How to add Security Token / Username/Password on WSDL?

Hello,
I have made a BPEL process i.e. exposed as a http WebService. I want to use Security Token on it. Because of Security reason I don't want anyone able to call my WebService unless they provide us the username and password.
Thanks.

See
Disabling
Remote Development Services
If you use Macromedia Dreamweaver MX or Macromedia HomeSite+ to
develop your applications, you can access a remote ColdFusion MX 7
server using HTTP. However, you must configure Remote Development
Services (RDS) in your integrated development environment (IDE),
and RDS must be enabled in ColdFusion MX 7. Using RDS, IDE users
can securely access remote files and data sources, build SQL
queries from these data sources, and debug CFML code.
Note: The ColdFusion Report Builder uses RDS for the Query
Builder and for charting support.
However, for security reasons, Macromedia recommends that you
disable RDS on a production server. To disable it, you must disable
the RDSServlet mapping.
You actually configure your data sources through the
ColdFusion Administrator (and I guess through Dreamweaver too,
although I have never used it myself), but RDS lets you work with
them. Bottom line, if you allow your developer access to ColdFusion
via RDS, then they will have all of the privileges that are allowed
to the data source for the account that is configured in the
ColdFusion administrator for that database.
Phil

Similar Messages

Claims Based Authentication SPSecurityTokenService.Issue() failed: The security token username and password could not be validated.

Please excuse the lousy table...Its late :-)
I have a multi-server SP2010 farm. Patched up to
Configuration database version: 14.0.6106.5002
My goal is to have a claims based web application that authenticated to ADAM for Extranet. I have configured the servers exactly to MSDN and technet specs (following this spec to the
letter (
http://technet.microsoft.com/en-us/library/ee806882.aspx) to allow the forms side of the web app to authenticate to ADAM.
IT WORKS IN DEV!!! , which is a single server farm. However, it does not work in production. I get the following:
Claims Auth log entries:
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
f2ut
Verbose
Authenticated with login provider. Validating request security token.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Using membership provider 'ADAMProvider'.
1:06:25 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Doing password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Verbose
Failed password check on '[email protected]'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
0
Unexpected
Password check on '[email protected]' generated exception: 'System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security
token username and password could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).'.
1:06:46 AM
w3wp.exe (0x0EDC)
0x1790
SharePoint Foundation
Claims Authentication
fo1t
Monitorable
SPSecurityTokenService.Issue() failed: System.ServiceModel.FaultException`1[Microsoft.IdentityModel.Tokens.FailedAuthenticationException]: The security token username and password
could not be validated. (Fault Detail is equal to Microsoft.IdentityModel.Tokens.FailedAuthenticationException: The security token username and password could not be validated.).
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
fsq7
High
Request for security token failed with exception: System.ServiceModel.FaultException: The security token username and password could not be validated.
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.ReadResponse(Message response)
at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst, RequestSecurityTokenResponse& rstr)
  at Microsoft.IdentityModel.Protocols.WSTrust.WSTrustChannel.Issue(RequestSecurityToken rst)
at Microsoft.SharePoint.SPSecurityContext.SecurityTokenForContext(Uri context, Boolean bearerToken, SecurityToken onBehalfOf, SecurityToken actAs, SecurityToken delegateTo)
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
8306
Critical
An exception occurred when trying to issue security token: The security token username and password could not be validated..
1:06:46 AM
w3wp.exe (0x1B34)
0x08A0
SharePoint Foundation
Claims Authentication
f2un
Verbose
Form authentication failed.
I have tried EVERYTHING (well, nt everything, I don’t have the fix I suppose).
I found plenty out there and nothing directly correlates with this issue.
I searched on all parts of the errors I got.
This contains an interesting blurb about setting up access for the apppool id correctly.
That’s not the case for me. It works in dev and the same id are used there.
http://sharepoint-2010-world.blogspot.com/2011/03/adam-forms-based-authentication-in.html
This was good but it doesn’t give specs on what the environment looks like:
http://social.msdn.microsoft.com/Forums/en/sharepoint2010general/thread/557143a6-4b36-4939-bb7f-d62a9335fd18
The was interesting…but I am patched up beyond the June 2011 CU so it’s a moot point:
http://social.technet.microsoft.com/Forums/en-US/sharepoint2010setup/thread/9b8368ef-c5e5-4ead-b348-7b2b5587cfc8
Any and all help would be greatly appreciated!

Hi.
You say its a multiserver farm, do you have more than one web server then?
If thats the case, have you tried accessing the site on each server directly?
Found this for you, maybe that can help?
Troubleshooting Exceptions: System.ServiceModel.FaultException`1
http://msdn.microsoft.com/en-us/library/bb907220.aspx
and this:
SharePoint 2010 Claims Authentication - The security token username and password could not be validated reoccurring every morning
http://social.technet.microsoft.com/Forums/pl-PL/sharepoint2010setup/thread/383f1f9b-5c4a-4e19-b770-2a54b7ab1ca1
and
This seems to be a good guide:
http://donalconlon.wordpress.com/2010/02/23/configuring-forms-base-authentication-for-sharepoint-2010-using-iis7/
Good luck
Thomas Balkeståhl - Technical Specialist - SharePoint - http://blksthl.wordpress.com

Unable to add security token for identity

Hi all,
I am trying to implement a web service with username token authentication. I have defined the ws -policies in the wsdl, and checked the Process Security Header checkbox in the proxy configuration. But when I invoke the proxy through test console and pass the full soap envelope , I am getting an "Unable to add security token for identity" error
This is how the soap header looks from the request document part of the test console:
     <soap:Header>
     <wsse:Security>
     <wsse:UsernameToken>
     <wsse:Username>xxxxx</wsse:Username>
     <wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">yyyyyy</wsse:Password>
     </wsse:UsernameToken>
     </wsse:Security>
     </soap:Header>
     <soap:Body>
I have configured the user at alsb security configuration and added an acces policy stating that the proxy can be accessed only by user "xxxx"
Please help
-Atheek

Mostafa ,
This points to a misconfiguration of your security. Possible causes are:
* There is not a valid RSA key to sign the SAML token with.
* The SAML CredentialMapper is missing
* There is no Relying Party (rp) configured for SAML Credential Mapper that matches your producer
* The producer is using User Name Token and you have no configured the DefaultCredentialMapper to allow for UserNameToken.
Good Luck,
Nate
Edited by: user650654 on Sep 9, 2008 4:31 AM

WS-Security and proxy service: Unable to add security token for identity

What the reason of "Unable to add security token for identity" fault in this situation (10.3.1):
I did simple "hello word" proxy service and tried to apply custom policy binding.
WS-Policy is next:
<wsp:Policy wsu:Id="WS-Policy-Siebel"
     xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
     xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <wssp:Identity
          xmlns:wssp="http://www.bea.com/wls90/security/policy">
          <wssp:SupportedTokens>
               <wssp:SecurityToken
                    TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken">
                    <wssp:UsePassword
                         Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" />
               </wssp:SecurityToken>
          </wssp:SupportedTokens>
     </wssp:Identity>
</wsp:Policy>
Process WS-Security is setted to "yes".
While debugging I see that all works fine - I can authenticate with defined credentials and breakpoints in proxy service flow works fine.
But at the end I get the fault:
Soap fault:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
<env:Header/>
<env:Body>
<env:Fault>
<faultcode>env:Server</faultcode>
<faultstring>Unable to add security token for identity</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
In console:
<09.06.2010 17:39:18 MSD> <Error> <OSB Security> <BEA-387023> <An error ocurred during web service security inbound response processing [error-code: F
ault, message-id: 1721282272521583996--57dc4ccc.1291cc2282d.-7fab, proxy: OSB Project WS-Security/WSSecurityService, operation: NewOperation]
--- Error message:
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header/><env:Body><env:Fault><faultcode>env:Server</faultcode><faultstring>Un
able to add security token for identity</faultstring></env:Fault></env:Body></env:Envelope>
weblogic.xml.crypto.wss.WSSecurityException: Unable to add security token for identity
at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(SecurityPolicyDriver.java:175)
at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:73)
at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(SecurityPolicyDriver.java:64)
at weblogic.wsee.security.WssServerHandler.processOutbound(WssServerHandler.java:88)
at weblogic.wsee.security.WssServerHandler.processResponse(WssServerHandler.java:70)
Truncated. see log file for complete stacktrace
Incoming soap message is:
<soapenv:Envelope      xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Header      xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsse:Security      soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken      wsu:Id="unt_TNNp0cBwU7HyPKoq" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>testuser</wsse:Username>
<wsse:Password      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">testuser</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soapenv:Body>
<wss:NewOperation      xmlns:wss="http://www.troika.ru/Enterprise/WSSecurityService/">
<in>string</in>
</wss:NewOperation>
</soapenv:Body>
</soapenv:Envelope>
Edited by: Andrey L. on Jun 9, 2010 5:55 PM

I thought you were getting that exception when accessing the proxy.
No. Authentification works fine. Proxy body works fine. But at the end of proxy appears the exception.
Sorry for my english - I tried to show this situation on image: http://imglink.ru/show-image.php?id=9c0e0c1719f00289faf11696c6703bc3
Are you getting this exception when routing to a business service which is configured for WS-Security ??
I don't use business service in this test project - only simple proxy service with all logic inside.
PS transformation in replace action is very simple too:
(:: pragma bea:global-element-parameter parameter="$newOperation1" element="ns0:NewOperation" location="WSSecurityService.wsdl" ::)
(:: pragma bea:global-element-return element="ns0:NewOperationResponse" location="WSSecurityService.wsdl" ::)
declare namespace ns0 = "http://www.troika.ru/Enterprise/WSSecurityService/";
declare namespace xf = "http://tempuri.org/OSB%20Project%20WS-Security/Hello/";
declare function xf:Hello($newOperation1 as element(ns0:NewOperation))
as element(ns0:NewOperationResponse) {
<ns0:NewOperationResponse>
<out>Hello, { data($newOperation1/in) }!</out>
</ns0:NewOperationResponse>
declare variable $newOperation1 as element(ns0:NewOperation) external;
xf:Hello($newOperation1)
Edited by: Andrey L. on Jun 10, 2010 12:21 PM

How to get security token from header?

How can I generally access to the header information of the soap envelope of the ws request in a soa suite (11.1.1.6.0) component?
(I need for the wsse Security token /username and password/ and addressing information in my composite. I need an own algorithm of authentication to use and implement.)
I use BPEL process now, and found bpelx:headerVariable probably for that, but in JDeveloper expression builder there is no option for that in BPEL Extension Functions.
Thanks

pblock_findval("proxy-ip", rq->headers)

Exception: Unable to add security token for identity

Hi Friends,
I was trying to add SAML tokens(Sender-Voucher Profile) to my web services. I configured WLS and ALSB with all Authentication settings but I get a SOAPFaultException when i run the client.
javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for identity
I tried the following samples:
https://codesamples.projects.dev2dev.bea.com/servlets/Scarab/remcurreport/true/template/ViewIssue.vm/id/S10/eventsubmit_dosetissueview/foo/resultpos/-1/nbrresults/0/action/ViewIssue/tab/2/readonly/false
https://codesamples.projects.dev2dev.bea.com/servlets/Scarab/remcurreport/true/template/ViewIssue.vm/id/S203/nbrresults/39
Is there any configuration on WLS that needs to be verified when we get this Exception "Unable to add security token for identity"??
Any help is appreciated in this regard.
Thanks,
Kiran

Hello Kiran,
Is this problem resolved?. I am facing the same problem when i was trying to call a service .
The exception i got is as follows:
(D-113003875) server (IBwlpAdminServer) Method (com.zurich.ep.global.produc
metadata.impl.ProductMetaDataServiceImpl.getAllProducts:234) ==> Host (D-113003
75) server (IBwlpAdminServer) Method (com.zurich.ep.service.delegate.AbstractEx
eptionHandler.logException:67)
om.zurich.ep.exception.ServiceFailureException: SOAPFaultException - FaultCode
{http://schemas.xmlsoap.org/soap/envelope/}Server] FaultString [Unable to add s
curity token for identity] FaultActor [null]No Detail; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for
dentity
at com.zurich.ep.global.productmetadata.impl.ProductMetaDataServiceImpl.
etAllProducts(ProductMetaDataServiceImpl.java:234)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
ava:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
orImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.zurich.ep.service.delegate.ServiceDelegateProxy.invoke(ServiceDel
gateProxy.java:135)
at $Proxy62.getAllProducts(Unknown Source)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
ava:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
orImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.zurich.ep.service.delegate.ServiceAdapter.invoke(ServiceAdapter.j
va:97)
at $Proxy63.getAllProducts(Unknown Source)
at com.zurich.ep.global.productmetadata.v20090601.ProductMetaDataService
ortTypeImpl.getAllProducts(ProductMetaDataServicePortTypeImpl.java:119)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
ava:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
orImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at weblogic.wsee.component.pojo.JavaClassComponent.invoke(JavaClassCompo
ent.java:99)
at weblogic.wsee.ws.dispatch.server.ComponentHandler.handleRequest(Compo
entHandler.java:64)
at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
va:127)
at weblogic.wsee.ws.dispatch.server.ServerDispatcher.dispatch(ServerDisp
tcher.java:85)
at weblogic.wsee.ws.WsSkel.invoke(WsSkel.java:80)
at weblogic.wsee.server.servlet.SoapProcessor.handlePost(SoapProcessor.j
va:66)
at weblogic.wsee.server.servlet.SoapProcessor.process(SoapProcessor.java
44)
at weblogic.wsee.server.servlet.BaseWSServlet$AuthorizedInvoke.run(BaseW
Servlet.java:173)
at weblogic.wsee.server.servlet.BaseWSServlet.service(BaseWSServlet.java
92)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run
StubSecurityHelper.java:223)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecuri
yHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
:283)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.jav
:175)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationActio
.run(WebAppServletContext.java:3245)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
Subject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
21)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppS
rvletContext.java:2003)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletC
ntext.java:1909)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.j
va:1359)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:181)
aused by: java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://sch
mas.xmlsoap.org/soap/envelope/}Server] FaultString [Unable to add security toke
for identity] FaultActor [null]No Detail; nested exception is:
javax.xml.rpc.soap.SOAPFaultException: Unable to add security token for
dentity
at com.zurich.ep.service.delegate.AbstractExceptionHandler.logException(
bstractExceptionHandler.java:67)
at com.zurich.ep.service.delegate.client.WebServiceBusinessDelegate.invo
e(WebServiceBusinessDelegate.java:260)
at $Proxy61.getProductFunctionality(Unknown Source)
at com.zurich.ep.global.productmetadata.impl.ProductMetaDataServiceImpl.
etAllProducts(ProductMetaDataServiceImpl.java:201)
... 39 more
aused by: javax.xml.rpc.soap.SOAPFaultException: Unable to add security token f
r identity
at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:265)
at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandle
.java:106)
at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.jav
:91)
at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandle
.java:79)
at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.jav
:254)
at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.
ava:224)
at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(Clie
tDispatcher.java:161)
at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDisp
tcher.java:116)
at weblogic.wsee.ws.WsStub.invoke(WsStub.java:89)
at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:335)
at com.zurich.ep.global.chassisauthorisation.v20090601.ChassisAuthorisat
onServicePortType_Stub.getProductFunctionality(ChassisAuthorisationServicePortT
pe_Stub.java:145)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.
ava:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces
orImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:585)
at com.zurich.ep.service.delegate.client.WebServiceBusinessDelegate.invo
e(WebServiceBusinessDelegate.java:225)
... 41 more
aused by: weblogic.xml.crypto.wss.WSSecurityException: Unable to add security t
ken for identity
at weblogic.wsee.security.wss.SecurityPolicyDriver.processIdentity(Secur
tyPolicyDriver.java:175)
at weblogic.wsee.security.wss.SecurityPolicyDriver.processOutbound(Secur
tyPolicyDriver.java:73)
at weblogic.wsee.security.WssClientHandler.processOutbound(WssClientHand
er.java:69)
at weblogic.wsee.security.WssClientHandler.processRequest(WssClientHandl
r.java:53)
at weblogic.wsee.security.WssHandler.handleRequest(WssHandler.java:72)
at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
va:127)
at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.j
va:100)
at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDisp
tcher.java:101)
... 49 more
Thanks,
JK

How to add security for Azure Cloud Service?

Hi,
We have build some API's in azure cloud service.
We want to add security for Azure Cloud Service.
How to add security for Azure Cloud Service?

Hi Santhosh,
You may add security for your API's by using:
Mutual certificate authentication
Using OAuth 2.0
Manage developer accounts
Regards,
Manu Rekhar

How to add security credentials to SOAP header for EBS Web Service call..

All,
I am trying to invoke a webservice that I successfully exposed as a WSDL Web Service using EBS Integrated SOA Gateway. I am using OBIEE 11g Action Framework which uses WebLogic.
Here are the steps I completed:
- I exposed a WSDL web service in EBS R12 via Integrated SOA Gateway
- I granted the access to this service in EBS R12 to user SYSADMIN
- I used OBIEE 11g to make a Action to call the Web service (using Action Framework) by searching for the WSDL
- When I try to execute the action: I get the error:
Action could not be invoked.
ServiceExecutionFailure :
Error invoking web service HR_PHONE_API_Service at endpoint http://ip-10-87-33-3.ec2.internal:8000/webservices/SOAProvider/plsql/hr_phone_api/ Missing <wsse:Security> in SOAP Header
PROBLEM: I am unsure how to add the credentials for SYSADMIN user and password to add the SOAP username/pwd to the outgoing call. Anyone on this forum know how to set up the SOAP to call with the correct credentials? I have been looking at the documentation but it is not clearly explained.

Dear Heiko,
did you solve this problem?
We are facing the same problem. Every parameter that requries "cmd" does not work. I guess we don´t use this paramter the right way.
Best, Chris

How should my clients supply username + password ?

Hi,
I need to write a webService with authentication.
Namely: client applications must supply username + password ( which will be checked against our LDAP server ).
I'm new to this, so I'd appreciated it if someone could tell: how should my clients supply the password ?
- Is it customary to supply the username+password through standard HTTP headers (say, 'basic authentication') ?
- Or, is it handled by the webServices/security spec ? Does the < soap:Envelope > message structure keep a dedicated tag for user/password info ? Something like:
<soap:Envelope...>
< ! -- dummy tag! -- >
<login user='jelly' password='secret' />
</soap:Envelope...>
Thanks very much.

I have the same question. Have you figured this out yet?

How to get security token from a URL in BPM

Hi,
I need to get a security token from a url in a business process.
The URL is like:
https://services.sapo.pt/STS/GetToken?ESBUsername=test&ESBPassword=test1
If I paste it on the browser i get the token in the form:
<ESBToken>
a7d1cd4e20c9c1b437513d434abbfee83b1f8f32839b54e6632f2865631303b815547cf898...
</ESBToken>
What is the best way to get and map the token in an Integration Process in SAP XI? Is it possible by user defined function in mapping? How?
Thanks in advance.

I am not sure what you want to do!? Do you want to display the image file, save the image file? When you say you don't want it to exit, do you want it to be a persistant application?

How to use security token in WLS 9.2

I am using Workshop with Weblogic Server 9.2 to implement a Web services with security token (UsernameToken). I have successfully create the web services by using @Policy(uri="Policy:Auth.xml", direction=Policy.Direction.inbound). I use the default authentication provider and SOAP login is fine now. The question for me is how can I get back the userid in my server side program of the authenticated user?
Example:
@WebService
@Policy(uri="Policy:Auth.xml", direction=Policy.Direction.inbound)
public class WebServiceServer implements Serializable{
public String getLoginUserID(){
String user = <sometime method call to get the authenticated user id>;
return userid;
Please help and many thanks in advance.

Hi Christian_nor,
The current version of the Modbus LabVIEW Library is only officially supported in LabVIEW 7.1, but can be manually installed in LabVIEW 8.0 and later. The installer for the current version of the Modbus LabVIEW Library looks in the Windows registry for the presence of LabVIEW 7.1, and will not install if the LabVIEW 7.1 registry key is not found.
The installer at this link will automatically place the nimodbus.mnu and NI Modbus.llb in the appropriate folders in the LabVIEW 8.2 directory. You should be able to edit the programs as normal in LabVIEW 8.2 once these files are installed in the LabVIEW 8.2 directory.
Let me know if you have any questions!
Chris R.
Applications Engineer
National Instruments

WSDL security policy username & password authentication

Hi,
I am creating a WS policies in WSDL for username & password authentication , below is what I am using:-
<wsdl:service name="echoService">
    <wsdl:port name="echoPort" binding="tns:echoBinding">
        <soap:address location="http://pponnala-tecra-xp.stc.com:18181/
         echoService/echoPort"/>
        <wsp:PolicyReference URI="#HttpBasicAuthBindingBindingPolicy"/>
    </wsdl:port>
</wsdl:service>
<wsp:Policy wsu:Id="HttpBasicAuthBindingBindingPolicy">
    <mysp:MustSupportBasicAuthentication on="true">
        <mysp:BasicAuthenticationDetail>
           <mysp:WssTokenCompare/>
        </mysp:BasicAuthenticationDetail>
    </mysp:MustSupportBasicAuthentication>
    <mysp:UsernameToken mysp:IncludeToken="http://schemas.xmlsoap.org/ws/
     2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
       <wsp:Policy>
            <sp:WssUsernameToken10>bobby</sp:WssUsernameToken10>
            <sp:WssPassword>${pass_token}</sp:WssPassword>
       </wsp:Policy>
</mysp:UsernameToken>
</wsp:Policy>
Here I need to pass the <Wsspassword> in the respective placeholder from the application. How we can pass
the respective password to the <sp:WssPassword>${pass_token}</sp:WssPassword>? I have hardcoded with some
valid password. But it is not working. What I am doing wrong here? Is there any way we can validate the authentication
in a better way in WSDL? Also clarify now we can pass the password in the respective pass_token placeholder?
Please clarify.
Thanks.

If you want the script to check whether the user successfully logged in. Go to tester's perspective, click on the POST request of the login and view HTML page response. There you should be able to see the page after successful login. Search and select an element that only appears after successful login, right click the test and create a variable. Use that variable to create a check after the POST request to let the script know whether it should continue or fail the script.

How to add security for webservice invoke

Hi All,
Please let me know how to invoke the webservice in BPEL process with security details.
Thanks,
Suresh

Hi Santhosh,
You may add security for your API's by using:
Mutual certificate authentication
Using OAuth 2.0
Manage developer accounts
Regards,
Manu Rekhar

How to check if the username/password can login?

Can I check if a username/password can login a db in pl/sql?
e.g. I have a sid @server1 and username/password as user1/password1.
Is there any function in pl/sql to check if user1/password1 can login server1?
I am using Oracle 8.1.6.
thx

if you are looking for a customized validation, you could use triggers. You can write triggers against database events such as
DATABASE LOGON event.
CREATE OR REPLACE TRIGGER <trigger name>
AFTER LOGON on DATABASE
BEGIN
. /* your customized validation goes here */
END;

How do I set no username / password in CE11?

I have written a report, and published it to Crystal Enterprise 11.
The report is based off a text file, and as such requires no username or password to access.
However, I have method of setting this up in CE11. Every option requires me to enter a username/password.
And, blanks do not suffice.
What can I do?

If the text file is in a shared network folder, you may need to provide a valid network login for the folder. Just a guess...
Jason

How to add Security Token / Username/Password on WSDL?

Similar Messages

Maybe you are looking for