BASIC Auth and WSDL in WebLogic 7

I want to protect my web service URI with HTTP basic authentication. I've modified
the web.xml and protected my web service URI and all works fine. However, this
also protects the dynamically generated WSDL URL.
Is there a way to pass the user/password to the JAX-RPC client for the WSDL URL?
If not, what is the best way to expose the WSDL through a different unprotected
URI while still dynamically generating it?
Mike

I am aware that this is an old post, but I have never seen a good answer for this
question and have been struggling with it myself. How do you protect web services
with basic authentication, but at the same time expose the generated WSDL?
The best way I have found is to protect only post requests:
<security-constraint>
<web-resource-collection>
<web-resource-name>myservice</web-resource-name>
<url-pattern>/myservice/*</url-pattern>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>SomeRoleName</role-name>
</auth-constraint>
</security-constraint>
Since web service requests are posts, security does kick in on the invocation.
The WSDL 'get' requests are allowed. This setup does break the WLS generated test
harness, however, since there is no way to authenticate prior to the service invocation.
Anyone have any better suggestions?
Anyone know why servicegen doesnt put the WSDL in a separate directory from the
services to make things a bit easier?
Mike
"Mike Gilbode" <[email protected]> wrote:
>
I want to protect my web service URI with HTTP basic authentication.
I've modified
the web.xml and protected my web service URI and all works fine. However,
this
also protects the dynamically generated WSDL URL.
Is there a way to pass the user/password to the JAX-RPC client for the
WSDL URL?
If not, what is the best way to expose the WSDL through a different
unprotected
URI while still dynamically generating it?
Mike

Similar Messages

  • HTTP Basic Auth and Proxy Auth

    Hi,
    i have a problem with the authentication against a proxy server and against a content provider. At first I have to authenticate against the proxy to get "free internet". The next step is to authenticate against the content provider to get a html or xml file.
    The following source code runs very good in Eclipse, i.e. as JUnitTest. But If I execute the same code within a weblogic server, I will get an error (not authenticated). I believe I get this message from the content provider and not from the proxy because If I test this code within the weblogic server and with no authentication (i.e. google needs no authentication), I will get a valide xml/html file.
    StringBuffer sb = new StringBuffer();
              SimpleAuthenticator simple = new SimpleAuthenticator("joeuser","a.b.C.D"); //from openbook
              Authenticator.setDefault(simple);
              String strUrl = "http://www.rahul.net/joeuser/";
              URL url = null;
              try {
                   url = new URL(strUrl);
              } catch (MalformedURLException e) {
                   // TODO Auto-generated catch block
                   e.printStackTrace();
              URLConnection conn = null;
              InetSocketAddress addr = new InetSocketAddress("proxy.domain",8080);
              Proxy proxy = new Proxy(Proxy.Type.HTTP, addr);
              try {
                   conn = url.openConnection(proxy);
              } catch (IOException e) {
                   // TODO Auto-generated catch block
                   e.printStackTrace();
              String proxyStr = "username" + ":" + "passwordl";
              String encoded = new String(Base64.encodeBase64(proxyStr.getBytes()));
              conn.setRequestProperty("Proxy-Authorization", "Basic " + encoded);
              // get http status code which is located in header field 0
              String status = conn.getHeaderField(0);
              if (status.contains("200")) {
                   BufferedReader in = null;
                   try {
                        in = new BufferedReader(new InputStreamReader(conn.getInputStream(),
                                  "ISO-8859-1"));
                        String inputLine;
                        while ((inputLine = in.readLine()) != null) {
                             sb.append(inputLine);
                        in.close();
                   } catch (UnsupportedEncodingException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                   } catch (IOException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
              else {
                   System.out.println("Error");
              System.out.println(sb.toString());
    public class SimpleAuthenticator
    extends Authenticator
         private String username,
         password;
         public SimpleAuthenticator(String username,String password)
              this.username = username;
              this.password = password;
         protected PasswordAuthentication getPasswordAuthentication()
              return new PasswordAuthentication(
                        username,password.toCharArray());
    Does somebody know a solution? I need the authentication against proxy and content provider in "one application".
    Thank you very much,
    André

    I typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.

  • Basic auth and MSIE

    Hi,
    I'm using basic auth and used to send username/password with
    the URL to authenticate from another webserver (with some other
    kind of authentication), but - as you know - Microsoft doesn't
    support that any longer and so this works for some other
    webclients but not for IE (or only with a patch, that isn't installed
    everywhere).
    Now I have seen that for Apache there is a module called
    mod_auth_cookie to fake that kind of implicit authentification.
    My Question: has anybody done this for SJWS or can't that
    be done?
    TIA
    Reinfried

    Hi,
    Please check the below link
    Re: Accessing Portal component without login screen
    hope is solve your problem.
    Raghu

  • HTTP Basic Auth and Username Authentication with Symmetric Key

    Hi,
    I have a webservice happily running on tomcat 5.5 using "Username Authentication with Symmetric Key" I have certificates setup and everything works fine. I can even connect a .net client and use the service.
    Now I have an additional requirement of authorization per operation basis so I'm planning on using the roles. My current setup uses tomcat-users.xml to configure users but I seem unable to identify the role of the user from within my code as wsContext.isUserInRole("briefing") always returns false even when it clearly isn't. Where wsContext = @Resource private WebServiceContext wsContext.
    So I figure perhaps I need to add HTTP Basic Auth to tomcat for it to gather this information so I added security-constraints to the web.xml and this seems to do the trick: at least it does for my .net client.
    If I do:
      Service service = new Service();
      Port client = service.getPort();
      BindingProvider bp = (BindingProvider)client;
      bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "myusername");
      bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "mypassword");Then it all works fine. However, I'd like a little less transparency: I don't want to have to do this every time I make a call.
    My question(s) is:
    1) Am I going about this the right way (perhaps I am somehow getting the incorrect reference to the WebServiceContext)
    2) If I am going about this the right way I imagine the whole BindingProvider code needs to be added to as a policy configuration but I'm really not sure where to start especially as I'm using wsimport to generate everything: I'm not even sure where to configure this so it will not get overwritter.
    Thanks for any help.

    Doh! Ok So I've added a SOAP Handler to automatically add the username and password for the HTTP Basic Auth.
    All in all does this setup sound right?

  • Basic Auth and business services

    Hi,
    I have enabled "Basic Authentication" for a http based proxy service(a restful web service implementation of http methods).
    In the proxy service flow I am trying to print and extract the username/password from $inbound/*:transport/*:request/*:headers/*:Authorizationson so that I can form a SOAP Header with wsse tokens for calling a back-end secured web service using a business service.But I found nothing out of $inbound/*:transport/*:request/*:headers/*:Authorizationson"
    Is this something possible or is there another right way of doing this.
    Thanks,
    Prabu

    Hi,
    Please check the below link
    Re: Accessing Portal component without login screen
    hope is solve your problem.
    Raghu

  • Basic auth with RESTful WEb service and Web Service reference

    Hi, All,
    We have made much progress on getting an application working wtih RESTful web services but now are trying to figure out how to lock down a RESTful Web service while making it available for a particular application.
    We are using one of the sample 'emp' table web services that come with Apex 4.2 and are trying to apply Basic Auth to the WEb Service via Weblogic filter defined in the web.xml file. That works fine. I now get challenged when I try to go to :
    https://wlogic.edu/apex/bnr/ace/hr/empinfo/
    And when I authenticate to that challenge I am able to get the data. (we are usiing LDAP authentication at the Weblogic level)
    However, I am not sure how to get same basic authentication to work with the Web Service reference in my application. I see the error message in the application when I try to call that Web Service:
    401--Unauthorized<
    And I see:
    "The request requires user authentication. The response MUST include a WWW-Authenticate header field (section 14.46) containing a challenge applicable to the requested resource. The client MAY repeat the request with a suitable Authorization header field (section 14.8). If the request already included Authorization credentials"
    How do I provide the credentials in the Web REference or do I provide credentials in the Application?
    Web service works fine if I remove the RESTful web service basic auth from the Web.xml file.
    Should we NOT use Weblogic basic auth and instead use basic auth from Workspace RESTful web service definition. If so, how do we implement THAT basic auth in the Web Service definition and in the Web SErvice Reference on the application?
    Thanks,
    Pat

    What I mean is diid you try to use the PL/SQL package for APEX webservice. Here is an example I use (modified and shortened, just to show how much better this is than to use it from the application).
    CREATE OR REPLACE PACKAGE webservice_pkg
    IS
       PROCEDURE create_webservice (
          p_id            IN       NUMBER,
          p_message       OUT      VARCHAR2,
          p_workspace     IN       VARCHAR2 DEFAULT 'MY_WORKSPACE',
          p_app_id        IN       NUMBER DEFAULT v ('APP_ID'),
          p_app_session   IN       VARCHAR2 DEFAULT v ('SESSION'),
          p_app_user      IN       VARCHAR2 DEFAULT v ('APP_USER')
    END webservice_pkg;
    CREATE OR REPLACE PACKAGE BODY webservice_pkg
    IS
       PROCEDURE set_credentials (
          p_workspace     IN   VARCHAR2,
          p_app_id        IN   NUMBER,
          p_app_session   IN   VARCHAR2,
          p_app_user      IN   VARCHAR2
       IS
          v_workspace_id   NUMBER;
       BEGIN
          SELECT workspace_id
            INTO v_workspace_id
            FROM apex_workspaces
           WHERE workspace = p_workspace;
          apex_util.set_security_group_id (v_workspace_id);
          apex_application.g_flow_id := p_app_id;
          apex_application.g_instance := p_app_session;
          apex_application.g_user := p_app_user;
       END set_credentials;
       PROCEDURE create_webservice (
          p_id            IN       NUMBER,
          p_message       OUT      VARCHAR2,
          p_workspace     IN       VARCHAR2 DEFAULT 'MY_WORKSPACE',
          p_app_id        IN       NUMBER DEFAULT v ('APP_ID'),
          p_app_session   IN       VARCHAR2 DEFAULT v ('SESSION'),
          p_app_user      IN       VARCHAR2 DEFAULT v ('APP_USER')
       IS
          v_envelope          VARCHAR2 (32000);
          v_server            VARCHAR2 (400);
          v_url               VARCHAR2 (4000);
          v_result_url        VARCHAR2 (1000);
          v_collection_name   VARCHAR2 (40)    := 'PDF_CARD';
          v_message           VARCHAR2 (4000);
          v_xmltype001        XMLTYPE;
       BEGIN
          v_url := v_server || '.myserver.net/services/VisitCardCreator?wsdl';
          FOR c IN (SELECT *
                      FROM DUAL)
          LOOP
             v_envelope :=
                   '<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" '
                || 'xmlns:bran="http://www.myaddress.com">'
                || CHR (10)
                || '<soapenv:Header/><soapenv:Body>'
                || CHR (10)
                || '<parameter:'
                || 'some_value'
                || '>'
                || CHR (10)
                || '<bran:templateID>'
                || p_id
                || '</bran:templateID>'
                || '</soapenv:Body>'
                || CHR (10)
                || '</soapenv:Envelope>';
          END LOOP;
          set_credentials (p_workspace, p_app_id, p_app_session, p_app_user);
          BEGIN
             apex_web_service.make_request
                                         (p_url                  => v_url,
                                          p_collection_name      => v_collection_name,
                                          p_envelope             => v_envelope
             p_message := 'Some message.';
          EXCEPTION
             WHEN OTHERS
             THEN
                v_message :=
                      v_message
                   || '</br>'
                   || 'Error running Webservice Request. '
                   || SQLERRM;
          END;
          BEGIN
             SELECT    v_result_url
                    || EXTRACTVALUE (VALUE (t),
                                     '/*/' || 'Return',
                                     'xmlns="http://www.myaddress.com"'
                    xmltype001
               INTO v_result_url,
                    v_xmltype001
               FROM wwv_flow_collections c,
                    TABLE
                        (XMLSEQUENCE (EXTRACT (c.xmltype001,
                                               '//' || 'Response',
                                               'xmlns="http://www.myaddress.com"'
                        ) t
              WHERE c.collection_name = v_collection_name;
          EXCEPTION
             WHEN OTHERS
             THEN
                v_message := v_message || '</br>' || 'Error reading Collection.';
          END;
       EXCEPTION
          WHEN OTHERS
          THEN
             p_message := v_message || '</br>' || SQLERRM;
       END create_webservice;
    END webservice_pkg;
    /If you use it this way, you will find out what the problem is much faster.
    Denes Kubicek
    http://deneskubicek.blogspot.com/
    http://www.apress.com/9781430235125
    http://apex.oracle.com/pls/apex/f?p=31517:1
    http://www.amazon.de/Oracle-APEX-XE-Praxis/dp/3826655494
    -------------------------------------------------------------------

  • Basic auth in proxy server breaks managed server form auth

    Hi,
    I have a proxy server configured in front of 2 managed servers.
    The managed servers have secure pages and are using form auth and the
    proxy server is working properly. In other words, I point my browser
    at the proxy and I end up being services by one of the managed servers.
    If I attempt to access a secure page via the proxy I am sent to the form
    login page via the proxy.
    Now for the problem:
    If I configure the proxy server to use basic auth, and secure all
    pages in the proxy, I must provide my userid/password to the proxy
    server (this is working fine) before I can get to one of the managed
    servers. I can get to the welcome page of the managed server (which is
    not secure) There is a link to a secure page on the welcome page. When
    I click on the link to the secure page, I am sent to the form auth by
    the managed server. I authenticate, but I can never see the secure
    page. I end up being redirected to the form login page endlessly.
    Both the proxy server and the managed server are usign the default
    JSESSIONID.
    Here is a section of the web.xml for the proxy server:
    <servlet>
    <servlet-name>HttpClusterServlet</servlet-name>
    <servlet-class>weblogic.servlet.proxy.HttpClusterServlet</servlet-class>
    <init-param>
    <param-name>WebLogicCluster</param-name>
    <param-value>${ProxyConfig}</param-value>
    </init-param>
    <init-param>
    <param-name>SecureProxy</param-name>
    <param-value>ON</param-value>
    </init-param>
    <init-param>
    <param-name>Debug</param-name>
    <param-value>ON</param-value>
    </init-param>
    <init-param>
    <param-name>DebugConfigInfo</param-name>
    <param-value>ON</param-value>
    </init-param>
    <init-param>
    <param-name>CookieName</param-name>
    <param-value>JSESSIONID</param-value>
    </init-param>
    <init-param>
    <param-name>CookieName</param-name>
    <param-value>wlauthcookie_</param-value>
    </init-param>
    </servlet>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>gcmgui/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>applauncher/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>ssoadmin/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>default/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>domainadmin/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>gsc/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>psr/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>broadcastclient/*</url-pattern>
    </servlet-mapping>
    <servlet-mapping>
    <servlet-name>HttpClusterServlet</servlet-name>
    <url-pattern>nra/*</url-pattern>
    </servlet-mapping>
    Here is the proxy debug:
    <Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
    /applauncher/jsp/AppLaunche
    r.jsp HTTP/1.1
    <Fri Jul 11 14:40:07 EDT 2003>: Found cookie: Sf4VoFtpQwG]dTNEh9Yq
    <Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
    -213061352!10
    .68.10.87!1080!10443
    <Fri Jul 11 14:40:07 EDT 2003>: Remove idle for '30' secs:
    ProxyConnection(isSec
    ureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
    <Fri Jul 11 14:40:07 EDT 2003>: Create connection:
    ProxyConnection(isSecureProxy
    =true): 10.68.10.87:10443, keep-alive='30'secs
    <Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
    <Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
    image/jpeg,
    image/pjpeg, application/vnd.ms-excel, application/msword,
    application/vnd.ms-po
    werpoint, */*
    <Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
    <Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
    <Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
    MSIE 6.0; W
    indows NT 4.0; H010818)
    <Fri Jul 11 14:40:07 EDT 2003>: Host: localhost:18002
    <Fri Jul 11 14:40:07 EDT 2003>: Connection: Keep-Alive
    <Fri Jul 11 14:40:07 EDT 2003>: Cookie:
    JSESSIONID=1PEosMJQ9ZJrewjj1t5nZfNtYe1e5
    pWYbjyBGvZ1ExEY8YoueKTG!-213061352!NONE;
    wlauthcookie_=Sf4VoFtpQwG]dTNEh9Yq
    <Fri Jul 11 14:40:07 EDT 2003>: Authorization: Basic
    cmFwcGVsYmE6b3V0Mmx1bmNo
    <Fri Jul 11 14:40:07 EDT 2003>: HTTP/1.1 302 Moved Temporarily
    <Fri Jul 11 14:40:07 EDT 2003>: Out-bound headers:
    <Fri Jul 11 14:40:07 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:07 GMT
    <Fri Jul 11 14:40:07 EDT 2003>: Location:
    https://localhost:18002/applauncher/un
    restricted/jsp/FormLogin.jsp
    <Fri Jul 11 14:40:07 EDT 2003>: Server: WebLogic WebLogic Server 8.1
    Thu Mar 20
    23:06:05 PST 2003 246620
    <Fri Jul 11 14:40:07 EDT 2003>: Transfer-Encoding: Chunked
    <Fri Jul 11 14:40:07 EDT 2003>: ===New Request===GET
    /applauncher/unrestricted/j
    sp/FormLogin.jsp HTTP/1.1
    <Fri Jul 11 14:40:07 EDT 2003>: Found cookie: UZ]OrXsBP6uEEa[0veSz
    <Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
    <Fri Jul 11 14:40:07 EDT 2003>: #### Trying to connect with server
    -213061352!10
    .68.10.87!1080!10443
    <Fri Jul 11 14:40:07 EDT 2003>: Requeue connection:
    ProxyConnection(isSecureProx
    y=true): 10.68.10.87:10443, keep-alive='30'secs
    <Fri Jul 11 14:40:07 EDT 2003>: Recycle connection:
    ProxyConnection(isSecureProx
    y=true): 10.68.10.87:10443, keep-alive='30'secs
    <Fri Jul 11 14:40:07 EDT 2003>: Request successfully processed
    <Fri Jul 11 14:40:07 EDT 2003>: In-bound headers:
    <Fri Jul 11 14:40:07 EDT 2003>: Accept: image/gif, image/x-xbitmap,
    image/jpeg,
    image/pjpeg, application/vnd.ms-excel, application/msword,
    application/vnd.ms-po
    werpoint, */*
    <Fri Jul 11 14:40:07 EDT 2003>: Accept-Language: en-us
    <Fri Jul 11 14:40:07 EDT 2003>: Accept-Encoding: gzip, deflate
    <Fri Jul 11 14:40:07 EDT 2003>: User-Agent: Mozilla/4.0 (compatible;
    MSIE 6.0; W
    indows NT 4.0; H010818)
    <Fri Jul 11 14:40:08 EDT 2003>: Host: localhost:18002
    <Fri Jul 11 14:40:08 EDT 2003>: Connection: Keep-Alive
    <Fri Jul 11 14:40:08 EDT 2003>: Authorization: Basic
    cmFwcGVsYmE6b3V0Mmx1bmNo
    <Fri Jul 11 14:40:08 EDT 2003>: Cookie:
    JSESSIONID=1PEHvo1gQIbwOMuVsU9pJnnvlGBSP
    74ZUcSHwazE7domCL8UlVA2!-937872307; wlauthcookie_=UZ]OrXsBP6uEEa[0veSz
    <Fri Jul 11 14:40:08 EDT 2003>: HTTP/1.1 200 OK
    <Fri Jul 11 14:40:08 EDT 2003>: Out-bound headers:
    <Fri Jul 11 14:40:08 EDT 2003>: Date: Fri, 11 Jul 2003 18:40:08 GMT
    <Fri Jul 11 14:40:08 EDT 2003>: Server: WebLogic WebLogic Server 8.1
    Thu Mar 20
    23:06:05 PST 2003 246620
    <Fri Jul 11 14:40:08 EDT 2003>: Content-Length: 4238
    <Fri Jul 11 14:40:08 EDT 2003>: Set-Cookie:
    JSESSIONID=1PEIxJ21oT5H3Z2ilQjPqpq1V
    kdOhEnNbbz9wviTtTTZj6IBp29b!-213061352!NONE; path=/
    <Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
    <Fri Jul 11 14:40:08 EDT 2003>: Requeue connection:
    ProxyConnection(isSecureProx
    y=true): 10.68.10.87:10443, keep-alive='30'secs
    <Fri Jul 11 14:40:08 EDT 2003>: Request successfully processed
    <Fri Jul 11 14:40:44 EDT 2003>: Trigger remove idle for '35' secs:
    ProxyConnecti
    on(isSecureProxy=true): 10.68.10.87:10443, keep-alive='30'secs
    Thanks,
    Rob

    I typically have used Apache Commons HttpClient for anything but trivial URL connections, and especially when combining both basic auth and proxy auth. When you use it, be aware of the "preemptive authentication" flag. One server I worked with didn't send the correct parameters back on particular requests, so I had to turn on this flag to get it to work.

  • How to create and use Webservice controls using WSDL in weblogic portal10.3

    Hi All,
    I have WSDL , How to create webservice controls using the WSDL in weblogic portal 10.3 and use those controls to invoke those webservice methods?
    please give me the documents links for this.
    Thanks
    Venkata Sarvabatla

    As far as I remember, Controls can be called only from Pageflows, BackingFiles, Another Control (Like control calling another control) etc. In pageflow we use annotation @Control and give control classname and a varialbe for that. I am pretty sure this annotation may not work from normal java class and in your case a JAVA JSR Class.
    If you installed the samples, refer the samples from WLS: C:\beawlp103\wlserver_10.3\samples\server\examples\src\examples\webservices. They have lot of fully ready to work samples with instructions. I used clientgen ant task. But you can use standard SUN JDK Command "wsimport" also to generate the java files from the WSDL. Open any command prompt. If java is in classpath, just run wsimport and that should give an idea.
    Goud

  • Difference in generated WSDL between Weblogic 10.3.3 and JBoss 5.1

    Hi all,
    We have developed an web service based application using JAX-WS with WS-Security enabled in it. We followed below link for the implementation of WS-Security,
    [http://www.ibm.com/developerworks/java/library/j-jws10/index.html]
    And we have deployed the application in JBoss 5.1, tested it using SOAP UI passing the request to the Core application. We got the expected result.
    When I try to deploy the application in weblogic 10.3.3, it is getting deployed and we are unable to pass the user credentials to it and hence the core application rejects the request since the username/password is not supplied.
    I want to know how the web service application with WS-Security enabled can be deploy in Weblogic 10.3.3? Any documentation would be a great help.
    And also we found that the creation of WSDL from JBoss 5.1 & Weblogic differ. We have used a WS-policy also into this, the WSDL generated by JBoss contains the information of the WS-policy we added.
    But the generated WSDL from Weblogic 10.3.3 is missing those information!
    Any help would be greatly appreciated. Thanks in advance.
    Only difference I see between the two generated WSDL is that,
    For Weblogic,  RI's version is Oracle JAX-WS 2.1.5.
    For JBoss 5.1, it is, RI's version is JAX-WS RI 2.2.3-b01-
    Will this have an impact on the generated WSDL?
    Generated WSDL from JBoss:
    <Changed the company name/product name>
    <?xml version="1.0" encoding="UTF-8" ?>
    - <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.2.3-b01-.
    -->
    - <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.2.3-b01-.
    -->
    - <definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://company.com/WARName" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://company.com/WARName" name="ProductWebServicesImplService">
    - <wsp1_2:Policy xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702" wsu:Id="UsernameToken">
    - <sp:SupportingTokens>
    - <wsp1_2:Policy>
    <sp:UsernameToken sp:IncludeToken=".../IncludeToken/AlwaysToRecipient" />
    </wsp1_2:Policy>
    </sp:SupportingTokens>
    </wsp1_2:Policy>
    - <types>
    - <xsd:schema>
    <xsd:import namespace="http://company.com/WARName" schemaLocation="http://localhost:8080/WARName/services?xsd=1" />
    </xsd:schema>
    - <xsd:schema>
    <xsd:import namespace="http://jaxb.dev.java.net/array" schemaLocation="http://localhost:8080/WARName/services?xsd=2" />
    </xsd:schema>
    </types>
    - <message name="CreateIndividualCustomer">
    <part name="parameters" element="tns:CreateIndividualCustomer" />
    </message>
    - <message name="CreateIndividualCustomerResponse">
    <part name="parameters" element="tns:CreateIndividualCustomerResponse" />
    </message>
    - <message name="CreateIndividualCustomer_Validate">
    <part name="parameters" element="tns:CreateIndividualCustomer_Validate" />
    </message>
    - <message name="CreateIndividualCustomer_ValidateResponse">
    <part name="parameters" element="tns:CreateIndividualCustomer_ValidateResponse" />
    </message>
    - <portType name="ProductWebServicesImpl">
    - <operation name="CreateIndividualCustomer">
    <input wsam:Action="http://company.com/WARName/ProductWebServicesImpl/CreateIndividualCustomerRequest" message="tns:CreateIndividualCustomer" />
    <output wsam:Action="http://company.com/WARName/ProductWebServicesImpl/CreateIndividualCustomerResponse" message="tns:CreateIndividualCustomerResponse" />
    </operation>
    - <operation name="CreateIndividualCustomer_Validate">
    <input wsam:Action="http://company.com/WARName/ProductWebServicesImpl/CreateIndividualCustomer_ValidateRequest" message="tns:CreateIndividualCustomer_Validate" />
    <output wsam:Action="http://company.com/WARName/ProductWebServicesImpl/CreateIndividualCustomer_ValidateResponse" message="tns:CreateIndividualCustomer_ValidateResponse" />
    </operation>
    </portType>
    - <binding name="ProductWebServicesImplPortBinding" type="tns:ProductWebServicesImpl">
    <wsp1_2:PolicyReference URI="#UsernameToken" />
    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
    - <operation name="CreateIndividualCustomer">
    <soap:operation soapAction="" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    - <operation name="CreateIndividualCustomer_Validate">
    <soap:operation soapAction="" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    </binding>
    - <service name="ProductWebServicesImplService">
    - <port name="ProductWebServicesImplPort" binding="tns:ProductWebServicesImplPortBinding">
    <soap:address location="http://localhost:8080/WARName/services" />
    </port>
    </service>
    </definitions>
    WSDL generated by Weblogic
    <?xml version="1.0" encoding="UTF-8" ?>
    - <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Oracle JAX-WS 2.1.5.
    -->
    - <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is Oracle JAX-WS 2.1.5.
    -->
    - <definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://company.com/WARName" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://company.com/WARName" name="ProductWebServicesImplService">
    - <types>
    - <xsd:schema>
    <xsd:import namespace="http://company.com/WARName" schemaLocation="http://machineIP:6601/WARNameSO/services?xsd=1" />
    </xsd:schema>
    - <xsd:schema>
    <xsd:import namespace="http://jaxb.dev.java.net/array" schemaLocation="http://machineIP:6601/WARNameSO/services?xsd=2" />
    </xsd:schema>
    </types>
    - <message name="CreateIndividualCustomer">
    <part name="parameters" element="tns:CreateIndividualCustomer" />
    </message>
    - <message name="CreateIndividualCustomerResponse">
    <part name="parameters" element="tns:CreateIndividualCustomerResponse" />
    </message>
    - <message name="CreateIndividualCustomer_Validate">
    <part name="parameters" element="tns:CreateIndividualCustomer_Validate" />
    </message>
    - <message name="CreateIndividualCustomer_ValidateResponse">
    <part name="parameters" element="tns:CreateIndividualCustomer_ValidateResponse" />
    </message>
    - <portType name="ProductWebServicesImpl">
    - <operation name="CreateIndividualCustomer">
    <input message="tns:CreateIndividualCustomer" />
    <output message="tns:CreateIndividualCustomerResponse" />
    </operation>
    - <operation name="CreateIndividualCustomer_Validate">
    <input message="tns:CreateIndividualCustomer_Validate" />
    <output message="tns:CreateIndividualCustomer_ValidateResponse" />
    </operation>
    </portType>
    - <binding name="ProductWebServicesImplPortBinding" type="tns:ProductWebServicesImpl">
    <soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
    - <operation name="CreateIndividualCustomer">
    <soap:operation soapAction="" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    - <operation name="CreateIndividualCustomer_Validate">
    <soap:operation soapAction="" />
    - <input>
    <soap:body use="literal" />
    </input>
    - <output>
    <soap:body use="literal" />
    </output>
    </operation>
    </binding>
    - <service name="ProductWebServicesImplService">
    - <port name="ProductWebServicesImplPort" binding="tns:ProductWebServicesImplPortBinding">
    <soap:address location="http://machineIP:6601/WARNameSO/services" />
    </port>
    </service>
    </definitions>
    Edited by: 943018 on Jun 26, 2012 9:44 PM

    Sadly you're correct about the previous developers not fully using the skinning framework. Some of it has been done correctly using a skin - such as the icon shown when required=true has been set (.AFRequiredIconStyle). Unfortunately the label width is being set from our custom CSS file, rather than from a skin. It looks like I'll have to remove our custom CSS and try to recreate the appearance using the skin from scratch.

  • IE6 WinXP Java2 and Basic Auth

    This only happens on WinXP (Pro is what I'm using), not WinME, Win2K or Win98/Win98SE.
    When I request a page with an embedded Java applet (with applet tags) that is "protected" with Basic Auth over SSL I first enter the Basic Auth credentials (username/password) in the IE6 dialog and then a second dialog appears, a Java one, to enter the same Basic Auth credentials again.
    On Win2k/WinME/Win9x only once am I required to enter the BA credentials with the IE6 dialog.
    What's up?

    I solved the problem of the double Basic Auth sign-ins accessing a HTTPS/SSL page containing <APPLET> tags by disabling JRE 1.4 and reverting to JRE 1.3.1.
    IMHO, JRE 1.4 is seriously broken WRT SSL/<APPLET>/Basic Auth.

  • RemoteObject and http basic auth

    Hello,
    I am writing an AIR application and I have a RemoteObject
    that has an endpoint secured using http basic auth. Whenever I try
    to send the RemoteObject request, a username/password window is
    displayed to the user. How do I automatically send the
    username/password? Using setCredentials or setRemoteCredentials
    doesn't seem to affect this - looking at the data sent, the
    RemoteObject is not sending a http Authorisation header.
    Is this possible?

    Hello,
    Sorry for "waking up" this old message, but I have exactly the same probem and I can't find a solution.
    I know how to send Authorization in the HTTP headers with a HTTPService, but not with a RemoteObject.
    Do you know that, or have any other solution for the problem ?
    Etienne

  • BASIC authentication and web client problems

    I have a very simple web service that is working. Now before attempting to use
    SSL, I want to test authenticating using BASIC authentication. I’ve made the
    changes to web.xml and even though the other web service pages authenticate ok
    (ex. http://localhost:7001/fileexchange/FileExchangeFacade), I am prompted again
    for authentication for web service itself. I can never authenticate to http://localhost:7001/fileexchange/FileExchangeFacade?operation.view=helloWorld.
    Has anyone completed this and if so, how does it work? I must have missed something
    simple.
    First, I setup the security constraint as follows:
    <security-constraint>
    <web-resource-collection>
    <web-resource-name>file-exchange-resources</web-resource-name>
    <url-pattern>/*</url-pattern>
    </web-resource-collection>
    <auth-constraint>
    <role-name>Administrators</role-name>
    </auth-constraint>
    </security-constraint>
    <login-config>
    <auth-method>BASIC</auth-method>
    <realm-name>myrealm</realm-name>
    </login-config>
    <security-role>
    <description>An administrators</description>
    <role-name>Administrators</role-name>
    </security-role>
    That allows me to secure / authenticate to the JSPs in the web service test app
    provided. Then I tried working with the admin server console to setup roles /
    privileges. I couldn’t get this to work but I easily could have done something
    wrong since there are no step by step examples other than the general docs in
    the programming guide.
    Next, since the web service deploys as a web application, I figured the problem
    must be that the internal WLS servlet needs security information defined in web.xml.
    I saw the programming guide listed the servlet name and discussed servlet mapping
    so I added the normal security entries for a servlet as follows and re-jarred
    the WAR and EAR.
    <servlet>
    <servlet-name>WebServiceServlet</servlet-name>
    <servlet-class>
    weblogic.webservice.server.servlet.WebServiceServlet
    </servlet-class>
    </servlet>
    <servlet-mapping>
    <servlet-name>WebServiceServlet</servlet-name>
    <url-pattern>/FileExchangeFacade/*</url-pattern>
    <security-role-ref>
    <role-name>Administrators</role-name>
    <role-link>Administrators</role-link>
    </security-role-ref>
    </servlet-mapping>
    It still doesn’t work. Any idea on how to get it to authenticate?
    Thanks,
    Dave

    Ok, this looks like an issue with the test page.
    When the test page gets a request to invoke a
    web service, it creates a client proxy and call invoke
    on the proxy. This will case the client proxy to
    create a new HTTP post connection to the server.
    Test page pulls out the username/passwd from the
    GET request from the browser and pass it to the
    POST request it makes to the web service. I think,
    the test page needs to do the same for realm. I will
    file a CR for this (CR105320).
    Please contact support with the case number if you
    need a patch for this.
    http://manojc.com
    "Malcolm Robbins" <[email protected]> wrote in message
    news:[email protected]...
    "Malcolm Robbins" <[email protected]> wrote in message
    news:[email protected]...
    One more thing.
    I took out explicit realm mapping and noticed that the firstauthentication
    challenge was for the WebLogic standard realm which was fine and
    authentication was successful. (i.e. I got to the web service "homepage").
    Actually I meant it was listed as "Weblogic Server" in the 1st challenge.
    When I stepped into the web service method and pressed the Invoke buttonon
    the web service methods the realm was "default" and authenticationfailed.
    Why does the domain change and how do I cover this?Is was actually listed as "Default".
    However this is the same domain I believe because I've done a further
    experiment and set the domains explicitely
    in the deployment WAR deployment (Other tab) and in the web.xml file. The
    second challange is then asking for re-authentication in the correctdomain
    (myrealm) but it does not accept the valid user/password and just re
    challenges until 3 attempts then it displays the SOAP message and theserver
    log file has the following exception:
    java.io.FileNotFoundException: Response: '401: Unauthorized xxx' for url:
    'http://localhost:7001/webservice/TraderService?WSDL'
    at
    weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:36
    2)
    at java.net.URL.openStream(URL.java:793)
    at
    weblogic.webservice.tools.wsdlp.DefinitionFactory.createDefinition(Definitio
    nFactory.java:73)
    at
    weblogic.webservice.tools.wsdlp.WSDLParser.<init>(WSDLParser.java:63)
    at
    weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:
    108)
    at
    weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:
    84)
    at
    weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.j
    ava:230)
    at
    weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServ
    iceServlet.java:306)
    at
    weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:19
    8)
    at
    weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:124)
    at
    weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet
    .java:224)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
    at
    weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
    tStubImpl.java:1058)
    at
    weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
    :401)
    at
    weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
    :306)
    at
    weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
    ebAppServletContext.java:5412)
    at
    weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
    r.java:744)
    at
    weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
    ntext.java:3086)
    at
    weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
    :2544)
    at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
    at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)

  • Web Services with HTTP Basic Auth

    Hi,
    I am having a problem connecting to web services which
    require HTTP Basic Authentication from a Flex application. I have
    useProxy set to true and call setRemoteCredentials prior to
    attempting the call, but the credentials do not appear to be set on
    the request (the request fails with fault.faultString = "HTTP
    request error", faultCode = "Server.Error.Request". The messages on
    the server indicate that the user name and password were not
    specified.
    I do have the proxy-config.xml file set up properly (I think
    -- I followed the example in the mx.rpc.soap.mxml.WebService class
    description, at least).
    I can verify that the WSDL (which doesn't require BASIC auth
    to access) is being loaded properly, but when I make the request,
    it fails. Is this a known problem?
    I am using Flex Builder 2.0.1 to build my SWF files.
    Thanks,
    Brendan

    Thanks for the pointer, I did try it, but it didn't help.
    As I said in the original post, the problem is with HTTP
    Basic Authentication, so adding a header for WSSE to the service
    request didn't help. It needs to be an HTTP Authorization header,
    not a SOAP Security header.
    Brnedan

  • Using HTTP basic auth in WebService

    Hi,
    I am writing a flex app that needs to talk to a pre-existing
    SOAP web service. Unfortunately the web service uses http basic
    auth to authenticate a user. I am trying to figure out exactly how
    this is accomplished but I cannot find any substantive data on the
    subject. So I was hoping someone here could point me in the right
    direction or possibly answer the question outright.
    I DID find reference to using the useProxy attribute on the
    WebService element (and that I would need to make some changes to a
    flex-config.xml) but I could not get this to work, nor could I find
    any explanation as to what exactly I was doing. I, as a workaround,
    attempted to place the auth info in the url (e.g.
    http://user:passwordhash@host:port/wsdl)
    but this did not work either as the request never made it to the
    server, I am assuming actionscript doesn't like this format?
    Anyway, does anyone have any advice/pointers? Any help would
    be appreciated.

    Hi,
    I am writing a flex app that needs to talk to a pre-existing
    SOAP web service. Unfortunately the web service uses http basic
    auth to authenticate a user. I am trying to figure out exactly how
    this is accomplished but I cannot find any substantive data on the
    subject. So I was hoping someone here could point me in the right
    direction or possibly answer the question outright.
    I DID find reference to using the useProxy attribute on the
    WebService element (and that I would need to make some changes to a
    flex-config.xml) but I could not get this to work, nor could I find
    any explanation as to what exactly I was doing. I, as a workaround,
    attempted to place the auth info in the url (e.g.
    http://user:passwordhash@host:port/wsdl)
    but this did not work either as the request never made it to the
    server, I am assuming actionscript doesn't like this format?
    Anyway, does anyone have any advice/pointers? Any help would
    be appreciated.

  • Any way to set "enforce-valid-basic-auth-credentials" from the WL console?

    Someone recently advised me to set "enforce-valid-basic-auth-credentials" to "false" in my laptop config.xml to avoid some annoying login prompts to the application I'm deploying locally. I haven't tried this yet because I wanted to know if there was a page in the WebLogic admin console that can set this flag.
    If not, how exactly does this get set in the config.xml? Where does it go, and exactly what would the element look like?

    Hi David,
    <font color=red> Admin Console does not provide any feature to enable or disable "EnforceValidBasicAuthCredentials" </font><br>
    You can use WLST script If you don't have access to "config.xml" like following:
    "ChangeEnforceValidBasicAuthCredentials.py"
    connect('weblogic','weblogic','t3://localhost:7001')
    edit()
    startEdit()
    cd('SecurityConfiguration')
    cd('base_domain')
    set('EnforceValidBasicAuthCredentials','false')
    save()
    activate()
    print 'Now Restart Your Server...'Above is a Non-Dynamic Change...It means ...once you run the Script ..you need to restart the Server to reflact the changes...
    In the Above Script
    base_domain = is the Domain name
    weblogic= Admin UserName
    weblogic= Admin Password
    t3://localhost:7001 = Is the Admin Server URL
    How to run the above script:
    Before running the above WLST please run the "setWLSEnv.sh"/ "setWLSEnv.cmd". Then
    java weblogic.WLST /app/myScriptLocations/ChangeEnforceValidBasicAuthCredentials.py.
    Thanks
    Jay SenSharma
    http://middlewaremagic.com/weblogic  (Middleware Magic Is Here)

Maybe you are looking for

  • Connection Statistics no longer displays any data

    Hello, We're using WAAS 5.3.1 and "Monitor > Optimisation > Connection Statistics" has stopped displaying data in all browsers - Firefox 25, Chrome 30.0.1599.101 m and IE 10. Flash v11.9.900.117 installed. Any ideas would be appreciated. Thanks.

  • Star Office 9 on Windows Server 2008 64Bit with Citrix Xen App 5.0

    Good day, I have Star Office 9 already installed on my private PC and now want to install it also on Terminal Sever with OS Windows 2008 64 Bit and Citrix Xen App 5.0 . Is there anybody who has experience with such an installation, can inform me if i

  • Idvd #8 and widescreen still doesnt work!?

    ok, i shot some HDV 1080i, downconverted it as sd widescreen, edited in imovie as widescreen, exported using quicktime as 16X9 853X480 dv video, imported that into idvd widescreen, and the preview shows 4X3. HOW HARD IS IT FOR THIS TO WORK CORRECTLY?

  • Encore not playing AVI clip the way it was made...

    ...I have a video with titles that are supposed to move closer to the viewer as they pop on screen. Now when I view it on my PPro 1.5 timeline it works great. When I view the avi on windows movie player, it plays great. When I put it into Encore the

  • Pacman freeze at 99%

    hi i am a little bit newbie user. when i installing arch, during downloading packages by pacman process stop at 99 percent. i am installing from ftp. i tried install from cd but it was the same. (first package is complete, second stop at 99%). system