Basic auth and MSIE
Hi,
I'm using basic auth and used to send username/password with
the URL to authenticate from another webserver (with some other
kind of authentication), but - as you know - Microsoft doesn't
support that any longer and so this works for some other
webclients but not for IE (or only with a patch, that isn't installed
everywhere).
Now I have seen that for Apache there is a module called
mod_auth_cookie to fake that kind of implicit authentification.
My Question: has anybody done this for SJWS or can't that
be done?
TIA
Reinfried
Hi,
Please check the below link
Re: Accessing Portal component without login screen
hope is solve your problem.
Raghu
Similar Messages
-
HTTP Basic Auth and Proxy Auth
Hi,
i have a problem with the authentication against a proxy server and against a content provider. At first I have to authenticate against the proxy to get "free internet". The next step is to authenticate against the content provider to get a html or xml file.
The following source code runs very good in Eclipse, i.e. as JUnitTest. But If I execute the same code within a weblogic server, I will get an error (not authenticated). I believe I get this message from the content provider and not from the proxy because If I test this code within the weblogic server and with no authentication (i.e. google needs no authentication), I will get a valide xml/html file.
StringBuffer sb = new StringBuffer();
SimpleAuthenticator simple = new SimpleAuthenticator("joeuser","a.b.C.D"); //from openbook
Authenticator.setDefault(simple);
String strUrl = "http://www.rahul.net/joeuser/";
URL url = null;
try {
url = new URL(strUrl);
} catch (MalformedURLException e) {
// TODO Auto-generated catch block
e.printStackTrace();
URLConnection conn = null;
InetSocketAddress addr = new InetSocketAddress("proxy.domain",8080);
Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);
try {
conn = url.openConnection(proxy);
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
String proxyStr = "username" + ":" + "passwordl";
String encoded = new String(Base64.encodeBase64(proxyStr.getBytes()));
conn.setRequestProperty("Proxy-Authorization", "Basic " + encoded);
// get http status code which is located in header field 0
String status = conn.getHeaderField(0);
if (status.contains("200")) {
BufferedReader in = null;
try {
in = new BufferedReader(new InputStreamReader(conn.getInputStream(),
"ISO-8859-1"));
String inputLine;
while ((inputLine = in.readLine()) != null) {
sb.append(inputLine);
in.close();
} catch (UnsupportedEncodingException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
else {
System.out.println("Error");
System.out.println(sb.toString());
public class SimpleAuthenticator
extends Authenticator
private String username,
password;
public SimpleAuthenticator(String username,String password)
this.username = username;
this.password = password;
protected PasswordAuthentication getPasswordAuthentication()
return new PasswordAuthentication(
username,password.toCharArray());
Does somebody know a solution? I need the authentication against proxy and content provider in "one application".
Thank you very much,
AndréI typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.
-
HTTP Basic Auth and Username Authentication with Symmetric Key
Hi,
I have a webservice happily running on tomcat 5.5 using "Username Authentication with Symmetric Key" I have certificates setup and everything works fine. I can even connect a .net client and use the service.
Now I have an additional requirement of authorization per operation basis so I'm planning on using the roles. My current setup uses tomcat-users.xml to configure users but I seem unable to identify the role of the user from within my code as wsContext.isUserInRole("briefing") always returns false even when it clearly isn't. Where wsContext = @Resource private WebServiceContext wsContext.
So I figure perhaps I need to add HTTP Basic Auth to tomcat for it to gather this information so I added security-constraints to the web.xml and this seems to do the trick: at least it does for my .net client.
If I do:
Service service = new Service();
Port client = service.getPort();
BindingProvider bp = (BindingProvider)client;
bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername");
bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword");Then it all works fine. However, I'd like a little less transparency: I don't want to have to do this every time I make a call.
My question(s) is:
1) Am I going about this the right way (perhaps I am somehow getting the incorrect reference to the WebServiceContext)
2) If I am going about this the right way I imagine the whole BindingProvider code needs to be added to as a policy configuration but I'm really not sure where to start especially as I'm using wsimport to generate everything: I'm not even sure where to configure this so it will not get overwritter.
Thanks for any help.Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
All in all does this setup sound right? -
BASIC Auth and WSDL in WebLogic 7
I want to protect my web service URI with HTTP basic authentication. I've modified
the web.xml and protected my web service URI and all works fine. However, this
also protects the dynamically generated WSDL URL.
Is there a way to pass the user/password to the JAX-RPC client for the WSDL URL?
If not, what is the best way to expose the WSDL through a different unprotected
URI while still dynamically generating it?
MikeI am aware that this is an old post, but I have never seen a good answer for this
question and have been struggling with it myself. How do you protect web services
with basic authentication, but at the same time expose the generated WSDL?
The best way I have found is to protect only post requests:
<security-constraint>
<web-resource-collection>
<web-resource-name>myservice</web-resource-name>
<url-pattern>/myservice/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeRoleName</role-name>
</auth-constraint>
</security-constraint>
Since web service requests are posts, security does kick in on the invocation.
The WSDL 'get' requests are allowed. This setup does break the WLS generated test
harness, however, since there is no way to authenticate prior to the service invocation.
Anyone have any better suggestions?
Anyone know why servicegen doesnt put the WSDL in a separate directory from the
services to make things a bit easier?
Mike
"Mike Gilbode" <[email protected]> wrote:
>
I want to protect my web service URI with HTTP basic authentication.
I've modified
the web.xml and protected my web service URI and all works fine. However,
this
also protects the dynamically generated WSDL URL.
Is there a way to pass the user/password to the JAX-RPC client for the
WSDL URL?
If not, what is the best way to expose the WSDL through a different
unprotected
URI while still dynamically generating it?
Mike -
Basic Auth and business services
Hi,
I have enabled "Basic Authentication" for a http based proxy service(a restful web service implementation of http methods).
In the proxy service flow I am trying to print and extract the username/password from $inbound/*:transport/*:request/*:headers/*:Authorizationson so that I can form a SOAP Header with wsse tokens for calling a back-end secured web service using a business service.But I found nothing out of $inbound/*:transport/*:request/*:headers/*:Authorizationson"
Is this something possible or is there another right way of doing this.
Thanks,
PrabuHi,
Please check the below link
Re: Accessing Portal component without login screen
hope is solve your problem.
Raghu -
Basic auth with RESTful WEb service and Web Service reference
Hi, All,
We have made much progress on getting an application working wtih RESTful web services but now are trying to figure out how to lock down a RESTful Web service while making it available for a particular application.
We are using one of the sample 'emp' table web services that come with Apex 4.2 and are trying to apply Basic Auth to the WEb Service via Weblogic filter defined in the web.xml file. That works fine. I now get challenged when I try to go to :
https://wlogic.edu/apex/bnr/ace/hr/empinfo/
And when I authenticate to that challenge I am able to get the data. (we are usiing LDAP authentication at the Weblogic level)
However, I am not sure how to get same basic authentication to work with the Web Service reference in my application. I see the error message in the application when I try to call that Web Service:
401--Unauthorized<
And I see:
"The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials"
How do I provide the credentials in the Web REference or do I provide credentials in the Application?
Web service works fine if I remove the RESTful web service basic auth from the Web.xml file.
Should we NOT use Weblogic basic auth and instead use basic auth from Workspace RESTful web service definition. If so, how do we implement THAT basic auth in the Web Service definition and in the Web SErvice Reference on the application?
Thanks,
PatWhat I mean is diid you try to use the PL/SQL package for APEX webservice. Here is an example I use (modified and shortened, just to show how much better this is than to use it from the application).
CREATE OR REPLACE PACKAGE webservice_pkg
IS
PROCEDURE create_webservice (
p_id IN NUMBER,
p_message OUT VARCHAR2,
p_workspace IN VARCHAR2 DEFAULT 'MY_WORKSPACE',
p_app_id IN NUMBER DEFAULT v ('APP_ID'),
p_app_session IN VARCHAR2 DEFAULT v ('SESSION'),
p_app_user IN VARCHAR2 DEFAULT v ('APP_USER')
END webservice_pkg;
CREATE OR REPLACE PACKAGE BODY webservice_pkg
IS
PROCEDURE set_credentials (
p_workspace IN VARCHAR2,
p_app_id IN NUMBER,
p_app_session IN VARCHAR2,
p_app_user IN VARCHAR2
IS
v_workspace_id NUMBER;
BEGIN
SELECT workspace_id
INTO v_workspace_id
FROM apex_workspaces
WHERE workspace = p_workspace;
apex_util.set_security_group_id (v_workspace_id);
apex_application.g_flow_id := p_app_id;
apex_application.g_instance := p_app_session;
apex_application.g_user := p_app_user;
END set_credentials;
PROCEDURE create_webservice (
p_id IN NUMBER,
p_message OUT VARCHAR2,
p_workspace IN VARCHAR2 DEFAULT 'MY_WORKSPACE',
p_app_id IN NUMBER DEFAULT v ('APP_ID'),
p_app_session IN VARCHAR2 DEFAULT v ('SESSION'),
p_app_user IN VARCHAR2 DEFAULT v ('APP_USER')
IS
v_envelope VARCHAR2 (32000);
v_server VARCHAR2 (400);
v_url VARCHAR2 (4000);
v_result_url VARCHAR2 (1000);
v_collection_name VARCHAR2 (40) := 'PDF_CARD';
v_message VARCHAR2 (4000);
v_xmltype001 XMLTYPE;
BEGIN
v_url := v_server || '.myserver.net/services/VisitCardCreator?wsdl';
FOR c IN (SELECT *
FROM DUAL)
LOOP
v_envelope :=
'<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" '
|| 'xmlns:bran="http://www.myaddress.com">'
|| CHR (10)
|| '<soapenv:Header/><soapenv:Body>'
|| CHR (10)
|| '<parameter:'
|| 'some_value'
|| '>'
|| CHR (10)
|| '<bran:templateID>'
|| p_id
|| '</bran:templateID>'
|| '</soapenv:Body>'
|| CHR (10)
|| '</soapenv:Envelope>';
END LOOP;
set_credentials (p_workspace, p_app_id, p_app_session, p_app_user);
BEGIN
apex_web_service.make_request
(p_url => v_url,
p_collection_name => v_collection_name,
p_envelope => v_envelope
p_message := 'Some message.';
EXCEPTION
WHEN OTHERS
THEN
v_message :=
v_message
|| '</br>'
|| 'Error running Webservice Request. '
|| SQLERRM;
END;
BEGIN
SELECT v_result_url
|| EXTRACTVALUE (VALUE (t),
'/*/' || 'Return',
'xmlns="http://www.myaddress.com"'
xmltype001
INTO v_result_url,
v_xmltype001
FROM wwv_flow_collections c,
TABLE
(XMLSEQUENCE (EXTRACT (c.xmltype001,
'//' || 'Response',
'xmlns="http://www.myaddress.com"'
) t
WHERE c.collection_name = v_collection_name;
EXCEPTION
WHEN OTHERS
THEN
v_message := v_message || '</br>' || 'Error reading Collection.';
END;
EXCEPTION
WHEN OTHERS
THEN
p_message := v_message || '</br>' || SQLERRM;
END create_webservice;
END webservice_pkg;
/If you use it this way, you will find out what the problem is much faster.
Denes Kubicek
http://deneskubicek.blogspot.com/
http://www.apress.com/9781430235125
http://apex.oracle.com/pls/apex/f?p=31517:1
http://www.amazon.de/Oracle-APEX-XE-Praxis/dp/3826655494
------------------------------------------------------------------- -
Basic auth in proxy server breaks managed server form auth
Hi,
I have a proxy server configured in front of 2 managed servers.
The managed servers have secure pages and are using form auth and the
proxy server is working properly. In other words, I point my browser
at the proxy and I end up being services by one of the managed servers.
If I attempt to access a secure page via the proxy I am sent to the form
login page via the proxy.
Now for the problem:
If I configure the proxy server to use basic auth, and secure all
pages in the proxy, I must provide my userid/password to the proxy
server (this is working fine) before I can get to one of the managed
servers. I can get to the welcome page of the managed server (which is
not secure) There is a link to a secure page on the welcome page. When
I click on the link to the secure page, I am sent to the form auth by
the managed server. I authenticate, but I can never see the secure
page. I end up being redirected to the form login page endlessly.
Both the proxy server and the managed server are usign the default
JSESSIONID.
Here is a section of the web.xml for the proxy server:
<servlet>
<servlet-name>HttpClusterServlet</servlet-name>
<servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
<init-param>
<param-name>WebLogicCluster</param-name>
<param-value>${ProxyConfig}</param-value>
</init-param>
<init-param>
<param-name>SecureProxy</param-name>
<param-value>ON</param-value>
</init-param>
<init-param>
<param-name>Debug</param-name>
<param-value>ON</param-value>
</init-param>
<init-param>
<param-name>DebugConfigInfo</param-name>
<param-value>ON</param-value>
</init-param>
<init-param>
<param-name>CookieName</param-name>
<param-value>JSESSIONID</param-value>
</init-param>
<init-param>
<param-name>CookieName</param-name>
<param-value>wlauthcookie_</param-value>
</init-param>
</servlet>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>gcmgui/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>applauncher/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>ssoadmin/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>default/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>domainadmin/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>gsc/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>psr/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>broadcastclient/*</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>HttpClusterServlet</servlet-name>
<url-pattern>nra/*</url-pattern>
</servlet-mapping>
Here is the proxy debug:
<Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
/applauncher/jsp/AppLaunche
r.jsp HTTP/1.1
<Fri Jul 11 14:40:07 EDT 2003>: Found cookie: Sf4VoFtpQwG]dTNEh9Yq
<Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
-213061352!10
.68.10.87!1080!10443
<Fri Jul 11 14:40:07 EDT 2003>: Remove idle for '30' secs:
ProxyConnection(isSec
ureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
<Fri Jul 11 14:40:07 EDT 2003>: Create connection:
ProxyConnection(isSecureProxy
=true): 10.68.10.87:10443, keep-alive='30'secs
<Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
<Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
image/jpeg,
image/pjpeg, application/vnd.ms-excel, application/msword,
application/vnd.ms-po
werpoint, */*
<Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
<Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
<Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
MSIE 6.0; W
indows NT 4.0; H010818)
<Fri Jul 11 14:40:07 EDT 2003>: Host: localhost:18002
<Fri Jul 11 14:40:07 EDT 2003>: Connection: Keep-Alive
<Fri Jul 11 14:40:07 EDT 2003>: Cookie:
JSESSIONID=1PEosMJQ9ZJrewjj1t5nZfNtYe1e5
pWYbjyBGvZ1ExEY8YoueKTG!-213061352!NONE;
wlauthcookie_=Sf4VoFtpQwG]dTNEh9Yq
<Fri Jul 11 14:40:07 EDT 2003>: Authorization: Basic
cmFwcGVsYmE6b3V0Mmx1bmNo
<Fri Jul 11 14:40:07 EDT 2003>: HTTP/1.1 302 Moved Temporarily
<Fri Jul 11 14:40:07 EDT 2003>: Out-bound headers:
<Fri Jul 11 14:40:07 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:07 GMT
<Fri Jul 11 14:40:07 EDT 2003>: Location:
https://localhost:18002/applauncher/un
restricted/jsp/FormLogin.jsp
<Fri Jul 11 14:40:07 EDT 2003>: Server: WebLogic WebLogic Server 8.1
Thu Mar 20
23:06:05 PST 2003 246620
<Fri Jul 11 14:40:07 EDT 2003>: Transfer-Encoding: Chunked
<Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
/applauncher/unrestricted/j
sp/FormLogin.jsp HTTP/1.1
<Fri Jul 11 14:40:07 EDT 2003>: Found cookie: UZ]OrXsBP6uEEa[0veSz
<Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
<Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
-213061352!10
.68.10.87!1080!10443
<Fri Jul 11 14:40:07 EDT 2003>: Requeue connection:
ProxyConnection(isSecureProx
y=true): 10.68.10.87:10443, keep-alive='30'secs
<Fri Jul 11 14:40:07 EDT 2003>: Recycle connection:
ProxyConnection(isSecureProx
y=true): 10.68.10.87:10443, keep-alive='30'secs
<Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
<Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
<Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
image/jpeg,
image/pjpeg, application/vnd.ms-excel, application/msword,
application/vnd.ms-po
werpoint, */*
<Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
<Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
<Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
MSIE 6.0; W
indows NT 4.0; H010818)
<Fri Jul 11 14:40:08 EDT 2003>: Host: localhost:18002
<Fri Jul 11 14:40:08 EDT 2003>: Connection: Keep-Alive
<Fri Jul 11 14:40:08 EDT 2003>: Authorization: Basic
cmFwcGVsYmE6b3V0Mmx1bmNo
<Fri Jul 11 14:40:08 EDT 2003>: Cookie:
JSESSIONID=1PEHvo1gQIbwOMuVsU9pJnnvlGBSP
74ZUcSHwazE7domCL8UlVA2!-937872307; wlauthcookie_=UZ]OrXsBP6uEEa[0veSz
<Fri Jul 11 14:40:08 EDT 2003>: HTTP/1.1 200 OK
<Fri Jul 11 14:40:08 EDT 2003>: Out-bound headers:
<Fri Jul 11 14:40:08 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:08 GMT
<Fri Jul 11 14:40:08 EDT 2003>: Server: WebLogic WebLogic Server 8.1
Thu Mar 20
23:06:05 PST 2003 246620
<Fri Jul 11 14:40:08 EDT 2003>: Content-Length: 4238
<Fri Jul 11 14:40:08 EDT 2003>: Set-Cookie:
JSESSIONID=1PEIxJ21oT5H3Z2ilQjPqpq1V
kdOhEnNbbz9wviTtTTZj6IBp29b!-213061352!NONE; path=/
<Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
<Fri Jul 11 14:40:08 EDT 2003>: Requeue connection:
ProxyConnection(isSecureProx
y=true): 10.68.10.87:10443, keep-alive='30'secs
<Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
<Fri Jul 11 14:40:44 EDT 2003>: Trigger remove idle for '35' secs:
ProxyConnecti
on(isSecureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
Thanks,
RobI typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.
-
IE6 WinXP Java2 and Basic Auth
This only happens on WinXP (Pro is what I'm using), not WinME, Win2K or Win98/Win98SE.
When I request a page with an embedded Java applet (with applet tags) that is "protected" with Basic Auth over SSL I first enter the Basic Auth credentials (username/password) in the IE6 dialog and then a second dialog appears, a Java one, to enter the same Basic Auth credentials again.
On Win2k/WinME/Win9x only once am I required to enter the BA credentials with the IE6 dialog.
What's up?I solved the problem of the double Basic Auth sign-ins accessing a HTTPS/SSL page containing <APPLET> tags by disabling JRE 1.4 and reverting to JRE 1.3.1.
IMHO, JRE 1.4 is seriously broken WRT SSL/<APPLET>/Basic Auth. -
RemoteObject and http basic auth
Hello,
I am writing an AIR application and I have a RemoteObject
that has an endpoint secured using http basic auth. Whenever I try
to send the RemoteObject request, a username/password window is
displayed to the user. How do I automatically send the
username/password? Using setCredentials or setRemoteCredentials
doesn't seem to affect this - looking at the data sent, the
RemoteObject is not sending a http Authorisation header.
Is this possible?Hello,
Sorry for "waking up" this old message, but I have exactly the same probem and I can't find a solution.
I know how to send Authorization in the HTTP headers with a HTTPService, but not with a RemoteObject.
Do you know that, or have any other solution for the problem ?
Etienne -
Forms based authentication + Basic authentication = no way to use the basic auth!!!!
Hi,
I setup a test sharepoint site, claims mode, with both the forms and basic authentication enabled.
I expect to see the page asking me which authentication method I want to use, but I never see this page!!!
I have to select the windows authentication (NTLM or Kerberos) to see this page!
why using only the Basic authentication did not prompt the user?
and how to be authenticated using the basic authentication rather than the forms auth when both are enable for the same site?
>I do NOT want to extend my site to have 2 zones... my question is ONLY with 1 zone configured.What is the business purpose for using Basic Auth over NTLM/Kerberos?
Trevor Seward
Follow or contact me at...
  
This post is my own opinion and does not necessarily reflect the opinion or view of Microsoft, its employees, or other MVPs. -
Web Services with HTTP Basic Auth
Hi,
I am having a problem connecting to web services which
require HTTP Basic Authentication from a Flex application. I have
useProxy set to true and call setRemoteCredentials prior to
attempting the call, but the credentials do not appear to be set on
the request (the request fails with fault.faultString = "HTTP
request error", faultCode = "Server.Error.Request". The messages on
the server indicate that the user name and password were not
specified.
I do have the proxy-config.xml file set up properly (I think
-- I followed the example in the mx.rpc.soap.mxml.WebService class
description, at least).
I can verify that the WSDL (which doesn't require BASIC auth
to access) is being loaded properly, but when I make the request,
it fails. Is this a known problem?
I am using Flex Builder 2.0.1 to build my SWF files.
Thanks,
BrendanThanks for the pointer, I did try it, but it didn't help.
As I said in the original post, the problem is with HTTP
Basic Authentication, so adding a header for WSSE to the service
request didn't help. It needs to be an HTTP Authorization header,
not a SOAP Security header.
Brnedan -
Dynamic proxy invokes basic auth web service
My dynamic proxy client works fine with any web service except the basic auth secured one.
I know how to use stub client to work around this issue. But I haven't found a way to get around when dynamic proxy clients are used.
Any idea is appricated. ThanksPaula-
Given that you can work around this issue with the stub client,
you should be able to work around the issue in the dynamic proxy client
in the same way-
I am interested that you say workaround the issue with the stub client.
Is there a problem that you have noted?
If you can let me know how you worked this issue with the stub,
and what problems you have specifically had with the dynamic proxy client
I will look at the issue to see if it a bug.
Please let me know what environment you are working in, the version of jaxrpc 1.x,
what container, jdk or jre and a sample client program that would help me understand
the problem.
Thanks,
Kathy -
Hello everyone,
we have integrated some JavaFX components within a swing application recently. One of the components that we have decided to add is a WebView component that should access an html page with the account settings of the logged in user.
However, this page has restricted access with HTTP Basic Auth type of authorization and for this reason the WebView gets the 401 HTTP error.
Is it possible to perform the HTTP Basic Auth programmatically (by setting username and password) with the WebView?
Thanks in advance for your help,
LMI have solved by using java.net.Authenticator
-
I've got a J2EE application running under WL6.1 and that uses BASIC Auth. Durring
development I need to test with various users. How do I log a user out so I can
run the app under a different user?
Thanks,
MattThe following should work :
a) use HttpSession.invalidate() to invalidate
the current user session , and
b) use HttpServletResponse.sendRedirect() to
redirect to the main page.
Let me know if it does not work.
jason
"Matt Connors" <[email protected]> wrote:
>
I've got a J2EE application running under WL6.1 and that uses BASIC Auth.
Durring
development I need to test with various users. How do I log a user out
so I can
run the app under a different user?
Thanks,
Matt -
Basic auth interop problem, servlet WS works, EJB WS not (Sun AS 8)
After spending some time I managed to add HTTP basic auth to a simple web service. I have implemented two variants, an JAX-RPC servlet web service and an EJB web service.
A (Sun) JAX-RPC client works pretty well against both web services. I do the required steps with the stub (set user/pwd) and things work. I do get the correct principal in the server side, fine.
When I do NOT set the authentication properties at the stub, the servlet based WS responds something like HTTP error 403 (?) or so, which leads to "authentication required". The EJB based response is not that adequate, it's something like "internal server error, EJBLocalAccessException or so" but from the given message you could get the idea what's wrong.
Anyway, I got the impression that this stuff
return HTTP error to flag "auth required"
is not happening for some reason in my EJB based web service. I found this problem in Sun AS 8 and I think it's the same problem when I test stuff with Oracle's OC4J ...
Some client implementations have obviously problems to get the idea that user authentication is required. In other words, the clients cannot invoke the EJB WS. I tried it with Perl Soap::Lite, MS SOAP Toolkit 3.0 and MS .Net 1.1 stuff. All this clients work well (with authentication) when I consume the servlet based web service. But the EJB based web service is not working at all. I do get there just "not allowed" and the SOAP client runtime is not handing over any user credentials (because it's obviously not correctly asked for it by an appropriate AS response).
Anyone else experienced this problems with EJB WS???
Interesting question: why is the JAX-RPC client working? Is it sending the properties set at the stub in any case? Or do they "handle" the internal error coming from Sun AS explicitly or so? Strange, in a way. :-)
Thanx for any help here!
MertenI guess the reason was that I wrote
<login-config>
<auth-method>Basic</auth-method>
</login-config>
instead of required
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
At deploy time, I got no error message. At usage time, I just got this AccessLocalException. That's not really nice ...
Merten
Maybe you are looking for
-
Getting error while running TestDbcConn.jsp in jdev
Hi, We are implementing iStore 12.1.3. In order to create iStore jdev setup, I referred metalink note 1330599.1 (R12: How to Customize and Execute iStore JSPs from Oracle Jdeveloper?). I followed all the steps exactly as instructed. However when I ru
-
Access PDF on iPod touch 2nd gen
I have created a PDF document on my iMac and want to be able to take a copy with me on my iPod Touch 2nd generation. There are so many document applications out there that I don't know which one would simply do this one thing. Any suggestions? Claire
-
firefox 15.0.1 windows xp * Shockwave Flash 11.4 r402 * Adobe PDF Plug-In For Firefox and Netscape 10.1.4 * DRM Netscape Network Object * DRM Store Netscape Plugin * Npdsplay dll
-
After 8 days of calling Tech Support I'm done with Verizon. Today my speed peaked to 23.3k-The only answer I get from Tech Support is, there seems to be a server end problem. While trying to cancel all my Verizon services, I'm told I will have to
-
Switched broadband provider-Azureus no longer opens ...
Just switched to Sky Broadband (uk service) (was previously using ntl world for internet-wirelessly) -opened up azerues as per normal -blue frog appears for 1second in the dock then disapears Has anyone got any ideas? Ive tried removing azerues from