Authentication on Web Service

Similar Messages

• Authenticating the web service

  Hi
      i am using a web service but not able there i have hard coded the username and password to access the web service i don't want that i want user should enter the user name and password used in UME authentication or it should call separate HTTP Authentication but i am not able to do that so please guide me in this regards
  Thanks in advance

  Hi,
  Run through the following links to know about authentication for web service:
  https://www.sdn.sap.com/irj/servlet/prt/portal/prtroot/docs/library/uuid/aed49d0d-0301-0010-6d84-e3e104dc1644
  http://help.sap.com/saphelp_nw04/helpdata/en/7c/a6d13f83a14d21e10000000a1550b0/frameset.htm
  Hope this helps,
  Regards,
  Srinivasan T

• Authentication via Web Service

  I'm working on a custom Page Sentry function to tie HTML DB to our existing web Authentication scheme. I've got most of it sorted out, but the glue I'm missing is a call to verify the session details to our external system.
  Preferrably, I'd like to use a Web Service to check the session. That is, from within the Page Sentry, call a Web Service, passing it session details, and getting back the response to determine whether to continue or not. (Note: "Session" here refers to our external Auth system, not HTML DB sessions)
  Is this possible? (Or: Is this feasible?)
  How can I call a web service from within PL/SQL?
  Thanks...

  Hi,
  You need background information on the HTTP ABAP user authentication concept.
  Read :
  http://help.sap.com/saphelp_nw70/helpdata/EN/b0/4d2b418a3edb2be10000000a1550b0/frameset.htm
  You should get useful information and come back eventually with specific question.
  It is not possible to authenticate with a web service (hopefully because that would be a big security risk). It is even the contrary : you must be autenticated to call the web service.
  Regards,
  Olivier

• Basic Authentication for Web Services

  I have build Web Service according to the weblogic 6.1 examples
  successfully deploying the .ear file etc.
  Now I want to add security to the WebService uri.
  I have added a <web-resource-collection> tag to the web.xml file, but
  what should I put for the <url-pattern> ?
  Am I obliged to 'manually' add <servlet> tags to the web.xml file in
  order to add a security constraint to a WebService deployed thru a
  .ear ?
  Taking WebLogic's own statelessSession.Weather example, what is the
  minimum I need to add to the web.xml file to have basic authentication
  on the weatheruri ?
  Thanks,
  Adam

  Ok, now I'm confused.  Is this a Flex app (runs in the browser) or an AIR app?  This makes a difference because in the browser, Flash Player/Flex uses the browser's http mechanism for transport, while AIR implements it directly.  The original posted indicated some difference between Firefox and IE, which led me to believe it was a Flex browser app.  Difference between these two would make me think something was wrong with the server response, and the two browsers were passing it (the problem) back to Flash Player differently.
  Mark

• SUP user authentication for web services

  Hi there.
  Has anyone in the comunity had any experience with building Web Service based Mobile Business Object (MBO) in SUP 1.5.2. We have built a mobile application for a blackberry device which consumes two ERP web services. The application deploys successfully and runs on the blackberry device just fine. However, untill now the user credentials needed to authenticate a consumer to a web service has been hard-coded into the mobile business object. This, from an accountability point of view, is not an acceptible model (i.e. all mobile users would be logging in to the ERP backend with 1 common user ID).
  Has anyone had any experience and could suggest an an alternative solution to this that would support accountability i.e. map SUP users to ERP users, trusted connections etc. and is this possible with SUP 1.5.2?
  S

  Actually, SUP 1.5.2 just provides the HTTP basic authentication for WS-MBO. It is enable that to create 'username' and 'password' on the WS-MBO as two input parameters. Thus, you can design your device app in SUP to prompt the dialog to accpet the username and password before you access your WS-MBO. Similar, if your web-service has input argument for username and password, you also can design a dialog like above.

• Implementing authentication for web services

  Hi all,
  I'm struggling trying to guess how to implement basic HTTP authentication as well as using certificates in order to apply HTTPS, for some web services we've created, running on the Oracle Application Server 10.1.12. The web services were implemented using JDeveloper 9.0.4. Any help would be very appreciated.
  Thanks in advanced and regards,
  Luis

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• Setting Basic Authentication for Web Service in WLS 6.1

  Hi,
  I am trying to set-up a Basic Username/Password authentication for a Web Service
  that is hosted in WLS 6.1.
  How do I go about doing that? Also once I get the username and password, how do
  I pass that info
  to the SOAP servlet to do the authentication? Can you give me some pointers on
  this?
  Thanks
  Madhu

  How do you want to do it? Through use of client.jar for the service or
  directly? Here is how I do it directly:
  String auth = "guest", pwd = "guest";
  URL url = new URL("http://localhost:7001");
  URL cmdURL = new URL(url.toString()+"/systemtest/TestWebService");
  HttpURLConnection conn = (HttpURLConnection) cmdURL.openConnection();
  String encAuth =
  new BASE64Encoder().encode((auth + ":" + pwd).getBytes());
  // BASE64Encode distributes long strings on multiple
  // lines; we don't like that, no siree
  int it = 0;
  while ((it = encAuth.indexOf('\n')) != -1
  || (it = encAuth.indexOf('\r')) != -1) {
  encAuth = encAuth.substring(0, it) +
  encAuth.substring(it + 1);
  conn.setRequestProperty("Authorization", "Basic " + encAuth);
  conn.setRequestProperty("Content-Type", "text/xml");
  conn.setRequestProperty("SOAPAction", cmdURL.toString());
  conn.setDoOutput(true);
  conn.setDoInput(true);
  conn.setUseCaches(false);
  OutputStream oStr = conn.getOutputStream();
  String cmd =
  "<?xml version=\"1.0\" ?>\n"
  + "<soap:Envelope xmlns:soap=\"http://schemas.xmls"
       + "oap.org/soap/envelope/\"><soap:Body>"
  + "<ping><arg0>false</arg0></ping>"
  + "</soap:Body></soap:Envelope>";
  oStr.write(cmd.getBytes());
  oStr.close();
  InputStream iStr = conn.getInputStream();
  byte[] buffer = new byte[1024];
  while (true) {
  int size = iStr.read(buffer);
  if (size == -1)
  break;
  System.out.println(new String(buffer, 0, size));
  ThorAAge

• Configure User Authentication in Web Service

  Hi,
  I have a receiver soap channel that consume a web service with user authentication. I am setting the user/password in Connection Parameters section, but I'm getting the error from the web service:
  Incoming message does not contain required Security header
  Any ideas about what's wrong in my channel?
  Regards,
  Ismael

  Hi,
  It doesn't work in my case (It's said in the first post).
  I have tested it using PI 7.1 using:
  - "Message Protocol=SOAP 1.1." and filling user/password in "Configure User Authentification" and I get the error:
  soap fault: WSDoAllReceiver: Incoming message does not contain required Security header
  - "Message Protocol=Axis ." I get the error:
  com.sap.engine.interfaces.messaging.api.exception.MessagingException:
  javax.ejb.EJBException: Exception in getMethodReady() for stateless bean sap.com/com.sap.aii.axis.app*xml|com.sap.aii.adapter.axis.ejb.jar*xml|AFAdapterBean;
  nested exception is: com.sap.engine.services.ejb3.util.pool.PoolException: javax.ejb.EJBException:
  Exception raised from invocation of public void com.sap.aii.adapter.axis.modules.AFAdapterBean.ejbCreate() throws javax.ejb.CreateException method on bean instance com.sap.aii.adapter.axis.modules.AFAdapterBean@5902bd4b for bean sap.com/com.sap.aii.axis.app*xml|com.sap.aii.adapter.axis.ejb.jar*xml|AFAdapterBean; nested exception is: javax.ejb.CreateException: java.lang.NoClassDefFoundError: org/apache/axis/AxisFault
  Regards,

• Adding Authentication to Web Service using JDeveloper

  Hi Gurus,
  I am new to weblogic 10.3 and Jdeveloper 11.1.3. Using Jdeveloper, I imported few packages from database , right clicked and published them as a webservice on a weblogic server. I did not select any WLS policies. The web service is working fine. Now i want to add some basic authorization (username/password) to this webservice.
  Which policy should i use ?
  Where should i configure this username\password so that all the webservices uses same user for authenctication ? Do i have to create this user on the weblogic server? If yes then how.
  Thanks in Advance.
  Jack

  Hi,
  If you are using JAXWS based WebService then you can give it a try:
  http://weblogic-wonders.com/weblogic/2010/01/09/username-token-in-jaxws-webservice/
  This sample demonstrates ..How we can use UserName/Password Authentication in JAXWS Service. This will be very Easy for you to develop using JDeveloper...U need to Just the add Following XML file as a Policy inside your Application.
  Using the following Policy:
  <font color=maroon>
  <?xml version=”1.0″?>
  <wsp:Policy
  xmlns:wsp=”http://schemas.xmlsoap.org/ws/2004/09/policy”
  xmlns:sp=”http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512″>
  <sp:SupportingTokens>
  <wsp:Policy>
  <sp:UsernameToken
  sp:IncludeToken=”http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200512/IncludeToken/AlwaysToRecipient”>
  <wsp:Policy>
  <sp:WssUsernameToken10/>
  </wsp:Policy>
  </sp:UsernameToken>
  </wsp:Policy>
  </sp:SupportingTokens>
  </wsp:Policy>
  </font>
  Thanks
  Jay SenSharma

• Approaches for Authentication through Web Services

  Hi All,
  I am calling a webservice through my portal service. This web service is on the (DI) Data Integration box which is not SAP.
  I need to know approaches with which I can authenticate users when they use this webservice call. I mean how do I authenticate users who will be using this application which will call a web service on the DI box.
  So when the user clicks on the submit button, this web service on the DI box is invoked, I want to authenticate users at this point, so that no unauthorized users are able to post data to DI box.
  Also, I do not want any kind of login window popping up. It should be something like a SSO.
  Please auggest approaches that I can use.
  Thanks

  HI Gopala,
  I have gone through the pdf. My requirement is a little different. Instead of authenticating the users on the portal, I wan to authenticate them on the Data Integration box.
  It will be something like this:
  Step 1. User logs on the portal.
  Step 2. User uses my custom applicatioon that calls a webservice.
  Step 3. When the webservice is being called (after the user clicks on the submit button), I want to ensure that authorized users are using this application and also that authorized users are posting the data to the Data Integration box, which is IBM data stage.
  Step 4. When the request reaches the datastage box, it authenticates the user before posting the data.
  Step 5. If the user is valid, the data is posted, if not, a message is returned saying "Unauthorized".
  I know that the authentication logic will be in IBM Datastage (Data Integration box) but what my question is that how do I pass the userid and password of the logged in user in the portal to Data Integration box through the webservice.
  Im calling the webservice exposed by the Data Integration box through my portal service.
  Are there any other way for authenticating the users? I read that I could use Public Key Infrastructure (PKI) or digital certificates, but again, how do I use this mechanism.
  Any suggestion or direction will be of great help.
  Thanks,
  S.B

• Trusted Authentication with Web Services SDK

  Hi,
  I have just configured my BO server to use Trusted Authentication (REMOTE_USER) and It works with Infoview so I don't need the logon page to enter user and password.
  I also have an .NET application that uses Web Services SDK and I would like to use Trusted Authentication on it.
  Is there any code to access to BO using Web Services SDK?
  Before the configuration, I was using this code:
  string m_strURL="http://server:8080/dswsbobje/services/Session";
  BusinessObjects.DSWS.Connection oConnection = new BusinessObjects.DSWS.Connection(m_strURL);
  BusinessObjects.DSWS.Session m_wiSession = new Session(oConnection);
  BusinessObjects.DSWS.Session.EnterpriseCredential oEC = new EnterpriseCredential();
  oEC.Login = strLogin;
  oEC.Password = strPassword;
  oEC.AuthType = "secLDAP";
  SessionInfo oSI = m_wiSession.Login(oEC);
  Now, I want to use Trusted Authentication in my .NET application so I wouldn't have to enter user and password.
  I have looking for some code, but I haven't found it yet. I hope you could help me.
  Thanks,
  Sandra

  Hi, Ted,
  I'm trying to use Trusted Authentication to access QaaWS (via WSDL/Axis, NOT Xcelsius).  I enabled it from CMC, put the shared secret in a correct location (win32_x86 directory) and made the change to dsws.properties file, then I restarted tomcat.  However, the system failed to login.  Below is the trace log.  Is Trusted Authentication supported for QaaWS?  Thanks!
  <br/>
  =======
  <br/>
  2010-02-18 14:09:20,781 [http-8080-Processor25] ERROR com.businessobjects.qaaws.internal.transport.QaaWSServlet () 297906 - invoke()
  java.lang.Exception: com.crystaldecisions.sdk.exception.SDKServerException: Enterprise authentication could not log you on. Please make sure your logon information is correct. (FWB 00008)
  cause:com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuse: IDL:img.seagatesoftware.com/OCA/oca_abuse:3.2
  detail:Enterprise authentication could not log you on. Please make sure your logon information is correct. (FWB 00008)
  The server supplied the following details: OCA_Abuse exception 10498 at [.\secpluginent.cpp : 832]  42040 {}
       ...Invalid password
       at com.businessobjects.qaaws.internal.webi.WISessionMgr.makeSession(Unknown Source)
       at com.businessobjects.qaaws.internal.transport.QaaWSServlet.invoke(Unknown Source)
       at com.businessobjects.qaaws.internal.transport.QaaWSServlet.doPost(Unknown Source)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
       at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
       at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
       at java.lang.Thread.run(Thread.java:595)
  Caused by: com.crystaldecisions.sdk.exception.SDKServerException: Enterprise authentication could not log you on. Please make sure your logon information is correct. (FWB 00008)
  cause:com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuse: IDL:img.seagatesoftware.com/OCA/oca_abuse:3.2
  detail:Enterprise authentication could not log you on. Please make sure your logon information is correct. (FWB 00008)
  The server supplied the following details: OCA_Abuse exception 10498 at [.\secpluginent.cpp : 832]  42040 {}
       ...Invalid password
       at com.crystaldecisions.sdk.exception.SDKServerException.map(SDKServerException.java:107)
       at com.crystaldecisions.sdk.exception.SDKException.map(SDKException.java:196)
       at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:710)
       at com.crystaldecisions.sdk.occa.security.internal.LogonService.userLogon(LogonService.java:295)
       at com.crystaldecisions.sdk.occa.security.internal.SecurityMgr.userLogon(SecurityMgr.java:162)
       at com.crystaldecisions.sdk.framework.internal.SessionMgr.logon(SessionMgr.java:425)
       ... 19 more
  Caused by: com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuse: IDL:img.seagatesoftware.com/OCA/oca_abuse:3.2
       at com.crystaldecisions.enterprise.ocaframework.idl.OCA.oca_abuseHelper.read(oca_abuseHelper.java:106)
       at com.crystaldecisions.enterprise.ocaframework.idl.OCA.OCAs._LogonEx4Stub.UserLogonEx4(_LogonEx4Stub.java:80)
       at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
       at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
       at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
       at java.lang.reflect.Method.invoke(Method.java:585)
       at com.crystaldecisions.enterprise.ocaframework.ManagedService.invoke(ManagedService.java:424)
       at com.crystaldecisions.sdk.occa.security.internal._LogonEx4Proxy.UserLogonEx4(_LogonEx4Proxy.java:222)
       at com.crystaldecisions.sdk.occa.security.internal.LogonService.doLogon(LogonService.java:347)
       at com.crystaldecisions.sdk.occa.security.internal.LogonService.doUserLogon(LogonService.java:684)
       ... 22 more
  org.apache.axis2.AxisFault: org.apache.axis2.databinding.ADBException: Unexpected subelement table
       at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
       at service.wsdl.heartFailure.HFReliabilityScoreStub.fromOM(HFReliabilityScoreStub.java:4131)
       at service.wsdl.heartFailure.HFReliabilityScoreStub.runQueryAsAService(HFReliabilityScoreStub.java:201)
       at org.apache.jsp.AuthTest_jsp._jspService(AuthTest_jsp.java:78)
       at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:98)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
       at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:331)
       at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:329)
       at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:265)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:873)
       at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
       at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
       at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
       at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
       at java.lang.Thread.run(Thread.java:595)

• Create User for Target (Terminal Adapter) with private key authentication through web service

  Hi
  I have a question about Terminal adapter.
  My current aim is to create process "Execute script through ssh on remote Linux system" with  input parameters ( login, path to private key, path to script)
  It was very helpful to find this discussion https://supportforums.cisco.com/message/3543289#3543289 .
  Is  there a way to create  Public-key Authenticated Admin Runtime User with private key for authentication by using NB webservice ?

  I will second Shaun's comment...
  Unfortunately, it looks like this is not possible in 2.3.X. (That is you can create the user but the fields you need to use to configure that user properly do not appear to be exposed to the Northbound Web Service).
  It looks like something that will be fixed in a future release of Process Orchestrator.
  Svetlana

• Mutual authentication for Web services in BPEL

  Hi Guys,
  We have to call a few web services in bpel and our partners would want us to mutually authenticate the data that is exchanged.
  So that mean they provide us with a certificate file and we provide them with a certificate file.
  We have been using client certificates in our cacerts file and encrypting the request we send using that but we are not too sure how to set up a key in bpel so that we can decrypt the responses of the webservices.
  Does anybody have any idea how to do it. It would be a great help.
  Cheers
  Sandeep

  I would suggets to read the online tutorial:
  http://www.oracle.com/technology/products/ias/bpel/index.html
  and try one of the tutorials:
  2-Minute Product Tour
  BPEL: Learn by Example (PDF)
  Quick Start Tutorial - JDeveloper 10g (PDF)
  Quick Start Tutorial - Eclipse (PDF)

• Portal Authentication from web service

  I would like to run a web service on a remote machine that checks if the user of the web service exists as a portal user.
  My initial thought was to just log the user in whenever they attempt to use the web service and then log them out at the end. I have researched the AuthContext class and attempted a test implementation however it errors looking for certain AM Property files.
  Perhaps I should just access the directory server directly? Basically, I just want to restrict usage of the web service to the existing portal users.
  If anyone could offer any suggestions it would be appreciated. (Code examples or snippets would be appreciated)
  Thanks in advance...
  Jason

  Hi,
  1) If your webservice is on the same network:
  - Just bind to LDAP (this is the fastes way)
  2) OR You can also use identity SDK to connect
  to your instance and receive AMUser object.
  3) If you are not on the same network( SRAP access):
  You can create a "stand alone" jsp or servlet which
  doing (1) or (2) and your webservice talks over https to this servlet.
  4) Logging user to portal is too much overhead and
  at the end you don't know if user is a portal user or
  just has login privilege to identityserver...
  Cheers,
  Alex :-)