  impl.setUsername = Username("test");
  impl.setPassword = Password("test")'
  where impl is the class genereated on the client side for the Implementation of the function.