EJB3 Web Service - basic authentication

Similar Messages

• Web service basic authentication

  I'm trying to setup a web service manually and I have the WSDL. I want to try to leverage the basic authentication option but the controls to activate this for the manual web service definition are disabled. Anyone have any idea why? Or better yet, how to enable them?
  Earl

  The username name bassword is for HTTP Basic Authentication. I am not sure that your Web service is requesting basic authentication. It looks like it is expecting credentials to be passed in the SOAP header.
  If that is the case, the WSDL should describe what the parameters in the SOAP header should be. Can you post the WSDL?

• How to use Axis to access a web service through Authentication  proxy

  Using axis access internat web service is success,but access a web service through Authentication proxy is failure.But other java classes connect through a proxy to the internet which works very well:
  please help me ,thank you!!!
  import org.apache.axis.client.Call;
  import org.apache.axis.client.Service;
  import javax.xml.namespace.QName;
  //this is my access webservice faliure   codes
  public class TestClient
     public static void main(String [] args) {
         try {
              System.getProperties().setProperty("http.proxySet", "true");
              System.getProperties().setProperty("http.proxyHost","proxy.com");
              System.getProperties().setProperty("http.proxyPort", "8080");
              System.getProperties().setProperty("http.proxyUser", "username");
              System.getProperties().setProperty("http.proxyPassword","password");
             String endpoint =
                      "http://nagoya.apache.org:5049/axis/services/echo";
             Service  service = new Service();
             Call     call    = (Call) service.createCall();
             call.setTargetEndpointAddress( new java.net.URL(endpoint) );
             call.setOperationName(new QName("http://soapinterop.org/", "echoString") );
             String ret = (String) call.invoke( new Object[] { "Hello!" } );
             System.out.println("Sent 'Hello!', got '" + ret + "'");
         } catch (Exception e) {
             System.err.println(e.toString());
     }I get an "(407)Proxy authorization required" error?

  I am also looking for a solution. Does any one know how to do through code instead of jvm settings?
  Thanks in advance!

• Issue with calling external web service with authentication details ...

  Hi,
       I am facing a deployment issue with Oracle ESB. I am trying to call an external Web Service with authentication from ESB SOAP Service. It is working fine with my local ESB version 10.1.3.3.0 Build PCBPEL_10.1.3.3.0_GENERIC_070615.0525; however it is getting an error at our development ESB version 10.1.3.3.1 Build PCBPEL_10.1.3.3.1_GENERIC_RELEASE.
       I am getting following error.
  An unhandled exception has been thrown in the ESB system. The exception reported is: "org.collaxa.thirdparty.apache.wsif.WSIFException: exception during SOAP invoke: Server was unable to process request. ---> Object reference not set to an instance of an object.; nested exception is: javax.xml.rpc.soap.SOAPFaultException: Server was unable to process request. ---> Object reference not set to an instance of an object. at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.populateFaultMessage(WSIFOperation_JaxRpc.java:3086) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeOperation(WSIFOperation_JaxRpc.java:1728) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.invokeRequestResponseOperation(WSIFOperation_JaxRpc.java:1473) at com.collaxa.cube.ws.wsif.providers.oc4j.jaxrpc.WSIFOperation_JaxRpc.executeRequestResponseOperation(WSIFOperation_JaxRpc.java:1196) at oracle.tip.esb.server.common.wsif.WSIFInvoker.executeOperation(WSIFInvoker.java:867) at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(WSIFInvoker.java:770) at oracle.tip.esb.server.common.wsif.WSIFInvoker.nextService(WSIFInvoker.java:790) at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.nextService(OutboundAdapterService.java:208) at oracle.tip.esb.server.service.impl.outadapter.OutboundAdapterService.processBusinessEvent(OutboundAdapterService.java:127) at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatchNonRoutingService(InitialEventDispatcher.java:118) at oracle.tip.esb.server.dispatch.InitialEventDispatcher.dispatch(InitialEventDispatcher.java:95) at oracle.tip.esb.server.dispatch.BusinessEvent.raise(BusinessEvent.java:1424) at oracle.tip.esb.utils.EventUtils.raiseBusinessEvent(EventUtils.java:112) at oracle.tip.esb.server.service.EsbRouterSubscription.onBusinessEvent(EsbRouterSubscription.java:307) at oracle.tip.esb.server.dispatch.EventDispatcher.executeSubscription(EventDispat
       Could one of you please help me out to understand why it is happining.
  Thanks in advance.
  Jyotirmoy.

  Hi Mahesh,
  One you are missing is authentication token or credentials.
  Please refer to the following articles.
  http://www.cleverworkarounds.com/2014/02/05/tips-for-using-spd-workflows-to-talk-to-3rd-party-web-services/
  A Series of articles related to Web Service in SPD Workflow
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 1
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 2
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 3
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 4
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 5
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 6
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 7
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 8
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 9
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 10
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 11
  Trials or tribulation?
  Inside SharePoint 2013 workflows–Part 12
  Please don't forget to mark it answered, if your problem resolved or helpful

• How to access SOAP web service with authentication, HTTP basic Authentication

  Dear All
  i use Flash Builder 4.5, flex 4..1, i am developing a flex client to soap webservices hosted over Glassfish 2 Java server, the web services is protected by HTTP Basic Authentication, everythime i run my code , the prombt for username and password show up, i need to pass user name and password through action script, i followed the flollowing (but was for http web service, not soap) but really did not work.
  http://stackoverflow.com/questions/490806/http-basic-authentication-wi th-httpservice-objects-in-adobe-flex-air
  http://forums.adobe.com/message/4262868
  private function authAndSend(service:HTTPService):void
          var encoder:Base64Encoder = new Base64Encoder();
          encoder.insertNewLines = false; // see below for why you need to do this
          encoder.encode("someusername:somepassword");
          service.headers = {Authorization:"Basic " +encoder.toString()};                                               
          service.send();
  Also i noticed in debug mode, always that WARNNING raised up
  Warning: Ignoring 'secure' attribute in policy file from http://fpdownload.adobe.com/pub/swz/crossdomain.xml.  The 'secure' attribute is only permitted in HTTPS and socket policy files.  See http://www.adobe.com/go/strict_policy_files for details.
  any idea ?

  Hello,
  I don't know if this could help.
  Another way to connect to a web service by SOAP and WSDL is to click on the Data/Services panel, then click on "Connect to Data/Services" and then select the "Web Service" (WSDL) icon. This could help as well.

• Testing a secured Web Service (Basic -Username/Password)

  Hello,
     I configured security for a custom web service using [this |https://www.sdn.sap.com/irj/scn/index?rid=/library/uuid/e08627de-9816-2a10-02b7-cbd60f7e4b2c&overridelayout=true] . I configured section
  3.2 Configuring Document Authentication
                 Basic (Username/Password)
  How should I go about testing this. I tried using Web Service Navigator, I get this error:
  00118565098B00220000011400001D8C00047182FEC71535 : Authentication using a wsse:Username token failed. The error was com.sap.security.core.ws.wss.NoSecurityHeaderException No wsse:Security header has been defined for role soap:finalActor. Please verify the policy configuration..

  Please download tutorial bundle from:
  http://java.sun.com/javaee/5/docs/tutorial/information/download.html
  some details about it:
  http://docs.sun.com/app/docs/doc/819-3669/gfiud?a=view
  You can try examples after downloading zip file :
  The zip file also contains a documentation e.g. pdf file.
  There you can find more info.
  Here is one chapter from doc.
  Example: Basic Authentication with JAX-WS
  This section discusses how to configure a JAX-WS-based web service for HTTP basic
  authentication. When a service that is constrained by HTTP basic authentication is requested,
  the server requests a user name and password from the client and verifies that the user name
  and password are valid by comparing them against a database of authorized users.
  Regards Miro

• Oracle UCM - Web Services and Authentication

  Hello all...
  Easy question...
  Can you call UCM Web Services anonymously? Basically with "guest" rights? If so, any examples how...? I'm using VB.NET
  More complicated question and advice seeking...
  I am trying to create an ASP.NET form that will send an email with a content item as an attachment. I was going to attempt to use the web services to get the document info and actual files, and then use ASP to fire off the email. The user will either be logged into our site with (ExtranetLook component) valid credentials, or be viewing the site as guest/anonymous. As far as I can figure, I can only call the web services if I have some kind of authentication... I cannot call it w/o any auth, and I cannot somehow pass in the currently logged in users authentication credentials to the service... I really need to know the username/password, or use Windows Authentication (which is not possible on this public site). Any suggestions for how I can get around this problem?
  Thanks,
  Dave

  No resolution here... it seems if we want to do this, we need to create an admin web service account, but that takes the users security out of the picture and we don't want to do that. We're looking into some alternatives here, but I'm sure that's not going to help you. Sorry.

• Issue in accessing Client Web Service 401 authentication error

  Hi,
  I have a requirement where i need to call a web service from SOA composite. When i deploy the service on SOA Server and try accessing it i get below error
  **oracle.fabric.common.FabricException: Cannot read WSDL "{http://www.service-now.com}ServiceNow_u_incident" from Metadata Manager.: Error in getting XML input stream: https://XXXXXXX.service-now.com/incident.do?WSDL: Response: '401: Unauthorized' for url: 'https://XXXXXXXX.service-now.com/incicdent.do?WSDL'**
  If i go from broweser and hit the url it asks for my ldap / windows credential.
  My question is how to i pass these credentials from Composite.
  sample service
  https://demo.service-now.com/incident.do?WSDL
  Shirish

  To pass HTTP Basic Auth from an External Reference in a composite_
  Set up in the EM
  1. Create the credentials in the EM
  - In the EM Weblogic Domain > right click the domain name
  - Choose Security > Credentials
  2. Create an oracle.wsm.security map
  This is where the http token details are held
  - If the oracle.wsm.security does not exist create one (Create Map)
  - call it oracle.wsm.security
  3. Create the Key
  - Click create Key
  - Enter the following values
       Select Map -> oracle.wsm.security
       Key -> Key name
       Type -> Password
       Username -> << basic auth username required >>
       Password -> << basic auth password required >>
       Description -> Clear text description
  Note : Make the key name specific to the service you are accessing i.e. basic.credentials.sitea.demo
  Secure the Reference Partner Link
  In JDeveloper
       Open the composite that needs securing
       Right click on the external reference
       Select Configure WS Policies
       For Security, click the + button
       Select the oracle/wss_http_token_client_policy entry
       Select this and click the pencil button to edit the Override Value.
       In the override value column (csf-key), enter the credential key name you wish to use. i.e. basic.credentials.sitea.demo
  Deploy the service, and this will now be secured against the Basic Auth.
  This does not address SSO / Windows AD integration from the client, this is where a Web Service is protected by basic auth. If you need to integrate with AD as SSO etc then you will need to configure Kerberos. That is a much bigger explaination that you will probably find on the Net.
  Good luck
  Edited by: rodhiggins on 28/05/2013 22:52

• How to set up User id and Password for Web services or authentication

  Hi ,
  I am new to web services . I have created a new Web service in SAP , and while creating Service defination , set the Authentication as LOW for server proxy .Then created End-point in SOAMANAGER with USREID/PWS requried .This WSDL i am planning to share with Third party to call from Java application.
  But my web service checks for authorization which needs to be set up to allow the user id and pws .
  So question is how do i pass my user id and pws as i do not see this WSDL with User id and pws option displayed for me when i test this using SOAP UI .I saw some of WSDL with tag "AuthHeader" with user id and pws tags in them .So how could i get them ?
  Or requirement is that my Third party should be able to access my Web service in PRD and also be able to have authorization to auth object embedded in FM inside service defination .So how is this acheived ?
  Thanks,
  Sitaraman

  Hi,
  After creation of WSDL , you will get URL lkie http://idessapdev.ad.infosys.com:8000/index.html.
  For this URL your third party system need sto add id and pwd for accessing like http://idessapdev.ad.infosys.com:8000/index.html&userid = 111&pwd= wwgw.
  this is not the exact syntax. you can check with your third party system for this URL.
  Regards,
  Lokeswari.

• Get or set security credentials for XML web service client authentication

  Dear,
  I wrote a custom asp.net web service that acts as a wrapper for the taxonomyclientservice.asmx in sharepoint 2010.
  ON my local machine, the following code works:
    using (Taxonomy.Taxonomywebservice TaxonomyClient = new COSMOS_Taxonomy.Taxonomywebservice())
  TaxonomyClient.Credentials = new NetworkCredential("username", "pass", "domain");
  TaxonomyClient.PreAuthenticate = true;
  etc..
  The authentication works when i provide the user credentials.
  the problem is when i deploy the webservice to my production env. I dont know the owner of the metadata term store and its out of the question to get the username and password.
  when i try to run this code on my local machine:
  TaxonomyClient.Credentials = System.Net.CredentialCache.DefaultCredentials;
  i get this error:
  System.Net.WebException: The request failed with HTTP status 401: Unauthorized.
  at System.Web.Services.Protocols.SoapHttpClientProtocol.ReadResponse(SoapClientMessage message, WebResponse response, Stream responseStream, Boolean asyncCall)
  at System.Web.Services.Protocols.SoapHttpClientProtocol.Invoke(String methodName, Object[] parameters)
  at COSMOS_TermSet.COSMOS_Taxonomy.Taxonomywebservice.GetTermSets(String sharedServiceIds, String termSetIds, Int32 lcid, String clientTimeStamps, String clientVersions, String& serverTermSetTimeStampXml)
  at COSMOS_TermSet.CustomWebService.GetCountryTermSet()
  How can i fix this.
  Many thanks in advance

  Hi Roni,
  Based on your description, the error occurred when using the DefaultCredential in the code.
  I recommend to check if the “<identity impersonate="true"></identity>” is included in web.config file.
  If not, add it to web.config file to see if the issue still occurs.
  Best regards.
  Thanks
  Victoria Xia
  TechNet Community Support

• Web service client authentication problem

  I applied security role to deployed web services. When I use clientgen to generate client stub or using java client to get WSDL, I got authentication error asking for username and password.
  This only happens when I use import in my WSDL file to import other schema files. I think the authentication process happened when retrieving wsdl file, but not import schema files.
  Is this some kind of BEA bugs or known issue?
  Any advice is appreciated.

  Yes, this is a problem. It should be fixed in upcoming release. The work around is embeding the schema to WSDL or run clientgen against a local copy.

• Web Services with Authentication - User Name and Password.

  How to create a web service and web service client where the need is to authenticate using SOAP Header based authentiacation. The authentication is to be based on UserName and Password in the SOAP Header.
  Regards
  Pramod.

  Dear Pierluigi Vernetto
  What is meant when they say to include SOAPHeader with the parameters UserName, Password for Authentication. How this type of authentication is done.Can you please provide some code snipped to facilitate. I am new to the web services and did successfully a web service generation and client generation using WSDL.
  WSDL Snippet :
  - <wsdl:operation name="RegisterService">
  <soap12:operation soapAction="http://www.abc.com/webservices/RegisterService" style="document" />
  - <wsdl:input>
  <soap12:body use="literal" />
  <soap12:header message="tns:RegisterServiceAuthenticate_Info" part="Authenticate_Info" use="literal" />
  </wsdl:input>
  - <wsdl:output>
  <soap12:body use="literal" />
  </wsdl:output>
  </wsdl:operation>
  - <wsdl:types>
  - <s:schema elementFormDefault="qualified" targetNamespace="http://www.abc.com/webservices/">
  - <s:element name="RegisterService">
  - <s:complexType>
  - <s:sequence>
  - <s:element minOccurs="0" maxOccurs="1" name="InputText">
  - <s:complexType>
  - <s:sequence>
  <s:any />
  </s:sequence>
  </s:complexType>
  </s:element>
  </s:sequence>
  </s:complexType>
  </s:element>
  - <s:element name="RegisterServiceResponse">
  - <s:complexType>
  - <s:sequence>
  - <s:element minOccurs="0" maxOccurs="1" name="RegisterServiceResult">
  - <s:complexType>
  - <s:sequence>
  <s:any />
  </s:sequence>
  </s:complexType>
  </s:element>
  </s:sequence>
  </s:complexType>
  </s:element>
  <s:element name="Authenticate_Info" type="tns:Authenticate_Info" />
  - <s:complexType name="Authenticate_Info">
  - <s:sequence>
  <s:element minOccurs="0" maxOccurs="1" name="UserName" type="s:string" />
  <s:element minOccurs="0" maxOccurs="1" name="Password" type="s:string" />
  </s:sequence>
  <s:anyAttribute />
  </s:complexType>
  If i simply create the web service using the WSDL , will the Authenticate_Info will be taken care of.
  What needs to be done for the Client side .jsp code and how this information of UserName and Password will be passed while making the call to the web service.
  regards
  Pramod.

• Need an intro to java web services basics

  Do you have any link that would be good for the basics in java web services?
  Thanks ... J

  HTH
  http://java.sun.com/webservices/docs/1.1/tutorial/doc/

• WLS 10.3.3 - Web service - NTLM authentication

  Hi,
  We have generated web service proxy based on a wsld file for a .Net web service secured with NTLM authentication.
  Running the code that connects to the web service from a java class main method works fine, but when running the same code from a web application deployed on weblogic server (we have tried both integrated and standalone) we get the following error: com.sun.xml.ws.client.ClientTransportException: The server sent HTTP status code 401: Unauthorized.
  Is there something that we should set in weblogic?
  Regards,
  Delia

  Delia,
  We had exactly the same issue and it took ages to resolve! Oracle didn't have a solution so I knuckled down and eventually worked out a solution...
  When running your JAR under WLS you may have noticed that the exception looks like this:
  java.io.FileNotFoundException: Response: '401: Unauthorized' for url: 'http://+your.domain.here+/default.aspx'
  at weblogic.net.http.HttpURLConnection.getInputStream(HttpURLConnection.java:474)
  Notice that it is not using the java.net.HttpURLConnection as you might have expected (and your Java code explicitly imports!), rather it employs weblogic.net.http.HttpURLConnection and there lies the rub.
  As it turns out, it is easy to have your code force the use of the handler you desire.
  Instead of:
  HttpURLConnection http = (HttpURLConnection) new URL(+yourURL+).openConnection();
  Use:
  URL url = new URL(null, yourURL, new sun.net.www.protocol.http.Handler());
  HttpURLConnection http = (HttpURLConnection) url.openConnection();
  Regards,
  Jerome

• Jax-rpc web service basic auth

  Hi,
  We are trying to create a webservice client in weblogic 10.3. We need to be able to create a request with soap header that has username and password field of this kind:
  <soap:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" soap:mustUnderstand="1">
  <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:Username>my_username</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">my_password</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soap:Header>
  I think this is called the basic authentication where the username/password is sent in the SOAP header and is verified by the same username/password in the security realm of the server.
  We are trying to set the username and password by using the stub._setProperty(Stub.USERNAME_PROPERTY, "my_username") and stub._setProperty(Stub.PASSWORD_PROPERTY, "my_password") respectively but it is failing. We even trying capturing the SOAP request using tcpmon and we see that the soap header is empty.
  Any help will be greatly appreciated.
  Thanks,
  Aditya

  Further to what I have earlier said and something that I forgot to mention in my prev posting is that I have discarded the earlier stub._setProperty because I think that is not the right way to achieve what we want. We came across a client code which we were using in weblogic 8 to access the same server we are trying to access in our client code in weblogic 10, now. So the way they have done is:
  SecurityElementFactory factory = SecurityElementFactory.getDefaultFactory();
  Token userToken = factory.createToken(username, password);
  Security security = factory.createSecurity(null);
  security.addToken(userToken);
  WebServiceContext context = webservice_impl.context();
  WebServiceSession session = context.getSession();
  ses.setAttribute("weblogic.webservice.security.request", security);
  Now this is working in weblogic 8 but with weblogic 10, it gives me the error that I mentioned in my last post at WebServiceContext context = webservice_impl.context().
  No idea why is this happening.
  Thanks
  Aditya