Digest authentication for webservices

Similar Messages

• OSB: HTTP digest authentication for WebServices

  Hi,
  How do I configure HTTP digest authentication for WebServices offered by the OSB (Proxy Services with WS as transport)?
  Best regards
  Dimo

  Did you figure out how to do it.?

• Authentication for Webservice

  Hi All,
  I have exposed my outbound interface as a webservice sucessfully
  But the problem is I need to provide a User Id  to contact XI SOAP adapter. I dont require any authentication for this webservice client. How can I disable the authentication check for this particular webservice.
  I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?
  Regards,
  Jai Shankar

  Jai,
  ><i>How can I disable the authentication check for this particular webservice.</i>
  Check this thread. But this will turn of Authentication for all SOAP Sender Adapters.
  User Names and Passwords in SOAP adapter
  ><i>I have seen some forum posts, which suggested me to make some modification in web.xml which will disable auth for all webservices. Is it possible for me to disable the authentication check only for this particular webservice?</i>
  Its either for all SOAP adapters or for none . there is no middle ground.
  Better way is to use Access Control List.
  Regards
  Bhavesh

• Regarding Kerberos authentication for webservices.

  Hi,
        I need to use kerberos authentication for my receiver webservice.  I am working in PI7.1 . Which adapter I can use for this ( WS-RM adapter or SOAP adapter) and How to configure it for kerberos. I mean, which value of authentication parameter refers to kerberos authentication.
  Regards,
  Reyaz hussain

  Hi Reyaz,
  To tell you frankly i never come across this kerberos protocol but since you would like to use there is certainly a chance after the launch of PI 7.1. The launch has Opened the Door to the World of Web Services Reliable Messaging.  "The Integration Directory enables you to easily configure scenarios where the Integration Server acts as a message hub between WS-RM-enabled applications and any other application or technical system. Thus, you can configure scenarios where either a Web Service client calls the Integration Server and the message is then routed to any other application, or the other way around where any application calls a Web Service provider via the Integration Server. In the Integration Directory you can do the complete configuration of the Integration Server inbound or outbound processing."
  https://www.sdn.sap.com/irj/scn/wiki?path=/display/profile/2007/07/25/new+news&focusedcommentid=44360
  Regards
  joel

• User authentication for webservices

  Hi,
  I am using Oracle R12.
  I want to know how oracle handles user authentication when calling custom APIs through Integrated SOA Gateway.
  I know that we are using security headers to do this.  The header part is given below.
     <soapenv:Header>
       <xx:SOAHeader>
          <xx:Responsibility>INVENTORY_VISION_OPERATIONS</xx:Responsibility>
          <xx:RespApplication>INV</xx:RespApplication>
          <xx:SecurityGroup>STANDARD</xx:SecurityGroup>
          <xx:NLSLanguage>AMERICAN</xx:NLSLanguage>
          <xx:Org_Id>204</xx:Org_Id>
       </xx:SOAHeader>
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
          <wsse:UsernameToken wsu:Id="UsernameToken-1">
             <wsse:Username>uname</wsse:Username>
             <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
             <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">rerr6et6eHFV</wsse:Nonce>
             <wsu:Created>2013-02-13T08:58:50.649Z</wsu:Created>
          </wsse:UsernameToken>
       </wsse:Security>
    </soapenv:Header>
  But when a person is simply logging in to the application how can we choose a responsibility without know what responsibilities a person has?
  The  <xx:SOAHeader></xx:SOAHeader> is not mandatory. So can i simply not pass this header? Or is there a default responsibility that can be specified for all users?
  Also in what scenarios is the <wsse:Security> header not required? I recently checked and found that even without providing the Security header, it is possible to execute service in ISG. Hence the question.
  Thanks,
  Anoop

  Hi,
  Ok, so you want to know for an user , what responsibility you should use in order to be able to perform the invocation?
  Here is an example for Sysadmin user
  Select usr.user_name,usr.user_id, resp.RESPONSIBILITY_NAME ,
  resp.RESPONSIBILITY_KEY, grp.SECURITY_GROUP_KEY, grp.SECURITY_GROUP_ID,
  APP.APPLICATION_SHORT_NAME ,APP.APPLICATION_ID
  From FND_USER_RESP_GROUPS furg, FND_USER usr, fnd_responsibility_vl
  resp,FND_SECURITY_GROUPS grp,FND_APPLICATION APP
  where furg.user_id=usr.user_id
  and furg.RESPONSIBILITY_ID=resp.RESPONSIBILITY_ID
  and furg.SECURITY_GROUP_ID=grp.SECURITY_GROUP_ID
  and furg.RESPONSIBILITY_APPLICATION_ID=APP.APPLICATION_ID
  and usr.user_name='SYSADMIN'
  regards
  Mihai

• Digest Authentication with OC4J standalone

  Hi,
  I am using oc4j 9.0.3 standalone web container . I used axis application as soap engine for deploying a web service in the oc4j . I want to implement HTTP digest authentication for my webservice.
  I am forced to use the same verison of OC4J due to some reasons. Could anyone help me in knowing the procedure for the HTTP digest authentication implementation using oc4j903 asap.
  Advance thanks for help

  could anyone please reply to this thread asap

• Httpurlconnection digest authentication

  We have an applet which runs after requesting a page from an http server. This applet then makes thousands of http requests (SOAP) to the same server. Our problem is that when we set the server to require digest authentication for the soap service, the httpurlconnection is sending the soap request, getting back an unauthorized, then sending the auth information with the next request. So every request is getting huge overhead, 2 round trips, when it should be 1. For the first request, java vm pops up its little window and asks for credentials, then for the rest of the requests it uses those same credentials, but does not automatically send them until the server requests them. How can I set it so that for each request, it automatically sends the credentials with the cnonce, instead of sending no credentials, getting an unauthorized reply, then sending again with the credentials? I tried System.setProperty("http.auth.digest.validateServer", "true");, but that did not change anything. All help is appreciated.

  A brute-force way I have discovered is to clear out the entire AuthCacheValue map:
  AuthCacheValue.setAuthCache(new AuthCacheImpl());
  However, both AuthCacheValue and AuthCacheImpl are part of the sun.net.www.* classes, so this method would be very fragile and raises issues of incompatibility.

• Logical Port for Digest Authentication

  Hello,
  I want to connect to a webservice which is running at an IIS with Digest Authentication. I created a Consumer Proxy and added a Logical Port in SAO Management (Java-Stack) to this Consumer Proxy, but I can't find a digest authetification in Configuration of the Logical Port. Is it possible to connect from a SAP System to a webservice with Digest Authentification?
  Thanks and best regards
  Iris

  Hello Gourav,
  Thank you for your answer.
  I tried to create a Logical Port with HTTP Access to the WSDL, but the WSDl needs digest authetication as well. So I get the error
  Error: Error in WSDL access: Exception occurred in communication framework:Error in HTTP Framework:401Unauthorizedhttps://itnts2371/SecurityWebService.asmx?WSDL
  though I logged in with right credentials.
  Then I tried to read the WSDl from a file then, but I get the error
  Error: Error in WSDL parsing: Exception occurred in library handler
  So I created a manual Logical Port for SSL-Access. I get only "User ID/Password" and "SAP Authenticatoin Assertion Ticket", but no "Digest Authentication". "User ID/Password" doesn't work, I get a dialog to put in User ID and password, but I'm never authorized.
  Any other suggestions?
  Thanks
  With best regards
  Iris

• How to apply Authentication for a webservice getting SOAPFaultException :(

  Hi ,
  I am working with weblogic 10.1.3 and running build.xml in eclipse for EE
  I would like to know the steps to include security parameters to authenticate with weblogic server and call webservice
  I have written a build.xml that takes input as wsdl , When I run the build.xml it generates
  all the necessary stubs and interfaces
  I have written a main program that imports generated classes and invoke the webservice method
  below are buidl.xml and two classes( main program and one java class) which I used to invoke webservice
  Build.xml
  =====
  <project name="webservices-simple_client" default="all">
  <!-- set global properties for this -->
  <property name="wls.hostname" value="localhost" />
  <property name="wls.port" value="8002" />
  <property name="example-output" value="output" />
  <property name="clientclass-dir" value="${example-output}/srcclasses" />
  <property name="clientclassfiles-dir" value="${example-output}/classfiles" />
  <path id="client.class.path">
  <pathelement path="${clientclass-dir}" />
  <pathelement path="${java.class.path}" />
  </path>
  <taskdef name="clientgen" classname="weblogic.wsee.tools.anttasks.ClientGenTask" />
  <target name="clean">
  <delete dir="${clientclass-dir}" />
  <delete dir="../src/com/bea/wlcp/wlng/ws/presence" />
  <delete dir="../src/org/csapi/schema/paralyx/common/v2_1" />
  <delete dir="../src/org/csapi/schema/paralyx/presence/consumer/v2_3/local" />
  <delete dir="../src/org/csapi/schema/parlayx/presence/v2_3" />
  <echo message="Cleaning Completed" />
  </target>
  <target name="build-client">
  <clientgen wsdl="http://${wls.hostname}:${wls.port}/parlayx21/presence/PresenceConsumer?WSDL" destdir="${clientclass-dir}" generatepolicymethods="true" packageName="com.bea.wlcp.wlng.ws.presence" />
  <javac srcdir="${clientclass-dir}" destdir="${clientclassfiles-dir}" includes="*/.java" />
  <copy overwrite="true" todir="../src">
  <fileset dir="${clientclass-dir}" />
  </copy>
  <copy overwrite="true" todir="../src">
  <fileset dir="${clientclassfiles-dir}" />
  </copy>
  <delete dir="${clientclass-dir}" />
  <delete dir="${clientclassfiles-dir}" />
  <echo message="Building Completed" />
  </target>
  <target name="all" depends="clean,build-client" />
  </project>
  ======================================================
  import java.net.URI;
  import javax.xml.rpc.Stub;
  import javax.xml.ws.BindingProvider;
  import java.net.Proxy;
  import java.net.InetSocketAddress;
  import java.util.ArrayList;
  import java.util.List;
  import weblogic.webservice.wsdl.WsdlPort;
  import weblogic.wsee.connection.transport.http.HttpTransportInfo;
  import weblogic.wsee.jaxrpc.ServiceImpl;
  import org.csapi.schema.parlayx.common.v2_1.PolicyException;
  import org.csapi.schema.parlayx.common.v2_1.SimpleReference;
  import org.csapi.schema.parlayx.presence.consumer.v2_3.local.SubscribePresence;
  import org.csapi.schema.parlayx.presence.consumer.v2_3.local.SubscribePresenceResponse;
  import com.bea.wlcp.wlng.et.core.module.session_manager.GTUsernameTokenPolicy;
  import com.bea.wlcp.wlng.et.core.module.session_manager.SessionManagerService_Impl;
  import com.bea.wlcp.wlng.ws.presence.PresenceConsumer;
  import com.bea.wlcp.wlng.ws.presence.PresenceConsumerService_Impl;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManager;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManagerService;
  import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
  import weblogic.xml.crypto.wss.WSSecurityContext;
  import weblogic.xml.crypto.wss.provider.CredentialProvider;
  @SuppressWarnings("deprecation")
  public class Main {
  @SuppressWarnings("unchecked")
  public static void main(String[] args) throws javax.xml.rpc.ServiceException,PolicyException{
  try{
  /*PresenceConsumerService_Impl pcs_impl = new PresenceConsumerService_Impl("http://localhost:8002/parlayx21/presence/PresenceConsumer?WSDL");
  PresenceConsumer pc = (PresenceConsumer) pcs_impl.getPresenceConsumer();
  UserCredentialsvalidation gt = new UserCredentialsvalidation("sdpai","sdp");*/
  SimpleReference rf = new SimpleReference();
  rf.setCorrelator("correlatorid");
  rf.setEndpoint(URI.create("http://localhost:8002/PresenceConsumerService/services/PresenceConsumer"));
  rf.setInterfaceName("PresenceConsumer");
  SubscribePresence sb = new SubscribePresence();
  sb.setApplication("sdp");
  sb.setPresentity(URI.create("tel:1234"));
  sb.setReference(rf);
  System.out.println(" Before calling subscribe presence ==" );
  //SubscribePresenceResponse spr = pc.subscribePresence(sb);
  System.out.println(" Hi There here 2226678565");
  System.out.println(" Hi There here 333");
  //raja
  String strUrl = "http://localhost:8002/parlayx21/presence/PresenceConsumer?WSDL";
  Stub objStub = (Stub) new PresenceConsumerService_Impl().getPresenceConsumer();
  objStub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY,"sdpai");
  objStub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY,"sdp");
  objStub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,strUrl);
  PresenceConsumer port = (PresenceConsumer) objStub;
  String returnVal = "";
  System.out.println(" Hi There here 77");
  SubscribePresenceResponse spr = port.subscribePresence(sb);
  System.out.println(spr);
  //ended here
  catch(Exception e)
  e.printStackTrace();
  =======================================
  UserCredentialsvalidation.java
  import com.bea.wlcp.wlng.et.core.module.session_manager.SessionManagerService_Impl;
  import com.bea.wlcp.wlng.schema.ews.common.ServiceException;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManager;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManagerService;
  import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
  import javax.xml.rpc.Stub;
  import java.util.ArrayList;
  import java.util.List;
  public class UserCredentialsvalidation implements PolicyBase {
  private String username;
  private String password;
  public UserCredentialsvalidation(String username, String password) {
  this.username = username;
  this.password = password;
  String sessionManagerURL="http://localhost:8002/session_manager/SessionManager";
  SessionManagerService accessservice = null;
  try {
  accessservice = (SessionManagerService) new SessionManagerService_Impl(sessionManagerURL+"?WSDL");
  SessionManager port = accessservice.getSessionManager();
  System.out.println(" port >>>>>");
  System.out.println(" port >>>>>" +port);
  UserCredentialsvalidation pbase = new UserCredentialsvalidation();
  pbase.prepareStub((Stub)port,username,password);
  } catch (Exception e) {
  System.out.println(" helo helo");
  // TODO Auto-generated catch block
  e.printStackTrace();
  public UserCredentialsvalidation() {
  // TODO Auto-generated constructor stub
  public void prepareStub(Stub stub,String username,String password) throws Exception {
  List<ClientUNTCredentialProvider> credProviders = new ArrayList<ClientUNTCredentialProvider>();
  System.out.println(" username >>> " + username.getBytes());
  System.out.println(" password >>> " + password.getBytes());
  credProviders.add(new ClientUNTCredentialProvider(username.getBytes(),
  password.getBytes()));
  System.out.println("setting standard wssec");
  stub._setProperty("weblogic.wsee.security.wss.CredentialProviderList",
  credProviders);
  System.out.println("Getting property from stub== " + stub._getProperty("weblogic.wsee.security.wss.CredentialProviderList"));
  @Override
  public void prepareStub(Stub port) throws Exception {
  // TODO Auto-generated method stub
  =========================================
  When I run the main program I am getting below exception
  Before calling subscribe presence ==
  Hi There here 2226678565
  Hi There here 333
  Hi There here 77
  java.rmi.RemoteException: SOAPFaultException - FaultCode {http://schemas.xmlsoap.org/soap/envelope/}Server FaultString Unable to add security token for identity FaultActor nullNo Detail; nested exception is:
  weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
  at com.bea.wlcp.wlng.ws.presence.PresenceConsumer_Stub.subscribePresence(PresenceConsumer_Stub.java:37)
  at Main.main(Main.java:62)
  Caused by: weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
  at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:355)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandler.java:115)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.java:100)
  at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandler.java:88)
  at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.java:309)
  at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:269)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(ClientDispatcher.java:213)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:150)
  at weblogic.wsee.ws.WsStub.invoke(WsStub.java:87)
  at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:337)
  at com.bea.wlcp.wlng.ws.presence.PresenceConsumer_Stub.subscribePresence(PresenceConsumer_Stub.java:32)
  ... 1 more
  Caused by: weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
  at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
  at weblogic.wsee.security.WssClientHandler.processOutbound(WssClientHandler.java:71)
  at weblogic.wsee.security.WssClientHandler.processRequest(WssClientHandler.java:55)
  at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:74)
  at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:141)
  at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:107)
  at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:132)
  ... 4 more
  ==========================================================
  I am working for 3 days to solve this issue, but helpless
  Please tell me I am going in right way , I read many forums and implemented different ways , but getting same problem, that too before calling webservice method .
  Do i need to do anything more apart from adding username and password parameters
  Please tell me the exact steps how to perform authentication with webservices
  Your answer will help me a lot .
  Thanks in Advance
  Regards
  Rajasekhar

  Please find the modified file Main.java
  import java.net.URI;
  import javax.xml.rpc.Stub;
  import javax.xml.ws.BindingProvider;
  import java.net.Proxy;
  import java.net.InetSocketAddress;
  import java.util.ArrayList;
  import java.util.List;
  import weblogic.webservice.wsdl.WsdlPort;
  import weblogic.wsee.connection.transport.http.HttpTransportInfo;
  import weblogic.wsee.jaxrpc.ServiceImpl;
  import org.csapi.schema.parlayx.common.v2_1.PolicyException;
  import org.csapi.schema.parlayx.common.v2_1.SimpleReference;
  import org.csapi.schema.parlayx.presence.consumer.v2_3.local.SubscribePresence;
  import org.csapi.schema.parlayx.presence.consumer.v2_3.local.SubscribePresenceResponse;
  import com.bea.wlcp.wlng.et.core.module.session_manager.GTUsernameTokenPolicy;
  import com.bea.wlcp.wlng.et.core.module.session_manager.SessionManagerService_Impl;
  import com.bea.wlcp.wlng.ws.presence.PresenceConsumer;
  import com.bea.wlcp.wlng.ws.presence.PresenceConsumerService_Impl;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManager;
  import com.bea.wlcp.wlng.ws.sessionmanager.SessionManagerService;
  import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
  import weblogic.xml.crypto.wss.WSSecurityContext;
  import weblogic.xml.crypto.wss.provider.CredentialProvider;
  @SuppressWarnings("deprecation")
  public class Main {
       @SuppressWarnings("unchecked")
       public static void main(String[] args) throws javax.xml.rpc.ServiceException,PolicyException{
       try{
       /*PresenceConsumerService_Impl pcs_impl = new PresenceConsumerService_Impl("http://localhost:8002/parlayx21/presence/PresenceConsumer?WSDL");
       //PresenceConsumer pc = (PresenceConsumer) pcs_impl.getPresenceConsumer();*/
       UserCredentialsvalidation gt = new UserCredentialsvalidation("sdpai","sdp");
       SimpleReference rf = new SimpleReference();
       rf.setCorrelator("correlatorid");
       rf.setEndpoint(URI.create("http://localhost:8002/PresenceConsumerService/services/PresenceConsumer"));
       rf.setInterfaceName("PresenceConsumer");
       SubscribePresence sb = new SubscribePresence();
       sb.setApplication("sdp");
       sb.setPresentity(URI.create("tel:1234"));
       sb.setReference(rf);
       System.out.println(" Before calling subscribe presence ==" );
       //SubscribePresenceResponse spr = pc.subscribePresence(sb);
       System.out.println(" Hi There here 2226678565");
       System.out.println(" Hi There here 333");
       //raja
       String strUrl = "http://localhost:8002/parlayx21/presence/PresenceConsumer?WSDL";
       Stub objStub = (Stub) new PresenceConsumerService_Impl().getPresenceConsumer();
       objStub._setProperty(javax.xml.rpc.Stub.USERNAME_PROPERTY,"sdpai");
       objStub._setProperty(javax.xml.rpc.Stub.PASSWORD_PROPERTY,"sdp");
       objStub._setProperty(javax.xml.rpc.Stub.ENDPOINT_ADDRESS_PROPERTY,strUrl);
       PresenceConsumer port = (PresenceConsumer) objStub;
       String returnVal = "";
       System.out.println(" Hi There here 77");
       SubscribePresenceResponse spr = port.subscribePresence(sb);
       System.out.println(spr);
       //ended here
            catch(Exception e)
                 e.printStackTrace();
  ==============================
  When I run the main program getting below exception
  port >>>>>
  port >>>>>com.bea.wlcp.wlng.ws.sessionmanager.SessionManager_Stub@19c0bd6
  username >>> [B@1cd280b
  password >>> [B@29ac
  setting standard wssec
  Getting property from stub== [[ClientUNTCredentialProvider: username=sdpai password=is set]]
  Before calling subscribe presence ==
  Hi There here 2226678565
  Hi There here 333
  Hi There here 77
  java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://schemas.xmlsoap.org/soap/envelope/}Server] FaultString [Unable to add security token for identity] FaultActor [null]No Detail; nested exception is:
       weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
       at com.bea.wlcp.wlng.ws.presence.PresenceConsumer_Stub.subscribePresence(PresenceConsumer_Stub.java:37)
       at Main.main(Main.java:62)
  Caused by: weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Unable to add security token for identity
       at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:355)
       at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandler.java:115)
       at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.java:100)
       at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandler.java:88)
       at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.java:309)
       at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:269)
       at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(ClientDispatcher.java:213)
       at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:150)
       at weblogic.wsee.ws.WsStub.invoke(WsStub.java:87)
       at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:337)
       at com.bea.wlcp.wlng.ws.presence.PresenceConsumer_Stub.subscribePresence(PresenceConsumer_Stub.java:32)
       ... 1 more
  Caused by: weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
       at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
       at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
       at weblogic.wsee.security.WssClientHandler.processOutbound(WssClientHandler.java:71)
       at weblogic.wsee.security.WssClientHandler.processRequest(WssClientHandler.java:55)
       at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:74)
       at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:141)
       at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:107)
       at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:132)
       ... 4 more

• Using Web Dynpro authentication for a Web Service call

  Hi all,
  I want to develop a Web Dynpro that calls a Web Service running on the same Web AS (7.0). The Web Dynpro will be integrated in a Portal. The web service that has to be called is automatically generated when we create a guided procedure :
  http://help.sap.com/saphelp_nw2004s/helpdata/en/44/44c59fd7c72e84e10000000a155369/frameset.htm
  In my Web Dynpro, I imported the WSDL of this WS and created a model.
  The first time I tried to call the WS in my Web Dynpro I got an authentication error :
  Service call exception; nested exception is: com.sap.engine.services.webservices.jaxrpc.exceptions.InvalidResponseCodeException: Invalid Response Code: (401) Unauthorized. The requested URL was:"http://<myHostName>:50100/GPRuntimeFacadeWS/GPProcessExposing?style=document&pid=CA544E9B629A11DB91480017A48D672A&pver=0.5"
  So I hard-coded an HTTP authentication :
       model._setUser("myWASuser");
       model._setPassword("myPassword");
  And the Web Service call now works.
  Now the next step is that the WS call is made by the user that runs the Web Dynpro. So I found this documentation :
  http://help.sap.com/saphelp_nw04/helpdata/en/59/e8e95d1eba48dfa86ae91ad8816f5d/frameset.htm
  It would resolve my authentication problem, AND the transport issue : at the moment the Web Service URL is stored in the Logical Port of the WD model, and at transport time, a rebuild of the WD project will be needed.
  So I applied what is said in the doc : from the point of view of the Web Service consumer, I just had to add :
      model._setHTTPDestinationName("STARTGP");
  (where STARTGP is the name of the destination I created in the Visual Administrator with a "Logon Ticket" authentication.)
  before the execute(), and I removed my hardcoded authentication.
  Unfortunately, nothing changes... I still get a 401 authentication error.
  Does anyone have an idea about this ? Or maybe a workaround ?
  Thanks in advance for any suggestion.
  Regards,
  Julien

  Hello Julien,
  I have a scenario similar to yours. A client webdynpro application accessing a EJB methods exposed as web service. Those EJB's methods calls R3 RFC's. The client requirements' was to allow SSO through all the layers (Webdynpro -> EJB WS -> RFC). The Webdynpro and EJB's are deployed on the same WAS.
  Solution:
  1 - Create a RFC Destination on Visual Administration provide the R3 connection parameters and set the Authentication for "Current User (Logon Ticket)". Save your Destination;
  2 - In your EJB Project open your Web Service Configuration, on the Security page, set:
      Authentication Mechanism: HTTP Authentication
      Basic (username/password)
      Use SAP Logon Ticket
  3 - In your EJB, implement the following code to create JCO Client for the RFC invocations:
  Object obj = ctx.lookup(DestinationService.JNDI_KEY);
      DestinationService dstService = (DestinationService) obj;
      RFCDestination dst = (RFCDestination) dstService.getDestination("RFC", "<YOUR_RFC_DESTINATION_NAME>");
      Properties jcoProperties = dst.getJCoProperties();
      JCO.Client jcoClient = JCO.createClient(jcoProperties);
  4 - In your EAR Project, open your "application-j2ee-engine.xml" and add the References:
       "tc/sec/destinations/service" as Service
       "tc/sec/destinations/interface" as Interface.
  5 - Create your EAR File and Deploy;
  6 - Check if the web service now requires Authentication: go to http://<host>:<port>/index.html and click on Web Services Navigator. Test your Web Service. Your Web Service should requiere you to log in before execute the test;
  7 - Go back to your Visual Administrator and create a HTTP Destination. Provide your WS URL (should be something like "http://<host>:<port>/<WS_NAME>/Config1?style=document"). Choose Authentication: Logon Ticket. Save your Destination;
  8 - Go to your webdynpro project, import your WS Model. (If you have already created it, you have to delete it and import it again, refer to this blog on how to reimport WS Models: /people/bertram.ganz/blog/2005/10/10/how-to-reimport-web-service-models-in-web-dynpro-for-java  How To Reimport Web Service Models in Web Dynpro for Java );
  9 - Open your model's Logical Ports node, go to the Security tab, and choose "Use SAP Logon Ticket";
  10 - In your webdynpro code, before you call the ws invocation (should be something like that: <YOUR_NODE_DEFINITION>.modelObject().execute();), include the following line:
  <YOUR_NODE_DEFINITION>.modelObject()._setHTTPDestinationName("<YOUR_HTTP_DESTINATION_NAME>");
  11 - Save All Metadata and deploy your Webdynpro App. Test your results.
  I hope it helps you, as the documentation on how to implement this scenario is scattered through the SDN and all the SAP help portal.
  Best regards,
  Paulo.

• How to configure a Proxy in OSB with Digest Authentication?

  Hello, Guys.
  I need a help with this subject.
  I have a demand to configure a Proxy in OSB 11.1.1.6 with Digest Authentication. I'm using a Embedded Ldap with Identity Asserter.
  I'have configured a DefaultAuthenticator and the DefaultIdentityAsserter to support Digest Password and create a new LdapIdentityAsserter pointing to my embedded Ldap.
  When I'll create a new Proxy, in the security options, i can see the digest options to authenticate my username and password. I selected the one of all the options, but in the time of the Proxy test the authentication didn't work.
  Could anyone help me?
  Thanks you.

  Unfortunately, a reference trigger can't be used for continuous acquisition after the trigger. The maximum post-trigger count is either 2^24 or 2^32 depending on your hardware. Depending on your sampling rate and how many samples you expect to acquire before issuing a software stop, using the max post-trigger count may be sufficient for you. There are a couple of other options I can think of that you might want to try:
  1.) If possible, play with the trigger condition such that it occurs at the start of your pre-trigger data and use it as a start trigger instead. I suspect this may not be possible.
  2.) Set up a continuous acquisition and implement detection of the trigger condition through software. This is more software work and is more CPU intensive than the hardware solution, but it can definitely be made to work.
  3.) With some creative use of the counters, you may be able to latch the sample clock number that trigger occurred on. This would allow you to setup a continuous acquisition and use the hardware to tell you where the trigger occurred instead of figuring it out in software. What I'm thinking is you would set up a buffered event counting task with the ai/SampleClock as the timebase source of the counter and the trigger signal as the sample clock of the counter. By reading the first count value, you should know which AI sample the trigger occurred. From there, you can seek to the right position in the buffer and begin reading data indefinitely.
  Good luck!

• Authentication for ADS

  hi,
  I am setting authentication for ADS. When i click on Webservice security, under services, i get "Error while loading service web service security" in visual admin.
  Can you also add a point as to why do we need ads authentication.

  I was accessing Visual Administrator thorugh my local file (by Pasting the server directories ) system and connecting to a remote server.hence i had issues.
  Solution is to access visual admin directly from the server where it is installed.

• User Authentication for Web Services

  Hi,
  I am developing a web services that resides in Intranet. Thus, would like to implement application layer of user authetication, i.e. to match the input user name and password against Database record through a web service logon() method. If authentication is passed, the client program is allowed to call subsequence web service methods, else exception needs to be thrown when calling subsequence methods.
  As understand that each method call to web services is treated seperately. Thus, how can we implement the authentication so that the client program only passes in the user name and password at once through logon() method, instead of perfoming the authentication for each method?
  Appreciate the advice. Thanks.

  Hi,
  But, I need to develop the web services logon method using WSDL which generated the LogonBindingImpl.java, instead of web services using EJB bean.
  Besides, the Web Service logon method (LogonBindingImpl.java) need to accept the input user name and password to check with the user name and password that stored in database table through the EJB bean. If checking successful, client program is allowed to invoke other WebServices method, else login failed exception need to be thrown when client calling other web services methods.
  Appreciate the advice here on how to achieve that. Thanks.

• HTTP Digest Authentication in Weblogic Server ?

  I understand that Weblogic Server 10.3.0.0 does not have declarative support for HTTP Digest Authentication. In that case, what are the alternatives to do HTTP Digest Authentication on the server ?
  Edited by: user566628 on Sep 19, 2008 1:47 PM

  I would open a support case to get clarification on whether DIGEST is supported. According to the WLS 8.1 book I found on google, it looks like it may have been supported in 8.1:
  http://books.google.com/books?id=TiAKHpPHpHIC&pg=PA836&lpg=PA836&dq=WebLogic+Digest+Authentication&source=web&ots=ciJMQOXm2q&sig=oJGOs-J5snfFGt_hWSPi-FXyERQ&hl=en&sa=X&oi=book_result&resnum=10&ct=result
  If that is the case, it is unlikely that they removed it, it just may not be documented well as it is very uncommon.

• DIGEST authentication support

  I have noticed that neither SunONE nor weblogic support DIGEST authentication. Tomcat appears to have spotty support as well.
  Digests should be supported by all browsers that use HTTP 1.1, but yet the servlet spec makes it an optional item for web container implementors. I would love to have a good way to hide passwords entered from the browser without going whole hog (SSL).
  Does anyone know why DIGEST isn't better supported by containers?

  I'm not sure but I don't believe so.
  Paul
  On Fri, 29 Jun 2001 13:26:58 -0400, "Alex" <[email protected]> wrote:
  Does WLS 5.1 support DIGEST authentication?
  Alex
  [email protected]