Basic Authentication and Signout

Similar Messages

• BASIC authentication and web client problems

  I have a very simple web service that is working. Now before attempting to use
  SSL, I want to test authenticating using BASIC authentication. I’ve made the
  changes to web.xml and even though the other web service pages authenticate ok
  (ex. http://localhost:7001/fileexchange/FileExchangeFacade), I am prompted again
  for authentication for web service itself. I can never authenticate to http://localhost:7001/fileexchange/FileExchangeFacade?operation.view=helloWorld.
  Has anyone completed this and if so, how does it work? I must have missed something
  simple.
  First, I setup the security constraint as follows:
  <security-constraint>
  <web-resource-collection>
  <web-resource-name>file-exchange-resources</web-resource-name>
  <url-pattern>/*</url-pattern>
  </web-resource-collection>
  <auth-constraint>
  <role-name>Administrators</role-name>
  </auth-constraint>
  </security-constraint>
  <login-config>
  <auth-method>BASIC</auth-method>
  <realm-name>myrealm</realm-name>
  </login-config>
  <security-role>
  <description>An administrators</description>
  <role-name>Administrators</role-name>
  </security-role>
  That allows me to secure / authenticate to the JSPs in the web service test app
  provided. Then I tried working with the admin server console to setup roles /
  privileges. I couldn’t get this to work but I easily could have done something
  wrong since there are no step by step examples other than the general docs in
  the programming guide.
  Next, since the web service deploys as a web application, I figured the problem
  must be that the internal WLS servlet needs security information defined in web.xml.
  I saw the programming guide listed the servlet name and discussed servlet mapping
  so I added the normal security entries for a servlet as follows and re-jarred
  the WAR and EAR.
  <servlet>
  <servlet-name>WebServiceServlet</servlet-name>
  <servlet-class>
  weblogic.webservice.server.servlet.WebServiceServlet
  </servlet-class>
  </servlet>
  <servlet-mapping>
  <servlet-name>WebServiceServlet</servlet-name>
  <url-pattern>/FileExchangeFacade/*</url-pattern>
  <security-role-ref>
  <role-name>Administrators</role-name>
  <role-link>Administrators</role-link>
  </security-role-ref>
  </servlet-mapping>
  It still doesn’t work. Any idea on how to get it to authenticate?
  Thanks,
  Dave

  Ok, this looks like an issue with the test page.
  When the test page gets a request to invoke a
  web service, it creates a client proxy and call invoke
  on the proxy. This will case the client proxy to
  create a new HTTP post connection to the server.
  Test page pulls out the username/passwd from the
  GET request from the browser and pass it to the
  POST request it makes to the web service. I think,
  the test page needs to do the same for realm. I will
  file a CR for this (CR105320).
  Please contact support with the case number if you
  need a patch for this.
  http://manojc.com
  "Malcolm Robbins" <[email protected]> wrote in message
  news:[email protected]...
  "Malcolm Robbins" <[email protected]> wrote in message
  news:[email protected]...
  One more thing.
  I took out explicit realm mapping and noticed that the firstauthentication
  challenge was for the WebLogic standard realm which was fine and
  authentication was successful. (i.e. I got to the web service "homepage").
  Actually I meant it was listed as "Weblogic Server" in the 1st challenge.
  When I stepped into the web service method and pressed the Invoke buttonon
  the web service methods the realm was "default" and authenticationfailed.
  Why does the domain change and how do I cover this?Is was actually listed as "Default".
  However this is the same domain I believe because I've done a further
  experiment and set the domains explicitely
  in the deployment WAR deployment (Other tab) and in the web.xml file. The
  second challange is then asking for re-authentication in the correctdomain
  (myrealm) but it does not accept the valid user/password and just re
  challenges until 3 attempts then it displays the SOAP message and theserver
  log file has the following exception:
  java.io.FileNotFoundException: Response: '401: Unauthorized xxx' for url:
  'http://localhost:7001/webservice/TraderService?WSDL'
  at
  weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:36
  2)
  at java.net.URL.openStream(URL.java:793)
  at
  weblogic.webservice.tools.wsdlp.DefinitionFactory.createDefinition(Definitio
  nFactory.java:73)
  at
  weblogic.webservice.tools.wsdlp.WSDLParser.<init>(WSDLParser.java:63)
  at
  weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:
  108)
  at
  weblogic.webservice.WebServiceFactory.createFromWSDL(WebServiceFactory.java:
  84)
  at
  weblogic.webservice.server.servlet.ServletBase.invokeOperation(ServletBase.j
  ava:230)
  at
  weblogic.webservice.server.servlet.WebServiceServlet.invokeOperation(WebServ
  iceServlet.java:306)
  at
  weblogic.webservice.server.servlet.ServletBase.handleGet(ServletBase.java:19
  8)
  at
  weblogic.webservice.server.servlet.ServletBase.doGet(ServletBase.java:124)
  at
  weblogic.webservice.server.servlet.WebServiceServlet.doGet(WebServiceServlet
  .java:224)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:740)
  at javax.servlet.http.HttpServlet.service(HttpServlet.java:853)
  at
  weblogic.servlet.internal.ServletStubImpl$ServletInvocationAction.run(Servle
  tStubImpl.java:1058)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :401)
  at
  weblogic.servlet.internal.ServletStubImpl.invokeServlet(ServletStubImpl.java
  :306)
  at
  weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(W
  ebAppServletContext.java:5412)
  at
  weblogic.security.service.SecurityServiceManager.runAs(SecurityServiceManage
  r.java:744)
  at
  weblogic.servlet.internal.WebAppServletContext.invokeServlet(WebAppServletCo
  ntext.java:3086)
  at
  weblogic.servlet.internal.ServletRequestImpl.execute(ServletRequestImpl.java
  :2544)
  at weblogic.kernel.ExecuteThread.execute(ExecuteThread.java:153)
  at weblogic.kernel.ExecuteThread.run(ExecuteThread.java:134)

• Outlook 2013 - Exchange 2013 - Prompts for username and password when EWS basic authentication is enabled

  So we have an Exchange 2013 environment, and a CRM solution that requires basic authentication to EWS internally.  Problem is, after a reboot of our Exchange server, all of our Outlook clients begin prompting for username and password (which nothing
  works) which also starts locking users AD accounts out due to failed login attempts (somehow).  If I disabled basic authentication on EWS, Outlook authenticates as normal using NTLM and there are no issues.  Once Outlook has authenticated, I can
  turn back on basic authentication, and Outlook will be fine until the next time the Exchange server is rebooted.
  Any ideas?

  Hi,
  According to your description, I understand that Outlook client prompted for username and password when Exchange server restart and basic authentication is enabled for EWS.
  If I misunderstand your concern, please do not hesitate to let me know.
  It’s normal. This caused by the difference between basic authentication and NTML authentication:
  Basic, with any version of Outlook prior to 2010, results in a pop up dialog asking for creds. Outlook 2010 makes the 'save this password' actually work, so in an Outlook 2010 or later world, Basic can mean no need to authenticate every time you open/reconnect,
  but in all earlier versions, you will have to enter creds every time.
  NTLM, when used by a client that is domain joined and logged in with cached creds, results in the client simply sending the cached in creds to the server, resulting in what looks like a pretty seamless single sign on experience. However, if you want to do pre-authentication
  at something like TMG, and not let the traffic go all the way to CAS, you need to configure TMG for this.
  Thanks
  Please remember to mark the replies as answers if they help, and unmark the answers if they provide no help. If you have feedback for TechNet Support, contact [email protected]
  Allen Wang
  TechNet Community Support

• Basic authentication only works for some webservices?

  I'm trying to call the SAP BI/BO REStful webservices using basic authentication. I enabled basic authentication in the WACS and tested with this service:
  http://host:6405/infostore/16422
  This works! I can get the report metadata as either xml or json. However, whenever I try an url with "raylight" in it, I get an authentication problem:
  http://host:6405/biprws/raylight/v1/documents/16422/parameters
  error_code: "1"
  message: "No session found in HTTP header X-SAP-LogonToken"
  Why do some services work with basic authentication and others absolutely require the logontoken? I would like to avoid the logontoken if possible. I tested by logging on with the token and that does work, so it's not like my credentials are wrong.
  I also found the a problem with the raylight logontoken described here: RESTful Raylight Error Incorrect session
  Apparently, there needs to be double quotes around the logontoken for it to work. Could this "bug" be the reason why basic authentication doesn't work? I already tfried to put double quotes around and inside my base-encoded value but it still gives the same error.

  Hello,
  Raylight doesn't support basic authentication because it required a permanent session to work. Internally, we have to manage a "cache" to support subsequent REST calls and this is not possible using basic authentication.
  Regards,
  Anthony

• Can we add Basic Authentication for Oracle Report 10g?

  As we know, Apache supports basic Authentication, and Oracle Report 10g bases on Apache, that means Oracle Report 10g supports Basic Authentication too?
  Can anyone tell me the steps on how to configure Basic Authentication for Oracle Report 10g?
  Thanks for your help in Advance!
  P.S.
  I tried to add the following content to the file "httpd.conf" under the directory "E:\OraHome_2\Apache\Apache\conf\" (I installed report under this folder), but it doesn't work well:
  <Directory "E:\OraHome_2\Apache\Apache\htdocs">
  AuthType Basic
  AuthName "Private Documentation Repository"
  AuthUserFile "C:\Program Files\Apache Software Foundation\Apache2.2\mypasswd"
  Require user yangsun
  </Directory>

  Answers at your duplicated thread --> Some inter view Questions Please give prefect answer  help me

• Performing Usermapping towards Basic Authentication Sites (e.g. SLD or DTR)

  Hi,
  I want to create a role for our maintenance people for checkin misc stuff, and some of the iviews will point to our SLD and NWDI servers. Currently they, require Basic Authentication and I'd like to have usermapping here (not SSO / Loginticket). I've had problems with this before, and was wondering if anyone would like to give a detailed list of how to perform this? The example using DTR and SLD could (I think) relate to any other site using basic authentication.
  What I've done so far is (for DTR iview)
  - define a URL iview (with fields "AUTH_USER" and "AUTH_PASSWORD" as Mapped User and Mapped Password types respectively)
  - created a HTTP system with reference to the 2 fields in the iview, authenticationlink (http:///dtr) and authtype "basic authentication".
  - usermapping is maintained in a group where I'm a member
  Can anyone give me a general list of things to do to perform usermapping towards basic authentication sites?
  Please help! Points will be awarded!
  Regards,
  Hans Petter Bjørn

  Hello Hans,
  i think you have to write your own abstract portal component to achieve this. Pls see this weblog
  Accessing a web page protected by BASIC authentication
  kind regards
  Andreas

• JAXWS EJB3.0 Based WebService Authentication and Authorization - Weblogic

  Hi Experts,
  I need to Create a EJB3.0 WS where this Service has static Authentication and Authorization. How can I achieve it, any pointer.
  TIA

  The below sample is for basic authentication and authorization.
  Web service
  ========
  import javax.ejb.Stateless;
  import javax.ejb.TransactionAttribute;
  import javax.ejb.Remote;
  import javax.jws.WebMethod;
  import javax.jws.WebService;
  import javax.annotation.security.RolesAllowed;
  import javax.ejb.SecurityRoles;
  @Stateless(mappedName="com.slsbBean")
  @Remote( { com.bea.Service.class})
  @WebService(name="TransactionPortType", serviceName="TransactionService",
  targetNamespace="http://example.org")
  public class ServiceBean implements Service {
  @WebMethod()
  @RolesAllowed ( {"Admin","Manager"})
  public void testMethod(String s) {
  System.out.println("inside ejb method");
  System.out.println("username : " + weblogic.security.SubjectUtils.getUserPrincipal(weblogic.security.Security.getCurrentSubject()));
  Client
  ====
  import java.util.Map;
  import javax.xml.ws.BindingProvider;
  public class Test {
  public static void main(String[] args) {
  TransactionService simple = new TransactionService();
  TransactionPortType port = simple.getTransactionPortTypePort();
  BindingProvider bindingProvider = (BindingProvider) port;
  Map<String, Object> reqContext = bindingProvider.getRequestContext();
  reqContext.put(BindingProvider.USERNAME_PROPERTY, "XXXXXX");
  reqContext.put(BindingProvider.PASSWORD_PROPERTY, "XXXXXX");
  port.testMethod("hello");
  Regards,
  Sunil P

• URGENT : Unprotect a virtual directory from basic authentication

  All,
  Server : Weblogic 8.1
  OS : Windoes 2000 Adv Server SP4
  I am very successfull in configuring a web application with basic authentication
  and all works fine for me. Now i have a virtual directory for downloading certain
  files. These i have to unprotect meaning no authentication mode should be enabled
  for this virtual directory.
  Unfortunately i am using weblogic as both web and appserver. I know how to do
  the same with webservers like IIS or Apache.
  IS it possible to do this config with weblogic 8.1 ? To configure a web application
  with basic auth and ignore or unprotect (enable anonymous access) for a virtual
  directory.
  Thanks in Advance
  Viswanathan

  Hi,
  I agree with Tim that we can ask for better help in the following IIS forum.
  IIS.NET forum
  http://forums.iis.net/
  Best regards,
  Frank Shen

• How to log out using BASIC authentication

  Hi,
  we are using JSC and Sun Appserver8.
  To authenticate we are using BASIC authentication and it works well.
  Now we need to do a log out function because of new demands.
  Is it possible to log out when using BASIC authentication ?
  If so, how?
  /Regards Krister

  If you are using Basic Authentication, you may not be able to force log out. In that case you may have to use form based authentication.
  Please read more details here
  http://httpd.apache.org/docs/1.3/howto/auth.html
  (Look at the topic How do I log out?)
  - Winston
  http://blogs.sun.com/winston

• How to set up and test the Basic Authentication for HTTP protocol

  Hi,
  I tried configuring the password based Basic Authentication for sending xml document using ebMS - HTTP protocol. I set username and password while configuring the transport server for both trading partners. I want to know, is that sufficient for basic authenticaton. When I open the URI http://localhost:7778/b2b/transportServlet, it is not asking any authentication (username/password). Please note that I have not used SSL certificate. Anyone please help me out to configure Basic authentication.

  Hi Ramesh,
  Thanks for ur response. Could you please tell me where to set the Additional Transport header : authtype-basic#realm=myRealm(in which property file). In enqueue code, I could see the following attributes
  queue
  msgID
  replyToMsgID
  from
  to
  eventName
  doctypeName
  doctypeRevision
  msgType
  payload
  attachment
  subscriber
  Is it possible to set username/password in the enqueue attributes?
  Do i need to add username/password and Transport header in the input XML and defined that elements in xsd?

• Configuring Basic Authentication with Username and password on BizTalk Schema Service

  Hi,
  I have published my schema as a webservice with WCF-BASICHTTP adapter in IIS 8.0.
  I wanted to have a Basic Authentication(User name and password restriction).
  I made the Receive location with Security mode as Transport and Transport Client Crediential Type as Basic.
  I also set the Service in IIS with Basic Authentication only enabled.
  But I don't know how to provide a UserName and Password Authentication.
  Please provide your suggestions
  Regards, Vignesh S

  Hi,
  Try & go through the below MSDN link as it explains configuring WCF BasicHttp adapter very well.
  http://msdn.microsoft.com/en-us/library/bb246064(v=bts.80).aspx
  HTH,
  Sumit
  Sumit Verma - MCTS BizTalk 2006/2010 - Please indicate "Mark as Answer" or "Mark as Helpful" if this post has answered the question

• How set  UserName and Password for HTTP Basic Authentication for a servlet

  Hi..
  How set UserName and Password for HTTP Basic Authentication for a servlet in JBoss server?
  Using Tomcat i can do it .(By setting roles in web.xml, and user credintails in tomcat-user.xml).
  But i dont know how do it in JBOSS..
  I am using Netbeans and Eclipse IDEs.. Can we do it by using them also!?
  Thank u

  Hi Raj,
  You can do this by creating a Login screen for the users and check the authentication of each user in PAI i.e. PROCESS AFTER INPUT.
  Store the user information in a database table and check the username and password when the user enters it.
  You can display password as *** also. For this double click on input box designed for password and goto Display tab. Select Invisible in the list and check it.
    CASE sy-ucomm.
      WHEN 'BACK'.
        LEAVE PROGRAM.
      WHEN <fcode for submit>.
        SELECT SINGLE uname pwd
         FROM <DB table>
         INTO (user, pass)
         WHERE username = user AND
                 password = passwd.
        IF sy-subrc = 0.
  <Go to next screen for further processing>
        ELSE.
  <Display Error message and exit>
        ENDIF.
    ENDCASE.
  Regards,
  Amit
  Message was edited by:
          Amit Kumar

• How to implement OData based BASIC Authentication using HTML, JavaScript for Mobile Apps using Apache Cordova/PhoneGap and datajs-1.1.1.js library

  Hello,
  I have an issue with OData based BASIC authentication for iOS App created using HTML, JavaScript, SAP UI5, OData and Apache Cordova/PhoneGap.
  Please check the post here http://scn.sap.com/thread/3527245
  Request you to kindly reply on the above given link.
  Thanks and Regards,
  Suraj Kumar

  Hello Prathik,
  The code which I am using for OData based BASIC Authentication, for my Mobile App is as below.
     var onSuccess = function(data) {
     alert("We are Through"); //Just to check that the OData request was sucessful
     var onError = function(err) {
     switch(err.response.statusCode) {  
     case 403 : {
     window.alert("Error Code - 403, Service unreachable ");
     break;
     case 401 : {
     window.alert("The credentials are incorrect or missing!");
     break;  
  // dataUserName and dataPassword are the two variables, in which I am storing my Username and Password, respectively.
     var connectionRequest = {
     requestUri: "ODATA SERVICE URL GOES HERE/",
     headers: { Authorization : 'Basic ' + Base64.encode(dataUsername + ":" + dataPassword) },
     method: "POST"
     OData.request( connectionRequest, onSuccess, onError);

• Iphone subscribed calendar - basic authentication, events and timezone

  hi,
  i'm attempting to use the subscribed calendar feature in iOS and having problems.
  1st issue: i've put an ics file that regularly gets updated on an at a web location that is basic authentication protected. Inside the subscribed Calendar settings there is a place to put username and password. When i click "Done" and iOS tries to verify the information, i get a popup saying "account requires a username and password"... I know basic authentication works and the username and password are correct because i've tested via browser and very simple passwords e.g. 123.
  2nd issue: I do work with people in other timezones and so i frequently get meeting requests from people in other timezones. In the ICS file i can see this information is published appropriately. e.g.
  DTSTART;TZID="Romance Standard Time":20110510T170000
  DTEND;TZID="Romance Standard Time":20110510T183000
  If I import this ics file into google calendar, the timezones are read appropriately and the meetings are scheduled accordingly. in the example above, the meeting shows up as being at 8am - 9:30am.
  on iOS the timezone is completely ignored. so i get the meeting showing up as 5pm - 6:30pm.
  I've tried fiddling with the "Time Zone support" option in settings, but this does nothing.
  Help on the issues above is greatly appreceiated. Personally I'm extremely frustrated with this.
  Thanks

  ...Thought I would keep alive the question about incorrect times for appointments created in other time zones on subscribed calendars. I believe this other thread -- https://discussions.apple.com/message/17318550#17318550 -- is asking about the same issue.
  I am experiencing the same issue, including the setting for Time Zone Support having no impact, with iOS 6.
  Any whiff of a solution yet?

• IIS Reverse Proxy and Basic Authentication

  Hi,
  we've currently put a WebAS 6.40 serving a BSP Application in our Appl-DMZ. For the access via Web the IIS Reverse Proxy is used, which works fine as long as you use a service for which a user is provided (in SICF). But if you don't provide a user in the service (in order to debug the BSP Application) you have to authenticate yourself using Basic Authentication (Browser Popup) which does not work (the popup returns and returns ...)
  I' ve browsed the forums and it seems that the IIS Reverse Proxy does not support (the forwarding) of Basic Authentication "requests".
  So my question, does someone exactly know if the IIS Reverse proxy supports Basic Authentication or not ?
  Thanks,
  Markus

  Hello Markus,
  1. have you checked out Alon Weinstein's Weblog <a href="/people/sap.user72/blog/2005/02/23/the-reverse-proxy-series--part-2-iis-as-a-reverse-proxy">The Reverse Proxy Series -- Part 2: IIS as a reverse-proxy</a>?
  2. Is the IIS a must? Can you give Apache or SAP Web Dispatcher a try. Prakash Singh wrote a Weblog <a href="/people/prakash.singh4/blog/2005/08/16/how-to-setup-webdispatcher-to-load-balance-portal-in-a-clustered-environment">How to setup webdispatcher to load balance portal in a clustered environment</a>.
  Regards
  Gregor