Basic Authentication with IISProxy?
hi,
is the IISProxy the appropriate tool for tunneling http-requests to http-servers behind a firewall (reverse proxy)?
i made it work with ep60. but accessing other http-servers with own mappings (for example <i>/tomcat/</i> directs to a tomcat server) fails.
problems I'm facing:
1. basic authentication is not transmitted to the http-server (e.g. tomcat). the logon-box pops up, but the data doesn't seem to be transmitted through IIsProxy.
2. URLs created from other servers don't know that the IISProxy requires a special filter-string (again <i>/tomcat/</i>) when they create absolute links.
are there other / better reverse proxys (apache?) that can handle these things?
kr, achim
ps: what about the filter-element attributes <i>authentication="normal" remote-address="skip"</i>?
i haven't found any documentation about them, but they look like to be configured...
Message was edited by: Achim Hauck
After checking some more I was wrong (I got it confused with a Sap logon ticket plugin)
But in note 480520 it is described how to setup reverse proxy with apache. There is an attached document to the note which explains it.
Text of the note:
Symptom
How to integrate SAP J2EE Engine 6.20 with Apache Webserver
Reason and Prerequisites
SAP J2EE Engine 6.20 can be integrated with Apache Web Server,no plugin is needed. The same is valid for SAPJ2EE 610 or In-Q-My 427.
Solution
General Information on how to use the Apache Webserver in combination with the SAP J2EE Web Application Server :
1. You are permitted to use the Apache Webserver together with the SAP J2EE Web Application Server. In this way SAP guarantees continued support for the SAP Application.
2. Due to the high number of possible configurations and versions available, SAP can only provide some examples of possible configurations. These normally suffice to use the SAP Application.
3. You might need to contact consultants specialized in this area for error analysis and further configurations.
This consultation is not provided by SAP Support.SAP J2EE Engine (and its predecessor In-Q-My Application Server) can be integrated with Apache web server, no plugin is needed.
Please review the attached Configuration Guide in order to get some configuration examples using Reverse Proxy and/or URL Rewriting.
Btw, the major benefit of using IIS and IISproxy is that Integrated windows authentication is possible (SSO from OS)
Great idea to make a blog out of this.
Similar Messages
-
Configuring Basic Authentication with Username and password on BizTalk Schema Service
Hi,
I have published my schema as a webservice with WCF-BASICHTTP adapter in IIS 8.0.
I wanted to have a Basic Authentication(User name and password restriction).
I made the Receive location with Security mode as Transport and Transport Client Crediential Type as Basic.
I also set the Service in IIS with Basic Authentication only enabled.
But I don't know how to provide a UserName and Password Authentication.
Please provide your suggestions
Regards, Vignesh SHi,
Try & go through the below MSDN link as it explains configuring WCF BasicHttp adapter very well.
http://msdn.microsoft.com/en-us/library/bb246064(v=bts.80).aspx
HTH,
Sumit
Sumit Verma - MCTS BizTalk 2006/2010 - Please indicate "Mark as Answer" or "Mark as Helpful" if this post has answered the question -
Basic Authentication with Web Service
Hello,
I am running S1AS7 on window XP. I have deployed the sample/jaxrpc/simple with basic authentication enabled. I have also changed to Client.java to set the USERNAME and PASSWORD (ie: stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY, "j2ee");
Once I have deployed the war file and run the client, I got access denied exception.
I have checked the s1as7 log and here is the details:
FINE: Logging in user [j2ee] into realm: file using JAAS module: fileRealm
FINEST: Login module initialized: class com.iplanet.ias.security.auth.login.File
LoginModule
FINEST: File login succeeded for: j2ee
FINEST: JAAS login complete.
FINEST: JAAS authentication committed.
FINE: Password login succeeded for : j2ee
FINE: Set security context as user: j2ee
FINE: Authenticator[jaxrpc-simple]: Authenticated 'j2ee' with type 'BASIC'
FINE: SingleSignOn[server1]: Registering sso id '193F1461E0D9B982E6B4055C0134076
9' for user 'j2ee' with auth type 'BASIC'
FINE: Authenticator[jaxrpc-simple]: Calling accessControl()
FINEST: PRINCIPAL : j2ee hasRole?: staffmember
FINEST: PRINCIPAL TABLE: {}
FINE: Authenticator[jaxrpc-simple]: Failed accessControl() test
Please notice that the authentication worked, but the PRINCIPAL TABLE is null!!!! If I run the basic authentication sample, i can see from the log the PRINCIPAL TABLE is (...staff=[staffmember], j2ee=[staffmember],.....)
so somehow the app server treats the two sample differently with the same user id (j2ee/password)
any comments?
thanks..Hello,
I am running S1AS7 on window XP. I have deployed the
sample/jaxrpc/simple with basic authentication
enabled. I have also changed to Client.java to set
the USERNAME and PASSWORD (ie:
stub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY
"j2ee");
Once I have deployed the war file and run the client,
I got access denied exception.
I have checked the s1as7 log and here is the
details:
FINE: Logging in user [j2ee] into realm: file using
JAAS module: fileRealm
FINEST: Login module initialized: class
com.iplanet.ias.security.auth.login.File
LoginModule
FINEST: File login succeeded for: j2ee
FINEST: JAAS login complete.
FINEST: JAAS authentication committed.
FINE: Password login succeeded for : j2ee
FINE: Set security context as user: j2ee
FINE: Authenticator[jaxrpc-simple]: Authenticated
'j2ee' with type 'BASIC'
FINE: SingleSignOn[server1]: Registering sso id
'193F1461E0D9B982E6B4055C0134076
9' for user 'j2ee' with auth type 'BASIC'
FINE: Authenticator[jaxrpc-simple]: Calling
accessControl()
FINEST: PRINCIPAL : j2ee hasRole?: staffmember
FINEST: PRINCIPAL TABLE: {}
FINE: Authenticator[jaxrpc-simple]: Failed
accessControl() test
Please notice that the authentication worked, but the
PRINCIPAL TABLE is null!!!! If I run the basic
authentication sample, i can see from the log the
PRINCIPAL TABLE is (...staff=[staffmember],
j2ee=[staffmember],.....)
so somehow the app server treats the two sample
differently with the same user id (j2ee/password)
any comments?
thanks..
One more thing, here is my web.xml file:
<web-app>
<display-name>Hello World Application</display-name>
<description>A web application containing a simple JAX-RPC endpoint</description>
<session-config>
<session-timeout>60</session-timeout>
</session-config>
<security-constraint>
<web-resource-collection>
<web-resource-name>basic secuity test</web-resource-name>
<url-pattern>/*</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>staffmember</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>basic-file</realm-name>
</login-config>
</web-app> -
Why do you need to enable http communication with Basic authentication with Exchange Admin IP?
The pre-reqs for the Exchange Admin IP say you have to make a few changes on your Exchange server (2010 on prem in my case). I have a few questions about those pre-reqs and I'm not able to find documentation online to help:
Why does http communication with basic authentication for the powershell virtual directory in IIS need to be enabled? In the IP you still specify to connect over an SSL connection. The concern is what is being sent over unencrypted and what impacts are
there to the security of the Exchange server.
What role does the IP connect to (MBX/CAS/HT)? I'm not an Exchange guy so I don't know which roles install the PowerShell virtual directory.
Are there any technet pages or white papers that talk about the MS developed IPs in any more detail than basic config?
I appreciate any help anyone can offer. Thanks!
-RajYeah I find this perplexing as well. I'm guessing it has something to do with Opalis origins perhaps.
Would be good to understand why. -
Pleeeaaseeee Help - Basic authentication with Servlet
All,
A user from my site is allowed to access another site that requires Basic Authentication(apache). This is what I have done in my servlet, but does not work:
String userpwd = "username:pwd";
response.setHeader("Authorization", "Basic " + userpwd);
response.sendRedirect("http://155......." + "username=" + userID);
Both IE and netscape browsers still prompt for username and pwd window. Is this correct???
--KawtharI'm assuming that you are attempting to bypass the sign-on prompt from the other site. What you will have to do is access the other site from within your servlet and foward the content to the user. In other words, you would be setting your servlet(s) up as a proxy. This can become rather complex as you may run into the need to handle cookies and such from your servlet. Another alternative, if you can modify the remote site, is to set up the other site to accept some sort of keyword or password that your servlet can include in the URL string which would bypass the initial signon.
-
Basic authentication with sendRedirect doesn't work
Hello from the school of hard knocks:
Following is my web.xml file. It doesn't ask for a username/password but instead gives a "Page not found 404" error. Behind the scenes the unauthorized page is being accessed via sendRedirect(). If I take out the unauthorized page URL in the web.xml and use in-page authentication (see code below), then the browser prompts 3 times and gives the access anyway!!! This is absolutely ridiculous for Tomcat 4.1.29. Can anyone help me out?
<code to force authentication in page gleaned from a thread in this form >
response.setStatus(response.SC_UNAUTHORIZED);
response.setHeader("WWW-Authenticate", "BASIC realm=\"tomcat\"");
<web.xml as prescribed by Martin Bond and Debbie Law in Tomcat - KickStart -- should have been kick in the ass >
<?xml version="1.0" encoding="ISO-8859-1"?>
<!DOCTYPE web-app
PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
"http://java.sun.com/dtd/web-app_2_3.dtd">
<web-app>
<servlet>
<servlet-name>CewolfServlet</servlet-name>
<servlet-class>de.laures.cewolf.CewolfRenderer</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>CewolfServlet</servlet-name>
<url-pattern>/cewolf/*</url-pattern>
</servlet-mapping>
<error-page>
<error-code>401</error-code>
<location>/trnkxref/*</location>
</error-page>
<security-constraint>
<display-name> Web App Access Control - Administrators </display-name>
<web-resource-collection>
<web-resource-name> Administration </web-resource-name>
<url-pattern>/trnkxref/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<role-name> administrator </role-name>
<role-name> patron </role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee> NONE </transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method> BASIC </auth-method>
<realm-name>tomcat </realm-name>
</login-config>
</web-app>Found this in the logs. What does it mean? tomcat-users.xml appended below. Has anyone been reading this lameass thread?
WARNING: Security role name patron used in
an <auth-constraint> without being defined in a <security-role>
tomcat-users.xml:
<?xml version='1.0' encoding='utf-8'?>
<tomcat-users>
<role rolename="patron"/>
<role rolename="administrator"/>
<role rolename="manager"/>
<user username="ldp" password="hello" roles="administrator,patron"/>
</tomcat-users>
~ -
BASIC authentication with J2EE 1.4
I want to change the hello1 example so only the user "user_one" can access the greeting servlet.
How do I add a user (user_one) to the realm?
How can I control the title for the realm i the dialogbox which pops up?
At this time the dialogbox does popup but I cannot get access and it doesn't have a udefull title.
web.xml:
?xml version='1.0' encoding='UTF-8'?> <web-app ������version="2.4" ������xmlns="http://java.sun.com/xml/ns/j2ee" ������xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" ������xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd" ������> ���<display-name>hello1Display</display-name>
<servlet>
<display-name>ResponseServlet</display-name>
<servlet-name>ResponseServlet</servlet-name>
<servlet-class>ResponseServlet</servlet-class>
</servlet>
<servlet>
<display-name>GreetingServlet</display-name>
<servlet-name>GreetingServlet</servlet-name>
<servlet-class>GreetingServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>ResponseServlet</servlet-name>
<url-pattern>/response</url-pattern>
</servlet-mapping>
<servlet-mapping>
<servlet-name>GreetingServlet</servlet-name>
<url-pattern>/greeting</url-pattern>
</servlet-mapping>
<security-constraint>
<display-name>SecurityConstraint</display-name>
<web-resource-collection>
<web-resource-name>WRCollection</web-resource-name>
<url-pattern>/greeting</url-pattern>
<http-method>POST</http-method>
<http-method>GET</http-method>
<http-method>PUT</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>smart</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>NONE</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
</login-config>
<security-role>
<role-name>normuser</role-name>
</security-role>
<security-role>
<role-name>smart</role-name>
</security-role>
</web-app>
sun-web.xml:
<?xml�version="1.0"�encoding="UTF-8"?> <!DOCTYPE�sun-web-app�PUBLIC�"-//Sun�Microsystems,�Inc.//DTD�Sun�ONE�Application�Server�8.0�Servlet�2.4//EN"�"http://www.sun.com/software/sunone/appserver/dtds/sun-web-app_2_4-0.dtd"> <sun-web-app>
<context-root>/hello1con</context-root>
<security-role-mapping>
<role-name>smart</role-name>
<principal-name>user_one</principal-name>
<group-name>users</group-name>
</security-role-mapping>
<cache enabled="false" max-entries="4096" timeout-in-seconds="30">
<default-helper/>
</cache>
</sun-web-app>Anyone ever see this? I believed it is tied to the roles in the web.xml file for the application description. How do I pass this authentication? What should the web.xml for the sample application look like?
Thanks,
INFO: SEC5046: Audit: Authentication refused for [j2ee].
FINEST: Web login failed: Login failed: javax.security.auth.login.LoginException
: java.lang.NullPointerException
at java.util.ResourceBundle.getBundleImpl(ResourceBundle.java:679) -
Calling Web Service with Http Basic authentication in SOA 11g
I am calling a webservice which has http basic authentication attached to it. Thus i am adding 'oracle/wss_http_token_client_policy' OWSM policy to the WS refrence in my composite in Jdeveloper,but it doesn't showme the option of providing the http Username and http Password. The only key it is showing me is cf.key.
Am i missing some steps?
Please let me know.
Note - I am working on SOA 11.1.1.4.
Regards
AyushHi Ayush,
Please refer -
http://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
Regards,
Anuj -
Integrated Windows Authentication with a WebSphere Cliente
Hi all,
I need to write a web service client that connects to a .NET Web Service that is configured to use Integrated Windows Authentication (NTLM).
I'm using the IBM WebSphere Runtime environment for the client and using the web service client wizard in the RSD 6.0.1.
When I try to call a method in the .NET web service, I get the error shown below. If I configure the .NET web service to permit Anonymous Access, my client works fine.
Does anybody know if the WebSphere web services engine supports Integrated Windows Authentication? If so, how can I configure my cliente to pass my credentials? Do people use this type of authentication if the web service will be called by non Windows clientes or is it better to use Basic Authentication with HTTPS or digital certificates?
I've read that Apache Axis can be configured to use integrated windows authentication (http://people.etango.com/~markm/archives/2005/11/21/using_apache_axis_with_integrated_windows_security.html) by using a different HTTP transport class (CommonsHTTPSender).
Thanks in advance!
Craig
[14/06/06 10:06:56:805 GMT-03:00] 00000031 enterprise I WSWS3243I: Info: Mapping Exception to WebServicesFault.
[14/06/06 10:06:56:821 GMT-03:00] 00000031 enterprise I TRAS0014I: The following exception was logged WebServicesFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultString: java.lang.StringIndexOutOfBoundsException
faultActor: null
faultDetail:
java.lang.StringIndexOutOfBoundsException
at com.ibm.ws.webservices.engine.WebServicesFault.makeFault(WebServicesFault.java:179)
at com.ibm.ws.webservices.engine.transport.http.HTTPSender.invoke(HTTPSender.java:490)
at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:218)
at com.ibm.ws.webservices.engine.PivotHandlerWrapper.invoke(PivotHandlerWrapper.java:218)
at com.ibm.ws.webservices.engine.WebServicesEngine.invoke(WebServicesEngine.java:274)
at com.ibm.ws.webservices.engine.client.Connection.invokeEngineHere's a project ( [http://spnego.sourceforge.net/protected_soap_service.html|http://spnego.sourceforge.net/protected_soap_service.html] ) that shows how to write a soap client that can connect to a soap web service with integrated windows authentication turned on.
-
Basic authentication of a WebService -- Possible?
Hi All,
I have a web service that's defined like this:
<mx:Webservice wsdl="
http://username:password@intranet/webservices/myservice.asmx?WSDL"
/>
username and password are replace with the username and
password used by IIS's basic authentication subsystem to restrict
access to the web service.
This seems to work just fine in Opera and Firefox, but in IE,
it just hands. No fault or anything, it just hangs there, waiting
for the WSDL to load.
I've only tested in IE6, I'm not sure if it does the same in
IE7.
Is this a bug in Flex/Flash, a bug in IE, or something else
entirely? Is there a different way to do basic authentication with
web services?
-JoshI'd use an HTTP sniffer to see if you can glean any more info
about what exactly is going over the wire and what might be
different in the MSIE case. -
Basic Authentication in Mediator
Hi ,
I am exposing an webservice via Mediator <-->BPEL .I need to do an Basic Authentication for the incoming request and after authentcating need to pass the autheticated crednetilas back to BPEL .
Can any one please guide me .
Regards ,
Nagakiran E.Vhttp://biemond.blogspot.com/2010/08/http-basic-authentication-with-soa.html
hope this should help -
How to single sign on with webApplication with Basic Authenticated in IIS
Dear Sir,
Our server is EP6 SP14, we will link iview with BW URL which using basic authen in IIS. . Please kindly advise howto single sign on with webApplication with Basic Authenticated in IIS
Thank you and best regards,
VimolAre you sure the BW is using IIS? Most recent versions are using ABAP style authentication. What version are you running?
You may want to investigate IISProxy - it's no longer supported, but it might help you out. It basically takes an SSO cookie and allows IIS to "know" who the user is.
Cheers -
Web Service Call with Basic Authentication does not work
If I try to use Basic Authentication in my Web Service Client with the automatically created methods
setUsername(inUserName)
setPassword(inPassword)
setAddress(inAddress)
the application does not make a call. Did I forget something?
Is it possible to use "Test Method" with Basic Authentication?
Thank you.Thank you for your answer.
But: I already read this article. And it doesn't help me.
I use the following code:
getMyServiceClient1().setUsername(inUserName);
getMyServiceClient1().setPassword(inPassword);With this code I always get a java.lang.NullPointerException.
The methods setUsername and setPassword are definded as follows:
public void setUsername(String inUserName) {
myStub._setProperty(Stub.USERNAME_PROPERTY, inUserName);
public void setPassword(String inPassword) {
myStub._setProperty(Stub.PASSWORD_PROPERTY, inPassword);
}But if I look at the methods which are generated automatically by Sun Java Studio Creator I cannot find _setProperty.
I also found this thread in your forum:
http://swforum.sun.com/jive/thread.jspa?forumID=123&threadID=54773 -
How do I protect my JNLP, my JARs etc. (with Basic Authentication)???
hi all,
i know that there is a FAQ ( [see here|http://lopica.sourceforge.net/faq.html#obfuscate] ) answering a related question with "You can use an obfuscator...". ok, but is there really no other solution?
this is the simplified folder structure of my application on the server:
[application]
[etc]
xyz.xml
[jars]
myapp.jar
launch.jnlp
website.jsp
initial start and basic authentication:*
my first idea was to secure everything underneath "application" with basic authentication via my web.xml (yes, i'm aware of the security concerns). this means everybody can access my website (here: website.jsp) which contains a start button that links to "launch.jnlp". as soon as the user clicks on it, the browser opens its standard authentication dialog since launch.jsp is in a protected area. after entering the correct credentials the jnlp-file is downloaded and java web start takes over control. first of all it seems as it tries to access the same jnlp-file again (??? --> probably in order to check for changes in the jnlp file --> this is certainly not the case for the initial startup) and then wants to download the relevant jar (myapp.jar). because both resources are protected jws opens its own basic authentication dialog where i have to enter the same credentials the second time. as far as i know, there is no solution to pass the credentials between the browser and the jvm.
second start and basic authentication:*
if the user starts my application for the 2nd, 3rd, ... time via desktop-link (set in jnlp-file) there is no need for accessing my website with a browser. therefore only the authentication dialog of jws gets displayed. so far, so good!
and now the actual problem:*
during runtime my application (signed with verisign certificate and having all permissions) uses commons-vfs and commons-httpclient to access resources on the same server (e.g. etc/xyz.xml). since they're underneath the protected "application" directory as well, my application needs the same credentials the user already entered in the authentication dialog of jws. now i could retrieve these credentials by calling Authenticator.requestPasswordAuthentication() within my application and passing them to vfs and httpclient. however, doing so opens up jws' authentication dialog again. grrr!!! is there a way to prevent this?
related thougts:*
i know i could disable jws' default Authenticatior and set my own Authenticator which might be able to return already entered credentials without opening the dialog a second time. however, it seems that even with <property name="javaws.cfg.jauthenticator" value="none" /> jws still opens its own dialog when acessing the JNLP file and the relevant JARs during the startup/download phase. of course, who else if not jws could handle that phase? my application might not even be downloaded at this point. so i guess setting my own Authenticator would not be a solution either (at least not if i want to secure my jnlp and my jars, too). quite the contrary, it would have to open another dialog... :-(
my current solution:*
for the moment i use jws' default Authenticatior which allows me to easily protect all my stuff on the server side (jnlp, jar, etc). i can live with the two login dialogs at the initial startup. and instead of querying the credentials from jws' default Authenticatior at runtime, i set two system properties for username and password in the (protected) jnlp-file, query them at runtime and hand it to vfs and httpclient. this prevents the 2nd (or 3rd) dialog but is definitely not a great solution. most of all i'm not happy with the fact that this somehow "destroys" the container-based security advantage of easily configuring authorized users via a separate mechanism e.g. tomcat-users.xml. now there has to be one master-password that has to be set in the jnlp-file! grrr!
a possible alternative:*
i'm not sure but would it be better to secure everything with form-based authentication on the website, and dynamically generate username and password into the jnlp-file? but what happens when the admin changes the password on the server and the user starts its application via desktop-link??? in case of basic authentication i think jws would popup the login dialog again. however, if i use the old username and password generated into the jnlp it won't work. i think the user then has to access the website again. this is not good at all! :-(
the only real solution:*
should i write a small application which can be downloaded by everybody and on startup queries the user's credentials, validates them with the help of our server, and uses the javax.jnlp-api to download the secured JARs of my real application? this seems so much overkill! does anybody have experiences with this approach? how difficult is it to implement the whole download/update stuff with javax.jnlp?
WHAT HAVE I MISSED???
AM I COMPLETELY WRONG???
WHAT IS THE EASIEST WAY???
AND WHAT IS THE BEST WAY???
thank you so much,
stephanNot sure, whether I understood correctly, what you wanna do - but up to now I can't see any problem.
if you have a structure like this:
/ctxroot/
launch.jnlp
/app/
*.jar
*.whateveryou may use in your web.xml:
<servlet>
<servlet-name>JnlpDownloadServlet</servlet-name>
<servlet-class>jnlp.sample.servlet.JnlpDownloadServlet</servlet-class>
</servlet>
<servlet-mapping>
<servlet-name>JnlpDownloadServlet</servlet-name>
<url-pattern>*.jnlp</url-pattern>
<url-pattern>/app/*</url-pattern>
</servlet-mapping>
<security-constraint>
<web-resource-collection>
<web-resource-name>Application</web-resource-name>
<url-pattern>/app/*</url-pattern>
<http-method>GET</http-method>
<http-method>POST</http-method>
</web-resource-collection>
<auth-constraint>
<role-name>bla</role-name>
<role-name>fahsel</role-name>
</auth-constraint>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<security-constraint>
<web-resource-collection>
<web-resource-name>Subscription</web-resource-name>
<url-pattern>*.jnlp</url-pattern>
</web-resource-collection>
<user-data-constraint>
<transport-guarantee>CONFIDENTIAL</transport-guarantee>
</user-data-constraint>
</security-constraint>
<login-config>
<auth-method>BASIC</auth-method>
<realm-name>whatever-realm</realm-name>
</login-config>
<security-role><role-name>bla</role-name></security-role>
<security-role><role-name>fahsel</role-name></security-role>
...Than you may use the Service stuff like:
BasicService bs = (BasicService)ServiceManager.lookup("javax.jnlp.BasicService");
URL codeBase = bs.getCodeBase();
URL pu = new URL(codeBase.toString() + "whatever.bla");
HttpURLConnection res = (HttpURLConnection) pu.openConnection();
res.setInstanceFollowRedirects(true);
res.setRequestMethod("GET");
res.setConnectTimeout(10 * 60 * 1000);
res.connect();
String enc = res.getContentType();
...Where is the problem? If you wanna intercept certain "calls" to an app resource, just use a filter, which decides, whether to answer the request directly by itself or to pass it to the JnlpDownloadServlet ... -
Invoking an external web service through a JCD with Basic Authentication
Group,
I am trying to invoke an external web service (written in ASP.Net) from a jcd (5.1.2). The web service is guarded by Basic Authentication. I have entered the crudentials into the External Web service environment component and deployed the project. I receive the following error from the .invoke() method:
request requires HTTP authentication: Unauthorized
I have tried the same request through SoapUI using the same crudentials and get back the response correctly. Has anyone tried invoking an external web service with basic authentication through a jcd in 5.1.2 before?
One other item of note. I have another jcd calling a different external web service deployed on the same domain. I hope that this isn't interfering with the execution of this service as it doesn't require any crudentials to execute.Hey Chris.
I am just starting to write a jcd that calls an external web service but cannot find any sample code nor instructions on how to do it in the supplied documentation. Could you send me a code sample from your one?
Cheers
Matt
Maybe you are looking for
-
[PI 7.11 SP3] PI components not correctly registering themselves after AS restart
Hi Experts, We have planned a system backup shutdown and restart every night for our PI environment. In a random manner, some PI components as XI AF or Integration Directory are not correctly registered to SLD after that restart : for example, Integr
-
I also notice when using a search from the tab on the far right say where Google is that I does not begin a search. When I use a secure email program the normal new window or tab that would open to type the message opens but remains blank. and will n
-
Sales Order - Item Availability Check
Hi All, Currently I am doing some integration work between SAP B1 and another ERP system. The inventory data is maintained in the other ERP system and not in SAP B1. When I create a Sales Order in SAP B1, I need to replace SAP B1's default Item Avai
-
Is anybody else "bugged" by the side effects of Maverick?
slow page loads? weird things like being unable to create mailboxes?
-
I need an app or other method to preserve and restore my text message conversations which will be erased during a battery repair on my iPhone 5.